CAS3.0[JASIG] in jboss4.0.2, requesting through http goes into infinite loop after submittingcredentials in login page

Andrew R Feller afelle1 at lsu.edu
Fri Jun 6 08:49:59 EDT 2008 

I am also experiencing this same problem in our test CAS cluster.

 

We want to upgrade our production machines to CAS 3.2.1, so we updated
our test cluster first to make sure everything was good, however the
machines would crash due to out of memory issues at random intervals.
Upon looking at the logs, it appears as someone was re-authenticating
every 4 seconds upon initial login due to visiting a CAS protected
application.

 

At first, I thought it might be our custom SWF state after
authenticationViaFormAction, so I reverted to the standard
login-webflow.xml that comes with CAS.  The problem still exists, so I
know it isn't due to an infinite loop there.

 

Next, I enabled Tomcat's AccessLogValve to log incoming HTTP requests.
Upon restarting the server and logging into CAS due to hitting the CAS
protected application, the Tomcat log shows an infinite loop of login
requests coming from somewhere.  However, as our server is behind a load
balancer, I need to talk with someone from our network infrastructure
group to give me the logs for the load-balanced URL to see who it is.

 

Can anyone think of what might be causing this?  Are there any
incompatibilities with CAS server 3.2 and older CAS clients?

 

Thanks!

 

Andrew R Feller, Analyst

University Information Systems

200 Fred Frey Building

Louisiana State University <http://www.lsu.edu/> 

Baton Rouge, LA, 70803

(225) 578-3737 (Office)

(225) 578-6400 (Fax)

 

________________________________

From: cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu]
On Behalf Of Suhasini C
Sent: Thursday, June 05, 2008 5:31 AM
To: cas at tp.its.yale.edu
Subject: CAS3.0[JASIG] in jboss4.0.2,requesting through http goes into
infinite loop after submittingcredentials in login page

 

Hi,

I have setup CAS3.0[JASIG] in jboss4.0.2,requesting through http goes
into infinite loop after submitting credentials in login page,but https
working fine.

I want to request through http .

find the attachments for server.log and client's security.xml and
web.xml

Even authentication happening succesfully

 

Please find the attachments for client[security.xml] and server
[deployerconfigContext.xml]configuration

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080606/9d0c6faf/attachment.html

More information about the cas mailing list