Dependency Graph View Issue ] Relation Graph ] Vertical ]
related to child of duplicate of

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0001016SOGoWeb Generalpublic2010-11-26 17:362011-02-15 16:31
Assigned To 
StatusclosedResolutionno change required 
PlatformOSOS Version
Product Version1.3.4 
Target VersionFixed in Version 
Summary0001016: Custom CAS proxy URL
DescriptionDuring our SOGo tests at the University of Rennes 1, we added a parameter that allows each of our SOGo servers to have its own CAS proxy callback URL.
Explanation: our SOGo servers are all behind a frontal Apache load-balancer. Adding a shared memcached server appeared to us as another weakness in our architecture, so we decided that each SOGo server would use its own memcached daemon and respond itself to its PGT callback requests from the CAS server (we use this deployment scheme for years with uPortal).

The new parameter is named SOGoCASProxyCallbackURL:
    * If not set, the callback URL is built 'normally' (based on the request host and path).
    * If set (e.g. [^]), it is passed as-is to the CAS server on ticket validation.

Patch attached.
TagsNo tags attached.
Attached Filestxt file icon patch-CASProxyCallbackURL.txt [^] (2,132 bytes) 2010-11-26 17:36 [Show Content]

-  Notes
User avatar (0001965)
ludovic (administrator)
2010-12-23 20:45

What about using membase (with replication, no persistence) ?

This would let you have a memcached server on each instance but share the cache across servers.

repcached could also be an option (there's an updated patch for memcached 1.4) too.
paubry (reporter)
2010-12-24 06:55

Sharing anything between the servers is not needed, and it adds a non necessary weakness to the architecture. Fully independent servers is obviously the best garanty for robustness.
User avatar (0001969)
ludovic (administrator)
2010-12-24 07:27

Unless the server goes down and it loses all sessions.

What "unnecessary weakness" does it add? membase will *REPLICATE* memcached caches across SOGo servers, which EACH runs a single instance.

It can't be more simple, efficient and fully independent than that - it has an horizontal growth path.
User avatar (0001973)
ludovic (administrator)
2010-12-28 13:59

I've toyed around membase and it does NOT support replication when using the memcached engine. Since persistence doesn't really matter to us, i think it would be better to reuse the code we now have in SOGoSession (coming from bug 0000698) and we could store the CAS ticket in the database.
paubry (reporter)
2011-01-03 02:08

Storing PGT/Iou in the database is a working possibility but I still believe that credentials should not be persisted in databases.
paubry (reporter)
2011-02-03 12:35

1.3.5a perfectly works without this patch, issue can be closed.

- Issue History
Date Modified Username Field Change
2010-11-26 17:36 paubry New Issue
2010-11-26 17:36 paubry File Added: patch-CASProxyCallbackURL.txt
2010-11-29 15:20 ludovic Target Version => 1.3.5
2010-12-23 20:45 ludovic Note Added: 0001965
2010-12-23 20:46 ludovic Status new => feedback
2010-12-24 06:55 paubry Note Added: 0001968
2010-12-24 07:27 ludovic Note Added: 0001969
2010-12-28 13:59 ludovic Note Added: 0001973
2011-01-03 02:08 paubry Note Added: 0001989
2011-01-05 15:30 ludovic Target Version 1.3.5 =>
2011-02-03 12:35 paubry Note Added: 0002079
2011-02-15 16:31 ludovic Status feedback => closed
2011-02-15 16:31 ludovic Resolution open => no change required

Copyright © 2000 - 2019 MantisBT Team
Powered by Mantis Bugtracker