CAS3.0[JASIG] in jboss4.0.2, requesting through http goes into infinite loop aftersubmittingcredentials in login page
Andrew R Feller
afelle1 at lsu.edu
Fri Jun 6 09:33:05 EDT 2008
Hey Scott,
I agree that there shouldn't be any issues with older CAS clients that
support CAS2 protocol, so I am really thumping my head against the desk
here.
Do you have any thoughts of what could cause this?
Thanks,
Andy
Andrew R Feller, Analyst
University Information Systems
200 Fred Frey Building
Louisiana State University <http://www.lsu.edu/>
Baton Rouge, LA, 70803
(225) 578-3737 (Office)
(225) 578-6400 (Fax)
________________________________
From: cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu]
On Behalf Of Scott Battaglia
Sent: Friday, June 06, 2008 7:57 AM
To: Yale CAS mailing list
Subject: Re: CAS3.0[JASIG] in jboss4.0.2,requesting through http goes
into infinite loop aftersubmittingcredentials in login page
There shouldn't be. We use CAS 3.2.1 in production at Rutgers without
issues with clients ranging from PHP, Perl, Spring Security/Acegi, CAS
Client 3.1 and plain CAS Client 2.
-Scott
On Fri, Jun 6, 2008 at 8:49 AM, Andrew R Feller <afelle1 at lsu.edu> wrote:
I am also experiencing this same problem in our test CAS cluster.
We want to upgrade our production machines to CAS 3.2.1, so we updated
our test cluster first to make sure everything was good, however the
machines would crash due to out of memory issues at random intervals.
Upon looking at the logs, it appears as someone was re-authenticating
every 4 seconds upon initial login due to visiting a CAS protected
application.
At first, I thought it might be our custom SWF state after
authenticationViaFormAction, so I reverted to the standard
login-webflow.xml that comes with CAS. The problem still exists, so I
know it isn't due to an infinite loop there.
Next, I enabled Tomcat's AccessLogValve to log incoming HTTP requests.
Upon restarting the server and logging into CAS due to hitting the CAS
protected application, the Tomcat log shows an infinite loop of login
requests coming from somewhere. However, as our server is behind a load
balancer, I need to talk with someone from our network infrastructure
group to give me the logs for the load-balanced URL to see who it is.
Can anyone think of what might be causing this? Are there any
incompatibilities with CAS server 3.2 and older CAS clients?
Thanks!
Andrew R Feller, Analyst
University Information Systems
200 Fred Frey Building
Louisiana State University <http://www.lsu.edu/>
Baton Rouge, LA, 70803
(225) 578-3737 (Office)
(225) 578-6400 (Fax)
________________________________
From: cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu]
On Behalf Of Suhasini C
Sent: Thursday, June 05, 2008 5:31 AM
To: cas at tp.its.yale.edu
Subject: CAS3.0[JASIG] in jboss4.0.2,requesting through http goes into
infinite loop after submittingcredentials in login page
Hi,
I have setup CAS3.0[JASIG] in jboss4.0.2,requesting through http goes
into infinite loop after submitting credentials in login page,but https
working fine.
I want to request through http .
find the attachments for server.log and client's security.xml and
web.xml
Even authentication happening succesfully
Please find the attachments for client[security.xml] and server
[deployerconfigContext.xml]configuration
_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas
--
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080606/51427d06/attachment.html
More information about the cas
mailing list