cas server4.1.3集群退出的问题

JarvisZhu 发布于 2016/10/18 16:53
阅读 363
收藏 0
一个Nginx+两个Tomcat组成的cas server集群,cas server主要配置如下: 
ticketRegistry.xml文件: 
<bean id="ticketDataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" 
        p:driverClass="com.mysql.jdbc.Driver" 
        p:jdbcUrl="jdbc:mysql://localhost:7999/casticket?useUnicode=true&amp;characterEncoding=UTF-8&amp;zeroDateTimeBehavior=convertToNull" 
        p:user="root" 
        p:password="root" 
        p:initialPoolSize="6" 
        p:minPoolSize="6" 
        p:maxPoolSize="20" 
        p:maxIdleTimeExcessConnections="1000" 
        p:checkoutTimeout="2000" 
        p:acquireIncrement="16" 
        p:acquireRetryAttempts="5" 
        p:acquireRetryDelay="2000" 
        p:idleConnectionTestPeriod="30" 
        p:preferredTestQuery="select 1" /> 

    <!-- Ticket Registry --> 
    <!-- <bean id="ticketRegistry" class="org.jasig.cas.ticket.registry.DefaultTicketRegistry"/> --> 
<bean id="ticketRegistry" class="org.jasig.cas.ticket.registry.JpaTicketRegistry" /> 
<bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor"/> 
<util:list id="packagesToScan"> 
<value>org.jasig.cas.ticket</value> 
<value>org.jasig.cas.adaptors.jdbc</value> 
</util:list> 
<bean id="jpaVendorAdapter" class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter" 
p:generateDdl="true" 
p:showSql="true" /> 
<bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean" 
p:dataSource-ref="ticketDataSource" 
p:jpaVendorAdapter-ref="jpaVendorAdapter" 
p:packagesToScan-ref="packagesToScan"> 
<property name="persistenceUnitName" value="CasPU"/> 
<property name="jpaProperties"> 
<props> 
<prop key="hibernate.dialect">org.hibernate.dialect.MySQL5InnoDBDialect</prop> 
<prop key="hibernate.hbm2ddl.auto">update</prop> 
</props> 
</property> 
</bean> 
<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager" 
p:entityManagerFactory-ref="entityManagerFactory" /> 
<!-- 使用这个报错 --> 
<!-- <tx:annotation-driven transaction-manager="transactionManager" /> --> 
<tx:advice id="txRegistryAdvice" transaction-manager="transactionManager"> 
<tx:attributes> 
<tx:method name="deleteTicket" read-only="false" /> 
<tx:method name="addTicket" read-only="false" /> 
<tx:method name="updateTicket" read-only="false" /> 
<tx:method name="getTicket" read-only="true" /> 
<tx:method name="getTickets" read-only="true" /> 
<tx:method name="add*" read-only="false"/> 
<tx:method name="delete*" read-only="false"/> 
<tx:method name="save*" read-only="false"/> 
<tx:method name="update*" read-only="false"/> 
<tx:method name="get*" read-only="true"/> 
<tx:method name="grant*" read-only="false"/> 
<tx:method name="validate*" read-only="true"/> 
<tx:method name="sessionCount" read-only="true" /> 
<tx:method name="serviceTicketCount" read-only="true" /> 
</tx:attributes> 
</tx:advice> 
<tx:advice id="txRegistryLockingAdvice" transaction-manager="transactionManager"> 
<tx:attributes> 
<tx:method name="getOwner" read-only="true" /> 
<tx:method name="acquire" read-only="false" /> 
<tx:method name="release" read-only="false" /> 
</tx:attributes> 
</tx:advice> 
<aop:config> 
<aop:pointcut id="ticketRegistryOperations" expression="execution(* org.jasig.cas.ticket.registry.JpaTicketRegistry.*(..))"/> 
<aop:pointcut id="ticketRegistryLockingOperations" expression="execution(* org.jasig.cas.ticket.registry.support.JpaLockingStrategy.*(..))"/> 
<aop:pointcut id="centralAuthenticationServiceOperations" expression="execution(* org.jasig.cas.CentralAuthenticationService.*(..))"/> 
<aop:advisor advice-ref="txRegistryAdvice" pointcut-ref="ticketRegistryOperations"/>       
<aop:advisor advice-ref="txRegistryLockingAdvice" pointcut-ref="ticketRegistryLockingOperations"/> 
<aop:advisor advice-ref="txRegistryAdvice" pointcut-ref="centralAuthenticationServiceOperations"/> 
</aop:config> 


    <!--Quartz --> 
    <!-- TICKET REGISTRY CLEANER --> 
<bean id="cleanerLock" class="org.jasig.cas.ticket.registry.support.JpaLockingStrategy" 
p:uniqueId="${host.name}" 
p:applicationId="cas-ticket-registry-cleaner" /> 

    <bean id="ticketRegistryCleaner" class="org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner" 
          c:centralAuthenticationService-ref="centralAuthenticationService" 
          c:ticketRegistry-ref="ticketRegistry" 
  p:lock-ref="cleanerLock"/> 

    <bean id="jobDetailTicketRegistryCleaner" 
          class="org.springframework.scheduling.quartz.MethodInvokingJobDetailFactoryBean" 
          p:targetObject-ref="ticketRegistryCleaner" 
          p:targetMethod="clean"/> 

    <bean id="triggerJobDetailTicketRegistryCleaner" 
          class="org.springframework.scheduling.quartz.SimpleTriggerFactoryBean" 
          p:jobDetail-ref="jobDetailTicketRegistryCleaner" 
          p:startDelay="20000" 
          p:repeatInterval="5000000"/> 
Nginx.conf配置文件: 
upstream cas { 
server 10.0.0.8:8082 weight=1; 
server 10.0.0.8:8083 weight=1; 


    server { 
        listen       8080; 
        server_name  localhost; 

        #charset koi8-r; 

        #access_log  logs/host.access.log  main; 

        location / { 
#proxy_redirect off; 
proxy_set_header Host $host; 
proxy_set_header Referer $http_referer; 
proxy_set_header Cookie $http_cookie; 
            proxy_set_header X-Real-IP $remote_addr; 
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
proxy_pass http://cas; 
        } 
两个tomcat使用memcached-session-manager实现session共享: 
<Manager className="de.javakaffee.web.msm.MemcachedBackupSessionManager" 
memcachedNodes="n1:localhost:11211" 
sticky="false" 
sessionBackupAsync="false" 
lockingMode="auto" 
requestUriIgnorePattern=".*\.(ico|png|gif|jpg|css|js)$" 
transcoderFactoryClass="de.javakaffee.web.msm.serializer.kryo.KryoTranscoderFactory" /> 

客户端SpringMVC项目web.xml文件: 
    <filter> 
        <filter-name>CAS Single Sign Out Filter</filter-name> 
        <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class> 
        <init-param> 
            <param-name>casServerUrlPrefix</param-name> 
            <param-value>http://h4:8080/cas</param-value> 
        </init-param> 
    </filter> 
    <!-- 该过滤器负责用户的认证工作,必须启用它 --> 
    <filter> 
        <filter-name>CASFilter</filter-name> 
        <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> 
        <init-param> 
            <param-name>casServerLoginUrl</param-name> 
            <!-- 下面的URL是Cas服务器的登录地址 --> 
            <param-value>http://h4:8080/cas/login</param-value> 
        </init-param> 
        <init-param> 
            <param-name>serverName</param-name> 
            <param-value>http://localhost:8888</param-value> 
        </init-param> 
    </filter> 
    <!-- 该过滤器负责对Ticket的校验工作,必须启用它 --> 
    <filter> 
        <filter-name>CAS Validation Filter</filter-name> 
        <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class> 
        <init-param> 
            <param-name>casServerUrlPrefix</param-name> 
            <!-- 下面的URL是Cas服务器的认证地址 --> 
            <param-value>http://h4:8080/cas</param-value><!-- /login --> 
        </init-param> 
        <init-param> 
            <param-name>serverName</param-name> 
            <param-value>http://localhost:8888</param-value> 
        </init-param> 
        <init-param> 
            <param-name>redirectAfterValidation</param-name> 
            <param-value>true</param-value> 
        </init-param> 
        <init-param> 
            <param-name>useSession</param-name> 
            <param-value>true</param-value> 
        </init-param> 
        <!--<init-param>--> 
            <!--<param-name>renew</param-name>--> 
            <!--<param-value>false</param-value>--> 
        <!--</init-param>--> 
        <!--<init-param>--> 
            <!--<param-name>gateway</param-name>--> 
            <!--<param-value>false</param-value>--> 
        <!--</init-param>--> 
    </filter> 
    <filter> 
        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> 
        <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class> 
    </filter> 
    <!-- 
    该过滤器使得开发者可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。 
    比如AssertionHolder.getAssertion().getPrincipal().getName()。 
    --> 
    <filter> 
        <filter-name>CAS Assertion Thread Local Filter</filter-name> 
        <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class> 
    </filter> 
    <filter> 
        <filter-name>CasForInvokeContextFilter</filter-name> 
        <filter-class>javacommon.filter.LoginFilter</filter-class> 
    </filter> 
<listener> 
        <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class> 
    </listener> 
各个<filter-mapping>省略 


客户端项目退出时报错: 
2016-10-18 10:58:35,558 ERROR [org.springframework.transaction.interceptor.TransactionInterceptor] - Application exception overridden by commit exception 
INVALID_TICKET 
at org.jasig.cas.CentralAuthenticationServiceImpl.getTicket(CentralAuthenticationServiceImpl.java:520) 
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
加载中
0
liuwangpan
liuwangpan
用的4.0  没碰到这个问题 INVALID_TICKET 这个应该是客户端没配置好的原因 
liuwangpan
liuwangpan
@JarvisZhu 回复@JarvisZhu : 你可以发下你的配置文件
J
JarvisZhu
您好,能不能麻烦您抽空看下我的配置文件有没有问题?或者还有哪些配置文件需要修改?能不能麻烦您抽空看下,谢谢
返回顶部
顶部