tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kristin Coles" <kristin.co...@gmail.com>
Subject Re: How to disable Session Persistence in Tomcat 5.5.9
Date Thu, 15 Nov 2007 19:17:39 GMT
You are right Pid! CAS works using a Ticket Granting Cookie (which
references a Ticket Granting Ticket in an HTTP session). I assumed
that the Ticket Granting Cookie would be meaningless after the Tomcat
restart because the Ticket Granting Ticket object no longer exists on
the Server. However, that seems to be the default CAS behavior. I've
asked CAS guys for an explanation.

However this ordeal helped me learn more about Tomcat configuration.

My sincere Thanks to you and especially Charles for your prompt and
helpful answers.

Regards,
Kristin

On Nov 15, 2007 11:36 AM, Pid <p@pidster.com> wrote:
> Kristin Coles wrote:
> > Hey Charles,
> >
> > Thank you very much for the detailed explanation. I did the following
> > to disable session persistence, but.....
> >
> > #Tomcat\conf\server.xml
> > <Host name="kristin" appBase="webapps"
> > unpackWARs="true" autoDeploy="true"
> > xmlValidation="false" xmlNamespaceAware="false" expireSessionsOnShutdown="true">
> >       <Context path="" docBase="cas">
> >       <Manager className="org.apache.catalina.session.PersistentManager"
> > debug="0" saveOnRestart="false"></Manager>
> >       </Context>
> > </Host>
> >
> > I know that PersitentManager is not advisable but I got the following
> > message in Tomcat logs as a proof that it did disable session
> > pesistence....
> > [org.apache.catalina.session.PersistentManagerBase] : No Store
> > configured, persistence disabled
> >
> > HOWEVER, when I restart Tomcat and go to https://kristin/login, I
> > still get the message "You have successfully logged into the Central
> > Authentication Service."!
> >
> > I am completely stumped! Tomcat gurus please advise! Please note that
> > CAS is an application based on Spring framework.
>
> How does CAS work?  Is it, for example, leaving a persistent cookie that
> is causing you to be reauthenticated?
>
> If that was the case then you could do whatever you liked with Tomcat
> sessions and it would have little or no bearing on your login status.
>
> Test this by examining your cookies.
>
>
>
> p
>
>
> > Regards,
> > Kristin
> >
> > PS: Do you guys think this is a CAS issue rather than a Tomcat one?
> >
> > PPS: Few other things that I tried are...
> > 1. Use StandardManager with pathname=""
> > 2. Removed the context and manager elements from server.xml and
> > created an individual context.xml file under Tomcat\Catalina\kristin
> > directory.
> >
> > On Nov 14, 2007 7:31 PM, Caldarale, Charles R
> > <Chuck.Caldarale@unisys.com> wrote:
> >>> From: "Kristin Coles" <kristin.coles@gmail.com>
> >>> Subject: How to disable Session Persistence in Tomcat 5.5.9
> >>>
> >>> # Tomcat\conf\server.xml (version 1)
> >>> <Host name="cas" appBase="webapps\cas"
> >>> <Context path="" docBase="">
> >> The above is incorrect; your appBase should be "webapps", and docBase
> >> should be "cas".  What you've specified is illegal, but is not always
> >> detected.
> >>
> >>> <Manager className="org.apache.catalina.session.PersistentManager"
> >> As the doc states, the PersistentManager is not ready for prime time -
> >> you really don't want to mess with it.
> >>
> >> By specifying a <Manager> element inside the <Context>, you override
the
> >> one in conf/context.xml, thereby rendering your previous configuration
> >> useless.
> >>
> >>> # Tomcat\conf\server.xml (version 2)
> >>> <Host name="cas" appBase="webapps\cas"
> >>> <Context path="" docBase="">
> >> Same comment as above.
> >>
> >>> <Manager className="org.apache.catalina.session.StandardManager"
> >>> debug="0" pathname ="">
> >> Is that a typo, or do you really have an extra space after pathname?
> >>
> >> Note that placing <Context> elements in server.xml is strongly
> >> discouraged these days; you might want to consider one of the standard
> >> locations, and get rid of the path and docBase attributes.  If you want
> >> cas to be the default app, simply name it ROOT.
> >>
> >> Fix the obvious errors, and then let's see what happens.
> >>
> >>  - Chuck
> >>
> >>
> >> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
> >> MATERIAL and is thus for use only by the intended recipient. If you
> >> received this in error, please contact the sender and delete the e-mail
> >> and its attachments from all computers.
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To start a new topic, e-mail: users@tomcat.apache.org
> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >>
> >>
> >
> > ---------------------------------------------------------------------
> > To start a new topic, e-mail: users@tomcat.apache.org
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message