Ticket registry cleaner
212 views
Skip to first unread message
wouldsmina
Nov 14, 2024, 8:43:31 AM11/14/24
to CAS Community
Hello,
I have set up CAS to perform a cleanup of the ticket registry (Redis), but at startup, I get a message saying that it is not enabled:
2024-11-14 14:26:21,575 INFO [org.apereo.cas.config.CasCoreTicketsSchedulingConfiguration] - <Ticket registry cleaner is not enabled to run on schedule. Expired tickets are not forcefully cleaned by CAS. It is up to the ticket registry itself to clean up tickets based on its own expiration and eviction policies.>
cas.properties :
cas.ticket.registry.cleaner.schedule.cron-expression=0 0 0 * * *
cas.ticket.registry.cleaner.schedule.enabled=true
CAS Version: 7.1.2
Java Version: 21.0.5
Tomcat Version: 10.1.6-1+deb12u2
I have set up CAS to perform a cleanup of the ticket registry (Redis), but at startup, I get a message saying that it is not enabled:
2024-11-14 14:26:21,575 INFO [org.apereo.cas.config.CasCoreTicketsSchedulingConfiguration] - <Ticket registry cleaner is not enabled to run on schedule. Expired tickets are not forcefully cleaned by CAS. It is up to the ticket registry itself to clean up tickets based on its own expiration and eviction policies.>
cas.properties :
cas.ticket.registry.cleaner.schedule.cron-expression=0 0 0 * * *
cas.ticket.registry.cleaner.schedule.enabled=true
CAS Version: 7.1.2
Java Version: 21.0.5
Tomcat Version: 10.1.6-1+deb12u2
Did I forget a parameter in the configuration ?
Wouldsmina.
Frédéric Dussurget
Nov 15, 2024, 8:20:02 AM11/15/24
to CAS Community, wouldsmina
Hi,
Correct me if I'm wrong but it looks as Redis caching is cleaning up objects on its own ... based on the ticket TTL
As I'm interested in this topic, I'll keep on an eye on following answers to get more accurate info ...
Regards,
wouldsmina
Nov 16, 2024, 12:14:24 AM11/16/24
to Frédéric Dussurget, CAS Community
Hi Frédéric,
it seems to me that the redis cache is in memory to improve performance. the expiration of the cache content is managed by redis itself, but the database content in the hard disk must be cleaned by a separate process... but this needs to be confirmed, I'm not sure what I'm saying.
Frédéric Dussurget
Nov 18, 2024, 11:36:21 AM11/18/24
to CAS Community, wouldsmina, CAS Community, Frédéric Dussurget
You are right about caching.
To go further, here's what Id did : I tried very short TTL (3 and 4 minutes TTL values for cas.ticket.tgt.primary.max-time-to-live-in-seconds
(TGT live on server) and cas.ticket.tgt.primary.time-to-kill-in-seconds (ticket destroy because of inactivity)
Default values are PT8H and PT2H
I logged in, got the TGT in my redis DB, and then, without any activity, 5 minutes mater, I can confirm that the TGT ticket was removed from redis DB.
cas.properties :
tgt:
core:
onlyTrackMostRecentSession: false
# primary.max-time-to-live-in-seconds: PT3H
primary:
max-time-to-live-in-seconds: PT4M
time-to-kill-in-seconds: PT1M
core:
onlyTrackMostRecentSession: false
# primary.max-time-to-live-in-seconds: PT3H
primary:
max-time-to-live-in-seconds: PT4M
time-to-kill-in-seconds: PT1M
Log file :
2024-11-18 14:22:55,152 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-11-18T13:22:55.152687835
WHO: frederic.dussurget
WHAT: TGT-1-****************sOTY41o-srv-cas-pp01
ACTION: TICKET_GRANTING_TICKET_CREATED
CLIENT_IP: 93.25.65.42
SERVER_IP: 127.0.0.1
=============================================================
>
2024-11-18 14:23:14,712 INFO [org.apereo.cas.services.mgmt.AbstractServicesManager] - <Loaded [3] service(s) from [RedisServiceRegistry].>
2024-11-18 14:23:24,818 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[0] expired tickets removed.>
2024-11-18 14:24:14,721 INFO [org.apereo.cas.services.mgmt.AbstractServicesManager] - <Loaded [3] service(s) from [RedisServiceRegistry].>
2024-11-18 14:25:14,731 INFO [org.apereo.cas.services.mgmt.AbstractServicesManager] - <Loaded [3] service(s) from [RedisServiceRegistry].>
2024-11-18 14:25:24,956 INFO [org.apereo.cas.logout.DefaultLogoutManager] - <Performing logout operations for [TGT-1-****************sOTY41o-srv-cas-pp01]>
2024-11-18 14:25:24,957 INFO [org.apereo.cas.logout.DefaultLogoutManager] - <[0] logout requests were processed>
2024-11-18 14:25:24,958 WARN [org.apereo.inspektr.common.spi.DefaultClientInfoResolver] - <No ClientInfo could be found. Returning empty ClientInfo object.>
2024-11-18 14:25:24,958 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-11-18T13:25:24.958127544
WHO: frederic.dussurget
WHAT: TGT-1-****************sOTY41o-srv-cas-pp01
ACTION: LOGOUT_SUCCESS
CLIENT_IP: unknown
SERVER_IP: unknown
=============================================================
>
2024-11-18 14:25:24,959 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[1] expired tickets removed.>
2024-11-18 14:26:14,739 INFO [org.apereo.cas.services.mgmt.AbstractServicesManager] - <Loaded [3] service(s) from [RedisServiceRegistry].>
=============================================================
WHEN: 2024-11-18T13:22:55.152687835
WHO: frederic.dussurget
WHAT: TGT-1-****************sOTY41o-srv-cas-pp01
ACTION: TICKET_GRANTING_TICKET_CREATED
CLIENT_IP: 93.25.65.42
SERVER_IP: 127.0.0.1
=============================================================
>
2024-11-18 14:23:14,712 INFO [org.apereo.cas.services.mgmt.AbstractServicesManager] - <Loaded [3] service(s) from [RedisServiceRegistry].>
2024-11-18 14:23:24,818 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[0] expired tickets removed.>
2024-11-18 14:24:14,721 INFO [org.apereo.cas.services.mgmt.AbstractServicesManager] - <Loaded [3] service(s) from [RedisServiceRegistry].>
2024-11-18 14:25:14,731 INFO [org.apereo.cas.services.mgmt.AbstractServicesManager] - <Loaded [3] service(s) from [RedisServiceRegistry].>
2024-11-18 14:25:24,956 INFO [org.apereo.cas.logout.DefaultLogoutManager] - <Performing logout operations for [TGT-1-****************sOTY41o-srv-cas-pp01]>
2024-11-18 14:25:24,957 INFO [org.apereo.cas.logout.DefaultLogoutManager] - <[0] logout requests were processed>
2024-11-18 14:25:24,958 WARN [org.apereo.inspektr.common.spi.DefaultClientInfoResolver] - <No ClientInfo could be found. Returning empty ClientInfo object.>
2024-11-18 14:25:24,958 INFO [org.apereo.inspektr.audit.AuditTrailManager] - <Audit trail record BEGIN
=============================================================
WHEN: 2024-11-18T13:25:24.958127544
WHO: frederic.dussurget
WHAT: TGT-1-****************sOTY41o-srv-cas-pp01
ACTION: LOGOUT_SUCCESS
CLIENT_IP: unknown
SERVER_IP: unknown
=============================================================
>
2024-11-18 14:25:24,959 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[1] expired tickets removed.>
2024-11-18 14:26:14,739 INFO [org.apereo.cas.services.mgmt.AbstractServicesManager] - <Loaded [3] service(s) from [RedisServiceRegistry].>
wouldsmina
Nov 18, 2024, 11:36:21 AM11/18/24
to Frédéric Dussurget, CAS Community
Your logs helped me analyze the problem a bit more. I see that before updating my CAS server to the latest version, I had logs like this:
/var/log/tomcat10/catalina.out-20241027.gz:[2024-10-22 20:23:20] [info] #033[32m2024-10-22 20:23:20,321 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[0] expired tickets removed.>#033[m
/var/log/tomcat10/catalina.out-20241027.gz:[2024-10-22 20:25:20] [info] #033[32m2024-10-22 20:25:20,327 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[0] expired tickets removed.>#033[m
/var/log/tomcat10/catalina.out-20241027.gz:[2024-10-22 20:27:20] [info] #033[32m2024-10-22 20:27 :20,330 INFO [org.apereo.cas.ticket.registry.DefaultTicketRegistryCleaner] - <[0] expired tickets removed.>#033[m
But since the update I no longer have any. Could this be a bug on version 7.1.2?
Reply all
Reply to author
Forward
0 new messages