Texas A and M University

Here at Texas A&M University, we have been using CAS for a couple of years.

Server Specs:

Sun V480
4 x 1GHz processors
8GB RAM
Solaris 9

Software Configuration:

CAS 2.0.12
Tomcat 5.0.28
Apache 2.0.54
Tomcat Connectors 1.2.13

Configuration

We have two servers, one running in production and the second in standby mode. We use a Netscaler 9800 switch in front of the servers to route traffic to the production server. Within a matter of seconds, we can fail over to the standby server, if necessary, by issuing commands to the Netscaler. The switch eliminates the need to change IP addresses or re-address a server. The certificate for our NetID service is installed on the switch which makes it easy to move the production service. This is not a load-balanced application and in the event we have to failover the service, customers will have to login again. Our credential store is OpenLDAP utilizing Kerberos for storage of the password.

Notable Updates/Changes

We changed the logging for CAS to use log4j and a properties file that rotates logs on a daily basis. In conjunction with code running in the Netscaler, we use the mod_ipmagic Apache module to map client IP addresses through the switch. This allows the logging module to correctly reflect the IP address of the client instead of the address of the load balancer. We have also implemented the WatchfulPasswordHandler lockout feature utilizing a key composed of the client's IP address and their NetID.

Applications:

We have deployed CAS for a number of services including our Student Information Management System, the student software distribution site, Transportation Services for student parking and our application for checking the status of admissions applications. CAS is also used extensively for our departments intranet and Keystone, our problem tracking system.

Contact

Michael W. Bolton
Associate Director for Systems
Texas A&M University
Computing and Information Services