Maksim,
Hazelcast is distributed but not replicated. Thus, when a server goes down, the
tickets on that server are lost. You have to relogin only if your ticket was on
that server.
Hazelcast has some mechanism of determining which node has which ticket. It may
also be possible to make hazelcast replicated but I have not tried.
Ray
P.S. you have two node3s in your config.
On Fri, 2020-01-31 at 11:51 -0800, 'Maksim Kopeyka' via CAS Community wrote:
Hi Andy,
Your example is very helpful. Thank you.
I see how hazelcast tickets registry works on my local env. I turned off active
container and another container continues to work with my active session
without relogin.
However on my remote env. with CAS 6.1.3 it doesn't work in this way. Load
balancer ask me to re-login If I turn off active container.
Each node with hazelcast sees other nodes. I see such messages on all nodes in
case node1 is turned off:
WARN [com.hazelcast.nio.tcp.TcpIpConnectionErrorHandler] - <[node2]:5701 [dev]
[3.12.4] Removing connection to endpoint [node1]:5701 Cause =>
java.net.SocketException {Connection refused to address
node1/xx.xx.xx.xx:5701}, Error-Count: 5>
WARN [com.hazelcast.internal.cluster.impl.MembershipManager] - <[node2]:5701
[dev] [3.12.4] Member [node1]:5701 - b1fba639-dfff-4536-b5f4-a8681920594d is
suspected to be dead for reason: No connection>
WARN [com.hazelcast.nio.tcp.TcpIpConnectionErrorHandler] - <[node2]:5701 [dev]
[3.12.4] Removing connection to endpoint [node1]:5701 Cause =>
java.net.SocketException {Connection refused to address
node1/xx.xx.xx.xx:5701}, Error-Count: 6>
WARN [com.hazelcast.nio.tcp.TcpIpConnectionErrorHandler] - <[node2]:5701 [dev]
[3.12.4] Removing connection to endpoint [node1]:5701 Cause =>
java.net.SocketException {Connection refused to address
node1/xx.xx.xx.xx:5701}, Error-Count: 7>
WARN [com.hazelcast.nio.tcp.TcpIpConnectionErrorHandler] - <[node2]:5701 [dev]
[3.12.4] Removing connection to endpoint [node1]:5701 Cause =>
java.net.SocketException {Connection refused to address
node1/xx.xx.xx.xx:57001}, Error-Count: 8>
This is my hazelcast settings:
cas.ticket.registry.hazelcast.cluster.members=node1:5701,node2:5701,node3:5701,node3:5701
cas.ticket.registry.hazelcast.cluster.asyncBackupCount=3
cas.ticket.registry.hazelcast.cluster.port=5701
cas.ticket.registry.hazelcast.cluster.portAutoIncrement=false
cas.ticket.registry.hazelcast.cluster.instanceName=localhost
cas.ticket.registry.hazelcast.cluster.publicAddress=node1:5701
cas.ticket.registry.hazelcast.cluster.tcpipEnabled=true
Why hazelcast doesn't share data across the cluster?
These messages I see on startup
WARN [com.hazelcast.instance.AddressPicker] - <[LOCAL] [dev] [3.12.4] You
configured your member address as host name. Please be aware of that your dns
can be spoofed. Make sure that your dns configurations are correct.>
WARN [com.hazelcast.instance.AddressPicker] - <[LOCAL] [dev] [3.12.4] You
configured your member address as host name. Please be aware of that your dns
can be spoofed. Make sure that your dns configurations are correct.>
WARN [com.hazelcast.instance.AddressPicker] - <[LOCAL] [dev] [3.12.4] You
configured your member address as host name. Please be aware of that your dns
can be spoofed. Make sure that your dns configurations are correct.>
WARN [com.hazelcast.instance.AddressPicker] - <[LOCAL] [dev] [3.12.4] You
configured your member address as host name. Please be aware of that your dns
can be spoofed. Make sure that your dns configurations are correct.>
WARN [com.hazelcast.instance.AddressPicker] - <[LOCAL] [dev] [3.12.4] Could not
find a matching address to start with! Picking one of non-loopback addresses.>
INFO [org.apereo.cas.util.CoreTicketUtils] - <Ticket registry
encryption/signing is turned off. This MAY NOT be safe in a clustered
production environment. Consider using other choices to handle encryption,
signing and verification of ticket registry tickets, and verify the chosen
ticket registry does support this behavior.>
On Wednesday, January 22, 2020 at 3:18:34 AM UTC+2, Andy Ng wrote:
Hi Maksim,
Pretty sure:
cas.ticket.registry.hazelcast.cluster.public-address
and
cas.ticket.registry.hazelcast.cluster.publicAddress
Both works the same, since spring property allows both camelCase and kebak-case.
And I did successfully use docker CAS and use Hazelcast as ticketing system,
however I am using it for demo so I just included a whole bunch of private IP
so it works......
here's my CAS properties:
cas.ticket.registry.hazelcast.cluster.members=172.20.0.1,172.20.0.2,172.20.0.3,172.20.0.4,172.20.0.5,172.20.0.6,172.20.0.7,172.20.0.8,172.20.0.9,172.20.0.10
cas.ticket.registry.hazelcast.cluster.instanceName=localhost
my project link as well so you can reference if want to:
https://github.com/NgSekLong/SelectUrCAS/blob/master/source/ticket-registry/hazelcast/cas.yml
Cheers!
- Andy
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]<mailto:[email protected]>
I respectfully acknowledge that my place of work is located within the
ancestral, traditional and unceded territory of the Songhees, Esquimalt and
WSÁNEĆ Nations.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/6ac4d97e6d8293797b46e87daf2a68d4174dc41d.camel%40uvic.ca.
