|Anonymous | Login | Signup for a new account||2019-11-21 08:53 EST|
|My View | View Issues | Change Log | Roadmap | Repositories|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0001016||SOGo||Web General||public||2010-11-26 17:36||2011-02-15 16:31|
|Status||closed||Resolution||no change required|
|Target Version||Fixed in Version|
|Summary||0001016: Custom CAS proxy URL|
|Description||During our SOGo tests at the University of Rennes 1, we added a parameter that allows each of our SOGo servers to have its own CAS proxy callback URL.|
Explanation: our SOGo servers are all behind a frontal Apache load-balancer. Adding a shared memcached server appeared to us as another weakness in our architecture, so we decided that each SOGo server would use its own memcached daemon and respond itself to its PGT callback requests from the CAS server (we use this deployment scheme for years with uPortal).
The new parameter is named SOGoCASProxyCallbackURL:
* If not set, the callback URL is built 'normally' (based on the request host and path).
* If set (e.g. https://sogo3.domain.com/SOGo/casProxy [^]), it is passed as-is to the CAS server on ticket validation.
|Tags||No tags attached.|
|Attached Files||patch-CASProxyCallbackURL.txt [^] (2,132 bytes) 2010-11-26 17:36 [Show Content]|
What about using membase (with replication, no persistence) ?
This would let you have a memcached server on each instance but share the cache across servers.
repcached could also be an option (there's an updated patch for memcached 1.4) too.
|Sharing anything between the servers is not needed, and it adds a non necessary weakness to the architecture. Fully independent servers is obviously the best garanty for robustness.|
Unless the server goes down and it loses all sessions.
What "unnecessary weakness" does it add? membase will *REPLICATE* memcached caches across SOGo servers, which EACH runs a single instance.
It can't be more simple, efficient and fully independent than that - it has an horizontal growth path.
|I've toyed around membase and it does NOT support replication when using the memcached engine. Since persistence doesn't really matter to us, i think it would be better to reuse the code we now have in SOGoSession (coming from bug 0000698) and we could store the CAS ticket in the database.|
|Storing PGT/Iou in the database is a working possibility but I still believe that credentials should not be persisted in databases.|
|1.3.5a perfectly works without this patch, issue can be closed.|
|2010-11-26 17:36||paubry||New Issue|
|2010-11-26 17:36||paubry||File Added: patch-CASProxyCallbackURL.txt|
|2010-11-29 15:20||ludovic||Target Version||=> 1.3.5|
|2010-12-23 20:45||ludovic||Note Added: 0001965|
|2010-12-23 20:46||ludovic||Status||new => feedback|
|2010-12-24 06:55||paubry||Note Added: 0001968|
|2010-12-24 07:27||ludovic||Note Added: 0001969|
|2010-12-28 13:59||ludovic||Note Added: 0001973|
|2011-01-03 02:08||paubry||Note Added: 0001989|
|2011-01-05 15:30||ludovic||Target Version||1.3.5 =>|
|2011-02-03 12:35||paubry||Note Added: 0002079|
|2011-02-15 16:31||ludovic||Status||feedback => closed|
|2011-02-15 16:31||ludovic||Resolution||open => no change required|
|Copyright © 2000 - 2019 MantisBT Team|