CAS (7) —— Mac下配置CAS 4.x的JPATicketRegistry(服务端)
CAS (7) —— Mac下配置CAS 4.x集群及JPATicketRegistry(服务端)
tomcat版本: tomcat-8.0.29
jdk版本: jdk1.8.0_65
cas版本:
**cas4.1.3 (4.x还在开发过程中不是很稳定,迭代比较快,也会有些bug) **
cas-client-3.4.1
参考来源:
Jasig: 4.1.x JPA Ticket Registry
Jasig: 4.1.3 JPA Ticket Registry
百度文库: CAS JPA-Ticket存储解决负载均衡配置
CSDN: cas 入门之十五:ticket 存储方案-jpa ticket存储 (3.x版本有点老)
Stackoverflow: Jasig CAS. How to enable transactions with JpaTicketRegistry?
目标架构
准备
参照以下文章首先准备好如下图的环境
- CAS (1) —— Mac下配置CAS到Tomcat(服务端
- CAS (2) —— Mac下配置CAS到Tomcat(客户端)
- CAS (3) —— Mac下配置CAS客户端经代理访问Tomcat CAS
- CAS (5) —— Nginx代理模式下浏览器访问CAS服务器配置详解
检查列表
- CAS Client A - app1.hoau.com:8413 (node-a)
- CAS Client B - app2.hoau.com:8423 (node-b)
- CAS Server A - sso.hoau.com:8433 (node-c)
- CAS Server B - sso.hoau.com:8443 (node-d)
- Nginx - Load Balancer
配置
接文章(CAS (5) —— Nginx代理模式下浏览器访问CAS服务器配置详解)之后,我们尝试为CAS
服务配置多个节点。
如若要想实现CAS集群,关于RegistryTicket可以有多种处理方式:
- Tomcat Session Replication (默认状态下,Ticket信息是存储与Session之中的)
- 独立的缓存存储方案
- Memcached
- Ehcache
- Redis
- 数据库存储JpaTicketRegistry
*注意:本篇文章主要关注的是JpaTicketRegistry这种方式再集群环境下的解决方案
当我们实现了用Nginx代理转发到node-c,并成功实现app1.hoau.com与app2.hoau.com的SSO后,以node-c的配置为例,我们配置好node-d,并且打开nginx的Load Balancer和Sticky Session
nginx.conf
upstream
upstream cas_server_ssl {
server sso.hoau.com:8433 weight=1 srun_id=cas-tomcat-c;
server sso.hoau.com:8443 weight=1 srun_id=cas-tomcat-d;
jvm_route $cookie_JSESSIONID|sessionid reverse;
}
*注意:以上配置中的jvm_route和srun_id,其中srun_id需要和node-c和node-d中的Catalina server.xml配置一致
server
server {
listen 443;
server_name proxy.sso.hoau.com;
ssl on;
ssl_certificate /Users/Richard/Documents/Dev/servers/cluster/nginx/keys/server.crt;
ssl_certificate_key /Users/Richard/Documents/Dev/servers/cluster/nginx/keys/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
#root html;
#index index.html index.htm index.jsp;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header Referer $http_referer;
proxy_set_header Cookie $http_cookie;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-FORWARDED-HOST $server_addr;
proxy_set_header X-FORWARDED-PORT $server_port;
proxy_connect_timeout 3;
proxy_send_timeout 30;
proxy_read_timeout 30;
proxy_pass https://cas_server_ssl;
}
}
如果此时尝试测试系统,可能会出现以下错误,原因是因为两个CAS Server的Session不共享,随机生成的Ticket并不能在两个不同的CAS Server环境下同时使用。
javax.servlet.ServletException: org.jasig.cas.client.validation.TicketValidationException:
Ticket 'ST-1-9yxMX3RGh9helSCSwNTb-cas01.sso.hoau.com' not recognized
org.jasig.cas.client.validation.AbstractTicketValidatorFilter.doFilter(AbstractTicketValidationFilter.java:227)
*注意: 这是我们尝试配置JpaTicketRegistry的初衷(当然也可以通过上述的多种方式都能解决此问题)
ticketRegistry.xml
以下是4.1.x官方文档给出来的示例配置,在4.1.x后CAS将以前@Transactional的注解方式更改成了下面推荐的这种aop方式,但是下面的配置对于4.1.2/4.1.3这两个版本缺少了一点东西,运行时可能会遇到错误。
<bean
id="dataSource"
class="com.mchange.v2.c3p0.ComboPooledDataSource"
p:driverClass="${database.driverClass:org.hsqldb.jdbcDriver}"
p:jdbcUrl="${database.url:jdbc:hsqldb:mem:cas-ticket-registry}"
p:user="${database.user:sa}"
p:password="${database.password:}"
p:initialPoolSize="${database.pool.minSize:6}"
p:minPoolSize="${database.pool.minSize:6}"
p:maxPoolSize="${database.pool.maxSize:18}"
p:maxIdleTimeExcessConnections="${database.pool.maxIdleTime:1000}"
p:checkoutTimeout="${database.pool.maxWait:2000}"
p:acquireIncrement="${database.pool.acquireIncrement:16}"
p:acquireRetryAttempts="${database.pool.acquireRetryAttempts:5}"
p:acquireRetryDelay="${database.pool.acquireRetryDelay:2000}"
p:idleConnectionTestPeriod="${database.pool.idleConnectionTestPeriod:30}"
p:preferredTestQuery="${database.pool.connectionHealthQuery:select 1}"
/>
<bean id="ticketRegistry" class="org.jasig.cas.ticket.registry.JpaTicketRegistry" />
<bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor"/>
<util:list id="packagesToScan">
<value>org.jasig.cas.ticket</value>
<value>org.jasig.cas.adaptors.jdbc</value>
</util:list>
<bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"
id="jpaVendorAdapter"
p:generateDdl="true"
p:showSql="true" />
<bean id="entityManagerFactory"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean"
p:dataSource-ref="dataSource"
p:jpaVendorAdapter-ref="jpaVendorAdapter"
p:packagesToScan-ref="packagesToScan">
<property name="jpaProperties">
<props>
<prop key="hibernate.dialect">${database.dialect:org.hibernate.dialect.HSQLDialect}</prop>
<prop key="hibernate.hbm2ddl.auto">create-drop</prop>
<prop key="hibernate.jdbc.batch_size">${database.batchSize:1}</prop>
</props>
</property>
</bean>
<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager"
p:entityManagerFactory-ref="entityManagerFactory" />
<tx:advice id="txRegistryAdvice" transaction-manager="transactionManager">
<tx:attributes>
<tx:method name="deleteTicket" read-only="false" />
<tx:method name="addTicket" read-only="false" />
<tx:method name="updateTicket" read-only="false" />
<tx:method name="getTicket" read-only="true" />
<tx:method name="getTickets" read-only="true" />
<tx:method name="sessionCount" read-only="true" />
<tx:method name="serviceTicketCount" read-only="true" />
</tx:attributes>
</tx:advice>
<tx:advice id="txRegistryLockingAdvice" transaction-manager="transactionManager">
<tx:attributes>
<tx:method name="getOwner" read-only="true" />
<tx:method name="acquire" read-only="false" />
<tx:method name="release" read-only="false" />
</tx:attributes>
</tx:advice>
<aop:config>
<aop:pointcut id="ticketRegistryOperations" expression="execution(* org.jasig.cas.ticket.registry.JpaTicketRegistry.*(..))"/>
<aop:pointcut id="ticketRegistryLockingOperations" expression="execution(* org.jasig.cas.ticket.registry.support.JpaLockingStrategy.*(..))"/>
<aop:advisor advice-ref="txRegistryAdvice" pointcut-ref="ticketRegistryOperations"/>
<aop:advisor advice-ref="txRegistryLockingAdvice" pointcut-ref="ticketRegistryLockingOperations"/>
</aop:config>
<bean id="ticketRegistryCleaner"
class="org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner"
c:centralAuthenticationService-ref="centralAuthenticationService"
c:ticketRegistry-ref="ticketRegistry"
p:lock-ref="cleanerLock"/>
<bean id="cleanerLock" class="org.jasig.cas.ticket.registry.support.JpaLockingStrategy"
p:uniqueId="${host.name}"
p:applicationId="cas-ticket-registry-cleaner" />
<bean id="jobDetailTicketRegistryCleaner"
class="org.springframework.scheduling.quartz.MethodInvokingJobDetailFactoryBean"
p:targetObject-ref="ticketRegistryCleaner"
p:targetMethod="clean" />
<bean id="triggerJobDetailTicketRegistryCleaner"
class="org.springframework.scheduling.quartz.SimpleTriggerFactoryBean"
p:jobDetail-ref="jobDetailTicketRegistryCleaner"
p:startDelay="20000"
p:repeatInterval="5000000" />
*注意: 如果使用MySQL5.x以上的entityManagerFactory需要修改,这在多数论坛文章中都能找到
<bean id="entityManagerFactory"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean"
p:dataSource-ref="ticketDataSource"
p:jpaVendorAdapter-ref="jpaVendorAdapter"
p:packagesToScan-ref="packagesToScan">
<property name="persistenceUnitName" value="CasPU"/>
<property name="jpaProperties">
<props>
<prop key="hibernate.dialect">org.hibernate.dialect.MySQL5InnoDBDialect</prop>
<prop key="hibernate.hbm2ddl.auto">update</prop>
</props>
</property>
</bean>
这里比较重要的是hibernate.dialect需要根据目标数据库配置,另外hibernate.hbm2ddl.auto是给JPATicketRegistry赋予相应权限的,因为在服务启动时,系统会自动检测目标数据库中,是否含有相应表的信息,如果没有,则会执行ddl脚本创建表:
- locks
- SERVICETICKET
- TICKETGRANTINGTICKET
关于锁的策略(Cleaner Locking Strategy)
4.1.x版本提供了JpaLockingStrategy,来支持exclusive non-reentrant lock
This will configure the cleaner with the following defaults:
tableName = “LOCKS”
uniqueIdColumnName = “UNIQUE_ID”
applicationIdColumnName = “APPLICATION_ID”
expirationDataColumnName = “EXPIRATION_DATE”
platform = SQL92
lockTimeout = 3600 (1 hour)
为了降低死锁出现的概率需要添加以下索引
MySQL
CREATE INDEX ST_TGT_FK_I ON SERVICETICKET (ticketGrantingTicket_ID);
CREATE INDEX ST_TGT_FK_I ON TICKETGRANTINGTICKET (ticketGrantingTicket_ID);
以上这些内容,都能在官方文档中找到,还有其他相关的重要说明,在此不赘述。
*注意: 如果这样配置完毕,然后充其服务器进行测试,会遇到以下错误
org.jasig.cas.web.flow.GenerateServiceTicketAction@7c10e841 in state 'generateServiceTicket' of flow 'login' -- action execution attributes were 'map[[empty]]'] with root cause
javax.persistence.TransactionRequiredException: No transactional EntityManager available
at org.springframework.orm.jpa.SharedEntityManagerCreator$SharedEntityManagerInvocationHandler.invoke(SharedEntityManagerCreator.java:275)
at com.sun.proxy.$Proxy51.merge(Unknown Source)
at org.jasig.cas.ticket.registry.JpaTicketRegistry.updateTicket(JpaTicketRegistry.java:57)
at org.jasig.cas.ticket.registry.AbstractDistributedTicketRegistry$TicketDelegator.updateTicket(AbstractDistributedTicketRegistry.java:101)
at org.jasig.cas.ticket.registry.AbstractDistributedTicketRegistry$TicketGrantingTicketDelegator.grantServiceTicket(AbstractDistributedTicketRegistry.java:234)
at org.jasig.cas.CentralAuthenticationServiceImpl.grantServiceTicket(CentralAuthenticationServiceImpl.java:313)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:
以上的错误主要是因为CentralAuthenticationService.grantServiceTicket没有transaction,我们需要修改ticketRegistry.xml的配置文件
<tx:advice id="txRegistryAdvice" transaction-manager="transactionManager">
<tx:attributes>
<tx:method name="deleteTicket" read-only="false" />
<tx:method name="addTicket" read-only="false" />
<tx:method name="updateTicket" read-only="false" />
<tx:method name="getTicket" read-only="true" />
<tx:method name="getTickets" read-only="true" />
<tx:method name="add*" read-only="false"/>
<tx:method name="delete*" read-only="false"/>
<tx:method name="save*" read-only="false"/>
<tx:method name="update*" read-only="false"/>
<tx:method name="get*" read-only="true"/>
<tx:method name="grant*" read-only="false"/>
<tx:method name="validate*" read-only="true"/>
<tx:method name="sessionCount" read-only="true" />
<tx:method name="serviceTicketCount" read-only="true" />
</tx:attributes>
</tx:advice>
<tx:advice id="txRegistryLockingAdvice" transaction-manager="transactionManager">
<tx:attributes>
<tx:method name="getOwner" read-only="true" />
<tx:method name="acquire" read-only="false" />
<tx:method name="release" read-only="false" />
</tx:attributes>
</tx:advice>
<aop:config>
<aop:pointcut id="ticketRegistryOperations" expression="execution(* org.jasig.cas.ticket.registry.JpaTicketRegistry.*(..))"/>
<aop:pointcut id="centralAuthenticationServiceOperations" expression="execution(* org.jasig.cas.CentralAuthenticationService.*(..))"/>
<aop:pointcut id="ticketRegistryLockingOperations" expression="execution(* org.jasig.cas.ticket.registry.support.JpaLockingStrategy.*(..))"/>
<!-- -->
<aop:advisor advice-ref="txRegistryAdvice" pointcut-ref="ticketRegistryOperations"/>
<aop:advisor advice-ref="txRegistryAdvice" pointcut-ref="centralAuthenticationServiceOperations"/>
<aop:advisor advice-ref="txRegistryLockingAdvice" pointcut-ref="ticketRegistryLockingOperations"/>
</aop:config>
错误
persistence manager没有配置好或缺少依赖的jar
18-Dec-2015 08:47:50.459 SEVERE [localhost-startStop-1] org.apache.catalina.core.StandardContext.listenerStart Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'entityManagerFactory' defined in ServletContext resource [/WEB-INF/spring-configuration/ticketRegistry.xml]: Invocation of init method failed; nested exception is java.lang.IllegalStateException: No persistence units parsed from {classpath*:META-INF/persistence.xml}
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1572)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:539)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:476)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:303)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:299)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:194)
at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:960)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:749)
*注意: 此处请不要按照错误提示再META-INF下增加persistence.xml文件,否则可能会出现冲突的情况。
请用“SimpleTriggerFactoryBean”而非某些论坛里面使用的“org.springframework.scheduling.quartz.SimpleTriggerBean”(这可能是老版本配置),正确配置如下:
<bean id="periodicTicketRegistryCleanerTrigger"
class="org.springframework.scheduling.quartz.SimpleTriggerFactoryBean"
p:jobDetail-ref="ticketRegistryCleanerJobDetail"
p:startDelay="20000"
p:repeatInterval="5000000" />
为DefaultTicketRegistryCleaner加上centralAuthenticationService
老版本的DefaultTicketRegistryCleaner无需centralAuthenticationService,如果4.1.x没有加上这个会出现错误:
18-Dec-2015 08:55:43.357 SEVERE [localhost-startStop-1] org.apache.catalina.core.StandardContext.listenerStart Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'ticketRegistryCleaner' defined in ServletContext resource [/WEB-INF/spring-configuration/ticketRegistry.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner]: No default constructor found; nested exception is java.lang.NoSuchMethodException: org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner.<init>()
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateBean(AbstractAutowireCapableBeanFactory.java:1099)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1044)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:504)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:476)
正确配置如下:
<bean id="ticketRegistryCleaner" class="org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner"
c:centralAuthenticationService-ref="centralAuthenticationService"
c:ticketRegistry-ref="ticketRegistry"
p:lock-ref="cleanerLock"
/>
请使用较高版本的com.mchange.v2.c3p0
否则会出现以下错误:
18-Dec-2015 09:17:49.725 SEVERE [localhost-startStop-1] org.apache.catalina.core.StandardContext.listenerStart Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'entityManagerFactory' defined in ServletContext resource [/WEB-INF/spring-configuration/ticketRegistry.xml]: Cannot resolve reference to bean 'ticketDataSource' while setting bean property 'dataSource'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'ticketDataSource' defined in ServletContext resource [/WEB-INF/spring-configuration/ticketRegistry.xml]: Error setting property values; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'url' of bean class [com.mchange.v2.c3p0.ComboPooledDataSource]: Bean property 'url' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:359)
at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:108)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1475)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1220)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:537)
正确的依赖:
<dependency>
<groupId>com.mchange</groupId>
<artifactId>c3p0</artifactId>
<version>0.9.5.1</version>
</dependency>
<dependency>
<groupId>com.mchange</groupId>
<artifactId>mchange-commons-java</artifactId>
<version>0.2.10</version>
</dependency>
为host.name指定合适的参数(如:sso.hoau.com)
2015-12-18 13:46:08,752 DEBUG [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - org.jose4j.lang.JoseException: A JWS Compact Serialization must have exactly 3 parts separated by period ('.') characters
java.lang.RuntimeException: org.jose4j.lang.JoseException: A JWS Compact Serialization must have exactly 3 parts separated by period ('.') characters
at org.jasig.cas.util.DefaultCipherExecutor.verifySignature(DefaultCipherExecutor.java:209)
at org.jasig.cas.util.DefaultCipherExecutor.decode(DefaultCipherExecutor.java:107)
at org.jasig.cas.web.support.DefaultCasCookieValueManager.obtainCookieValue(DefaultCasCookieValueManager.java:89)
at org.jasig.cas.web.support.CookieRetrievingCookieGenerator.retrieveCookieValue(CookieRetrievingCookieGenerator.java:116)
Cannot subclass final class class org.jasig.cas.ticket.registry.JpaTicketRegistry
如果参照网上某些解决方案,试图添加tx:annotation-driven
<tx:annotation-driven proxy-target-class="true" transaction-manager="transactionManager" />
会出现如下错误
Caused by: org.springframework.aop.framework.AopConfigException: Could not generate CGLIB subclass of class [class org.jasig.cas.ticket.registry.JpaTicketRegistry]: Common causes of this problem include using a final class or a non-visible class; nested exception is java.lang.IllegalArgumentException: Cannot subclass final class class org.jasig.cas.ticket.registry.JpaTicketRegistry
at org.springframework.aop.framework.CglibAopProxy.getProxy(CglibAopProxy.java:212)
at org.springframework.aop.framework.ProxyFactory.getProxy(ProxyFactory.java:109)
at org.springframework.aop.framework.autoproxy.AbstractAutoProxyCreator.createProxy(AbstractAutoProxyCreator.java:447)
at org.springframework.aop.framework.autoproxy.AbstractAutoProxyCreator.wrapIfNecessary(AbstractAutoProxyCreator.java:333)
at org.springframework.aop.framework.autoproxy.AbstractAutoProxyCreator.postProcessAfterInitialization(AbstractAutoProxyCreator.java:293)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyBeanPostProcessorsAfterInitialization(AbstractAutowireCapableBeanFactory.java:422)
4.1.2的bug
由于以下或可能遇到的更多错误,mmoayyed建议将overlay升到4.1.3
在登陆时碰到后台错误“java.lang.NullPointerException
at org.jasig.cas.ticket.support.TicketGrantingTicketExpirationPolicy.isExpired”18-Dec-2015 17:35:00.194 SEVERE [http-nio-8443-exec-8]
org.apache.catalina.core.StandardWrapperValve.invoke Servlet.service() for servlet [cas] in context with path [/cas] threw exception [Request processing failed;
nested exception is
org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing
org.jasig.cas.web.flow.TicketGrantingTicketCheckAction@313fe175 in state 'ticketGrantingTicketCheck' of flow 'login' -- action
execution attributes were 'map[[empty]]'] with root cause
java.lang.NullPointerException
at org.jasig.cas.ticket.support.TicketGrantingTicketExpirationPolicy.isExpired(TicketGrantingTicketExpirationPolicy.java:131)
at org.jasig.cas.ticket.AbstractTicket.isExpired(AbstractTicket.java:158)
at org.jasig.cas.ticket.registry.AbstractDistributedTicketRegistry$TicketDelegator.isExpired(AbstractDistributedTicketRegistry.java:115)
at org.jasig.cas.CentralAuthenticationServiceImpl.getTicket(CentralAuthenticationServiceImpl.java:525)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)
https://github.com/Jasig/cas/issues/1323
https://github.com/Jasig/cas/issues/1367
测试
此处略去,请自行验证。
结束
CAS (7) —— Mac下配置CAS 4.x的JPATicketRegistry(服务端)的更多相关文章
- CAS (8) —— Mac下配置CAS到JBoss EAP 6.4(6.x)的Standalone模式(服务端)
CAS (8) -- Mac下配置CAS到JBoss EAP 6.4(6.x)的Standalone模式(服务端) jboss版本: jboss-eap-6.4-CVE-2015-7501 jdk版本 ...
- CAS (1) —— Mac下配置CAS到Tomcat(服务端)
CAS (1) -- Mac下配置CAS到Tomcat(服务端) tomcat版本: tomcat-8.0.29 jdk版本: jdk1.8.0_65 cas版本: cas4.1.2 cas-clie ...
- CAS (3) —— Mac下配置CAS客户端经代理访问Tomcat CAS
CAS (3) -- Mac下配置CAS客户端经代理访问Tomcat CAS tomcat版本: tomcat-8.0.29 jdk版本: jdk1.8.0_65 nginx版本: nginx-1.9 ...
- CAS (2) —— Mac下配置CAS到Tomcat(客户端)
CAS (2) -- Mac下配置CAS到Tomcat(客户端) tomcat版本: tomcat-8.0.29 jdk版本: jdk1.8.0_65 cas版本: cas4.1.2 cas-clie ...
- CAS (1) —— Mac下配置CAS到Tomcat(服务端)(转)
tomcat版本: tomcat-8.0.29 jdk版本: jdk1.8.0_65 cas版本: cas4.1.2cas-client-3.4.1 参考来源: CAS实现单点登录(SSO)经典完整教 ...
- 在Mac下配置php开发环境:Apache+php+MySql
/private/etc/apache2/httpd.conf 一.启动Apache sudo apachectl start sudo apachectl -v 可以查看到Apache的版本信息 ...
- iOS开发MAC下配置svn
版本控制对于团队合作显得尤为重要,那么如何在iOS开发中进行版本控制呢?在今天的博客中将会介绍如何在MAC下配置SVN服务器,如何导入我们的工程,如何在Xcode中进行工程的checkOut和Comm ...
- mac下配置openfire
下载 在浏览器中打开如下网址http://www.igniterealtime.org/downloads/index.jsp,根据你的操作系统选择对应的版本进行下载,这里我是在mac下配置的,所以选 ...
- Mac下配置idk
Mac下配置java #以下进入啰嗦模式演示添加jdk7 #下载jdk7的mac版 #官网下载地址http://www.oracle.com/technetwork/java/javase/downl ...
随机推荐
- dig 命令
dig命令是常用的域名查询工具,可以用来测试域名系统工作是否正常. 语法 dig(选项)(参数) 选项 @<服务器地址>:指定进行域名解析的域名服务器: -b<ip地址>:当主 ...
- FreeSWITCH快速录音
一.背景 测试人员反映FreeSWITCH录音不及时,需要大约5秒的时间才能捕获到RTP流. 二.原因及解决 查了下资料,FreeSWITCH默认的录音参数配置是开启缓冲的, 即RTP流大小到达655 ...
- es6 对象解构 与 参数默认值
var abc = ({a = 123, b = 321, c = 456} = {}) => console.log(20181109155055, a) abc()
- 转:zTree树控件扩展篇:巧用zTree控件实现文本框输入关键词自动模糊查找zTree树节点实现模糊匹配下拉选择效果
是否可以借助于zTree实现文本框输入关键词自动模糊匹配zTree下拉树,然后选择下拉树内节点显示在文本框内且隐藏下拉树. 看到这个需求脑子里头大致已经想到了要如何实现这样一个需求,当时是限于时间问题 ...
- python 取整的两种方法
问题简介: 要把一个浮点数(float)整数部分提取出来.比如把“2.1”变成“2”的这一过程:现在我们给这个过程起一个名字叫“取整”.那么它 在python中大致可以有两种写法 写法1)类型转换: ...
- Matlab中classperf对象各属性解释[原创]
1.ClassLabels:类型标识.第一个label作为pos,第二次label作为neg. 2.GroundTruth:各次实验的观察值,也就是真实值. 3.ValidationCounter: ...
- MySql(十六):MySql架构设计——MySQL Cluster
前言: MySQL Cluster 是一个基于 NDB Cluster 存储引擎的完整的分布式数据库系统.不仅仅具有高可用性,而且可以自动切分数据,冗余数据等高级功能.和 Oracle Real Cl ...
- CentOS与RedHat的关系
一.CentOS 与 RedHat 的关系 RedHat 在发行的时候,有两种方式:二进制的发行方式以及源代码的发行方式.无论是哪一种发行方式,你都可以免费获得(例如从网上下载),并再次发布.但如果你 ...
- Sql Server删除数据表中重复记录 三种方法
本文介绍了Sql Server数据库中删除数据表中重复记录的方法. [项目]数据库中users表,包含u_name,u_pwd两个字段,其中u_name存在重复项,现在要实现把重复的项删除![分析]1 ...
- MyEclipse中设置jsp页面为默认utf-8编码
转自:http://www.cnblogs.com/xdp-gacl/p/3496161.html 在MyEclispe中创建Jsp页面,Jsp页面的默认编码是“ISO-8859-1”,如下图所示: ...