Facing issues with CAS when Application Session is getting expired

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Facing issues with CAS when Application Session is getting expired

SYED ZAHEER MEHDI
Dear Forum Members

I am facing some issues with CAS , wanted to share it on this forum, so that I can get some help to resolve this issue.


I have a web application on JBoss which needs its users to be authenticated against CAS server. The session expiration time for the Web Application is 45 minutes. The expiration time for  the Ticket Granting Ticket (TGT) has also been set as 45 minutes.

The Web Application is behaving rather erratically. When the sessio n is expiring (for both the Application and the TGT value in the Database), the user is being redirected to the login screen of the Application. If the user re-enters their credentials then on some occasions the user is getting logged into the Application (but without a TGT value) or otherwise the user is again being redirected to the login screen and if the user re-enters their credentials then this time the user is successfully logged into the application with a TGT value.

By enabling the DEBUG in CAS logs , I was able to find out the reason for this. This can be explained as follows.

Case 1. IDEAL SCENARIO (when tgt value  expires in DB after 45 mins , clicking on any App link  re-directs to the login page where  when prompted for a userid and password, again redirected to Login page, when again logging in successfully getting the TGT value)

2013-04-03 09:43:39,231 DEBUG [org.jasig.cas.util.HttpClient] - Finished sending message to https://zaheersapp/DEJ/ui/mobile/Dashboard?method:myApps

2013-04-03 09:43:39,314 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated service for: https://zaheersapp/DEJ/ui/mobile/SingleSignOn?method:login&deviceID=NA&notificationID=NA&skipCache=1365000219058


Case 2: IMPERFECT  SCENARIO (when tgt value  expires in DB after 45 mins , clicking on any App link  re-directs to the login page where prompted for a userid and password, we are logged into the application but without a ticket (no TGT value in DB) )


2013-04-02 06:56:50,201 DEBUG [org.jasig.cas.util.HttpClient] - Finished sending message to https://zaheersapp/DEJ/ui/mobile/Dashboard?method:myApps


So as can be seen from the above logs , if the log for [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated service for: .....    is missing then user is not getting the TGT value after login , if the log is there then user will be having a TGT value after re-logging in twice.


Could anyone kindly guide me as to why the application is having such an erratic behaviour wherein sometimes the user is getting a TGT value and sometimes not.

Any help towards resolution of this issue will be great.

Best Regards
Syed Zaheer Mehdi
--
You are currently subscribed to [hidden email] as: [hidden email]
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/jasig-ue