Why was SSO authentication fail after the CAS authentication server was configured? - FAQ

Q: Why was SSO authentication fail after the CAS authentication server was configured?

A: If the CAS authentication server and the GIS server are not on the same machine, because of the time difference between the two machines, sometimes it would result in unsuccessful logon verification. In this case it is required to adjust the time of these two machines to the same, or enlarge the fault tolerance of time difference, of which the default value is 3 minutes in iServer(or iProtal, iExpress). The way to modify the tolerance of time difference is to edit shiro.ini (under WEB-INF) and modify the cas Realm.tolerance parameters as follows(unit is milliseconds);
…
casRealm.enabled = false
casRealm.reserveSystemAccount = true
casRealm.casServerUrlPrefix = http://{ip}:{port}/cas
casRealm.casService = http://{ip}:{port}/{contextPath}/shiro-cas
casRealm.securityInfoDAO = $sqliteRealm
casRealm.tolerance = 180000
…

08 Jul,2019

Tags:iserver

More iServer FAQ

View All

What is GIS

About SuperMap GIS

Key Technologies

SuperMap GIS 2023 New!!

Previous Versions

More iServer FAQ

What are the possible reasons of SuperMap iServer services collapse?

How to set that someone can't use my token?

Why WMTS 1.0.0 services published by SuperMap iServer can not open in common tool Gaia?