--Problem with Ehcache replication on Tomcat servers running 2 CAS 4.2.5 nodes. Looks like ST replication isn't working between 2 nodes.
Any help is appreciated.
This is short version of log file showing that ST ticket was created on SecurityService02, but not found on SecurityService01 milliseconds later.
2016-10-13T22:22:06,503Z SecurityService02 null DEBUG org.jasig.cas.ticket.registry.EhCacheTicketRegistry [scheduler_Worker-5] [] : Ticket ST-10-IAhAyqLGE6eBJAnHCViP-dv01sec001.xxx.com is removed2016-10-13T22:22:06,496Z SecurityService02 null DEBUG org.jasig.cas.ticket.registry.TicketRegistryCleaner [scheduler_Worker-5] [] : Cleaning up expired service ticket [ST-10-IAhAyqLGE6eBJAnHCViP-dv01sec001.xxx.com]2016-10-13T22:21:21,482Z SecurityService01 null ERROR org.jasig.cas.web.ServiceValidateController [http-bio-18180-exec-13] [] : Failed to create proxy granting ticket for https://dv01.xxx.com/falcon/secure/receptororg.jasig.cas.ticket.InvalidTicketException: ST-10-IAhAyqLGE6eBJAnHCViP-dv01sec001.xxx.com
2016-10-13T22:21:21,481Z SecurityService01 null DEBUG org.jasig.cas.CentralAuthenticationServiceImpl [http-bio-18180-exec-13] [] : Ticket [ST-10-IAhAyqLGE6eBJAnHCViP-dv01sec001.xxx.com] by type [ServiceTicket] cannot be foundin the ticket registry.
2016-10-13T22:21:21,481Z SecurityService01 null DEBUG org.jasig.cas.ticket.registry.EhCacheTicketRegistry [http-bio-18180-exec-13] [] : No ticket by id [ST-10-IAhAyqLGE6eBJAnHCViP-dv01sec001.xxx.com] is found in the registry
2016-10-13T22:21:21,419Z SecurityService02 null DEBUG org.jasig.cas.CentralAuthenticationServiceImpl [http-bio-18280-exec-18] [] : Publishing org.jasig.cas.support.events.CasServiceTicketGrantedEvent@57d7da6a[ticketGrantingTicket=org.jasig.cas.ticket.registry.TicketGrantingTicketDelegator@9aaeddec,serviceTicket=ST-10-IAhAyqLGE6eBJAnHCViP-dv01sec001.xxx.com]
2016-10-13T22:21:21,419Z SecurityService02 null INFO org.jasig.cas.CentralAuthenticationServiceImpl [http-bio-18280-exec-18] [] : Granted ticket [ST-10-IAhAyqLGE6eBJAnHCViP-dv01sec001.xxx.com] for service [https://dv01.xxx.com/falcon/j_spring_cas_security_check] and principal [ELUX/dummytest]
BUT i also see following messages in the log:-------2016-10-13T21:59:27,865Z SecurityService01 null DEBUG net.sf.ehcache.distribution.RMIBootstrapCacheLoader [Bootstrap Thread for cache iqn_ServiceTicket] [] : Empty list of cache peers for cache iqn_ServiceTicket. No cache peer to bootstrap from.
2016-10-13T21:59:27,865Z SecurityService01 null DEBUG net.sf.ehcache.distribution.RMIBootstrapCacheLoader [Bootstrap Thread for cache iqn_ServiceTicket] [] : cache peers: []
-------2016-10-13T21:59:36,508Z SecurityService02 null DEBUG net.sf.ehcache.distribution.RMICacheManagerPeerProviderFactory [localhost-startStop-1] [] : Registering peer //dv01sec001.xxx.com:41001/cas_st
2016-10-13T21:59:36,508Z SecurityService02 null DEBUG net.sf.ehcache.distribution.RMICacheManagerPeerProviderFactory [localhost-startStop-1] [] : Registering peer //dv01sec001.xxx.com:41001/cas_tgt
2016-10-13T21:59:25,834Z SecurityService01 null DEBUG net.sf.ehcache.distribution.RMICacheManagerPeerProviderFactory [localhost-startStop-1] [] : Registering peer //dv01sec001.xxx.com:41002/cas_tgt
2016-10-13T21:59:25,834Z SecurityService01 null DEBUG net.sf.ehcache.distribution.RMICacheManagerPeerProviderFactory [localhost-startStop-1] [] : Registering peer //dv01sec001.xxx.com:41002/cas_st
CAS Ehcache configuration:### Ehcache Ticket Registry settings required until we can completly remove Ehcache# can skip some of these properties to use default defined in WEB-INF/spring-configuration/ehcache-ticket-registry.xml#ehcache.config.file=classpath:ehcache-replicated.xmlehcache.cachemanager.shared=trueehcache.cachemanager.name=iqn_ticketRegistryCacheManagerehcache.disk.expiry.interval.seconds=0ehcache.disk.persistent=falseehcache.eternal=falseehcache.max.elements.memory=10000ehcache.max.elements.disk=20000ehcache.eviction.policy=LRUehcache.overflow.disk=trueehcache.cache.st.name=iqn_ServiceTicketehcache.cache.st.timeIdle=0ehcache.cache.st.timeAlive=300ehcache.cache.tgt.name=iqn_TicketGrantingTicketehcache.cache.tgt.timeIdle=0ehcache.cache.tgt.timeAlive=7201ehcache.cache.loader.async=trueehcache.cache.loader.chunksize=5000000ehcache.repl.async.interval=10000ehcache.repl.async.batch.size=100ehcache.repl.sync.puts=trueehcache.repl.sync.putscopy=trueehcache.repl.sync.updates=trueehcache.repl.sync.updatesCopy=trueehcache.repl.sync.removals=true
CAS gitter chatroom: https://gitter.im/apereo/cas
CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
CAS documentation website: https://apereo.github.io/cas
CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/856d0605-b249-471f-bc5d-644598799e1a%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
-- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE C017 | rb...@uvic.ca
Thank you,
Boris Pogrebitskiy | IQNavigator | Sr. Java Developer
(303) 731-6643 • bpogre...@iqn.com
6465 Greenwood Plaza Blvd. • Suite 800 • Centennial, CO • 80111 • USA
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.