Facing issues with CAS when Application Session is getting expired
Dear Forum Members
I am facing some issues with CAS , wanted to share it on this forum, so that I can get some help to resolve this issue.
I have a web application on JBoss which needs its users to be authenticated against CAS server. The session expiration time for the Web Application is 45 minutes. The expiration time for the Ticket Granting Ticket (TGT) has also been set as 45 minutes.
The Web Application is behaving rather erratically. When the sessio n is expiring (for both the Application and the TGT value in the Database), the user is being redirected to the login screen of the Application. If the user re-enters their credentials then on some occasions the user is getting logged into the Application (but without a TGT value) or otherwise the user is again being redirected to the login screen and if the user re-enters their credentials then this time the user is successfully logged into the application with a TGT value.
By enabling the DEBUG in CAS logs , I was able to find out the reason for this. This can be explained as follows.
Case 1. IDEAL SCENARIO (when tgt value expires in DB after 45 mins , clicking on any App link re-directs to the login page where when prompted for a userid and password, again redirected to Login page, when again logging in successfully getting the TGT value)
Case 2: IMPERFECT SCENARIO (when tgt value expires in DB after 45 mins , clicking on any App link re-directs to the login page where prompted for a userid and password, we are logged into the application but without a ticket (no TGT value in DB) )
So as can be seen from the above logs , if the log for [org.jasig.cas.web.support.CasArgumentExtractor] - Extractor generated service for: ..... is missing then user is not getting the TGT value after login , if the log is there then user will be having a TGT value after re-logging in twice.
Could anyone kindly guide me as to why the application is having such an erratic behaviour wherein sometimes the user is getting a TGT value and sometimes not.
Any help towards resolution of this issue will be great.