random CAS app failures
Andrew Ralph Feller, afelle1
afelle1 at lsu.edu
Fri Oct 17 10:37:30 EDT 2008
John,
Have you looked into using AD + Kerberos instead of AD + LDAP? We have done
AD + LDAP in the past and currently do AD + Kerberos due to our AD
administrators preferences; also it doesn¹t require us to use a service
account. If interested in Kerberos, you should look into the
JaasAuthenticationHandler ( http://www.ja-sig.org/wiki/display/CASUM/JAAS ).
HTH,
Andrew
PS: You wouldn¹t happen to be at the Tucson branch of Raytheon by any chance
would you?
On 10/17/08 9:27 AM, "Scott Battaglia" <scott.battaglia at gmail.com> wrote:
> This seems to have popped up previously:
>
> http://tp.its.yale.edu/pipermail/cas/2008-July/008884.html
>
> Not sure if its the same problem though.
>
> -Scott
>
> -Scott Battaglia
> PGP Public Key Id: 0x383733AA
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>
>
> On Fri, Oct 17, 2008 at 10:17 AM, John M Stewart <JMStewart at raytheon.com>
> wrote:
>>
>> Greetings:
>>
>> We recently deployed CAS as our sso solution on Tomcat 6. During
>> development and testing it's worked fine but now after we've deployed we
>> are randomly getting failures where no one can login and the users get a
>> stacktrace after they enter their credentials with an AD LDAP error message
>> that looks like this:
>>
>> [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment
>> AcceptSecurityContext error, data 52e, vece]
>>
>> I say it's random because the app works fine for a day or two and then we
>> start getting this error and no one can login, but after I stop/start CAS
>> via the manager it works fine again. I know that the users are putting in
>> the right credentials. Has anyone else seen this behaviour with CAS + AD?
>> Thanks in advance!
>>
>> John Stewart.
>>
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
--
Andrew R. Feller, Analyst
Information Technology Services
200 Fred Frey Building
Louisiana State University
Baton Rouge, LA 70803
(225) 578-3737 (Office)
(225) 578-6400 (Fax)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20081017/8678fb89/attachment.html
More information about the cas
mailing list