shibboleth-dev - Re: State replication extension for Shibboleth 1.3 IdP
Subject: Shibboleth Developers
List archive
- From: Jim Fox <>
- To:
- Subject: Re: State replication extension for Shibboleth 1.3 IdP
- Date: Mon, 17 Oct 2005 11:36:11 -0700 (PDT)
I finally got some time to work on this again, but I was not able to reproduce you're problem. What's your environment like (JDK, Tomcat, versions, etc)?
Which problem? all of them?
One system: Linux 2.4.21-4.ELsmp
Apache 2.0.52
Tomcat/5.5.4
Java 1.5.0_01
Other system: Linux 2.4.21-27.0.2.ELsmp
Apache 1.3.33
Tomcat/5.5.9
Java 1.6.0-ea-b55
Without the clone of the recovered, serialized assertion we get a
java.lang.ClassCastException: org.apache.xerces.dom.DocumentImpl
when attempting to deserialize the assertion. This causes
an error 500 response the the attribute query.
Without the cache loader we get 'artifact not found' errors.
Jim
Jim Fox wrote:
We've done some testing of clustered E-Auth CS (IdP) servers
using Chad's JBoss replication method.
http://www.middleware.georgetown.edu/dokuwiki/doku.php/projects:hashib:home
Initial results look promising. We had to make a couple of changes to get it to work.
1) In the ReplicatedArtifactMapper class we had to use a clone
of the recovered assertion [ cacheObject.getAssertion() ]
when creating the artifactMapping. (Something to do with
the DOM classes needing a 'deep' copy of the tree.)
2) We didn't get any replication until adding a cache loader.
Specifically added this to the config:
<attribute name="ReplQueueMaxElements">0</attribute>
<attribute name="FetchStateOnStartup">true</attribute>
<attribute name="CacheLoaderClass">org.jboss.cache.loader.FileCacheLoader</attribute>
<attribute name="CacheLoaderConfig">
location=/tmp/
</attribute>
<attribute name="CacheLoaderShared">false</attribute>
<attribute name="CacheLoaderPreload">/</attribute>
We used this just for artifact retrieval, didn't try the the
ReplicatedHandleMapper. Also didn't try the encrypt mode.
Will probably use an openvpn encrypted channel instead.
Jim
--
Chad La Joie 315Q St. Mary's Hall
Project Sentinel 202.687.0124
- Re: State replication extension for Shibboleth 1.3 IdP, Jim Fox, 10/03/2005
- Re: State replication extension for Shibboleth 1.3 IdP, Chad La Joie, 10/03/2005
- Re: State replication extension for Shibboleth 1.3 IdP, Jim Fox, 10/03/2005
- Re: State replication extension for Shibboleth 1.3 IdP, Chad La Joie, 10/17/2005
- Re: State replication extension for Shibboleth 1.3 IdP, Jim Fox, 10/17/2005
- Re: State replication extension for Shibboleth 1.3 IdP, Chad La Joie, 10/19/2005
- Re: State replication extension for Shibboleth 1.3 IdP, Jim Fox, 10/17/2005
- Re: State replication extension for Shibboleth 1.3 IdP, Chad La Joie, 10/03/2005
Archive powered by MHonArc 2.6.16.