...
Now you have to replicate the files to the other CAS nodes. Well, we are , but CAS runs on a Web Server after all. We need to secure the dataserver and they are pretty good about transferring files over the network. The data has to be secure, but we are running use HTTPS to secure the regular user data. Cushy is a small amount of source, and if you feel like changing it to use shared disk or any other transport mechanism you can easily change it, but it is easier to understand and control network and node failure if you assume the data is replicated with HTTPS GET requests from server to server.
The big advantage of Cushy is that it is not a big "off the shelf" black box that you depend on without understanding it. Cushy is a moderately large Java source file, but there are bigger classes in CAS already. You can read it, understand it, and make any specific decisions and adjustments to meet any specific network, cluster, availability, or other requirements. If you need to change CAS in special ways, you have complete control and can adjust the replication to match those changes.
However, to do this Cushy does not even attempt to replicate Service Tickets to all the other nodes before the validate request is issued. Today the front end that routes requests among the nodes of the cluster can be programmed to route the validate request to the node that generated the ticket based on the node ID field at the end of the ticketfor the rest of the datastream and it will work just as well with the ticket backup file. The CAS servers have to authenticate themselves, so Cushy uses the same combination of Service Tickets and server certificates (as in the Proxy Callback) that CAS already uses for server authentication. In short, CAS already had all the problems solved and just needed to reapply existing solutions to its own housekeeping problem.
The "off the shelf" object replication technologies are all enormous black boxes with lots of complex code that no CAS programmer has ever read. As a result, CAS is not written correctly to use most of these packages. They have restrictions and CAS doesn't conform to those restrictions. The chance of failure is small, but if you run 24x7 it will eventually trigger a problem.
Cushy is a small amount of source and any Java programmer should be able to understand it. This means it can be customized to handle any special CAS requirements, which is something you cannot do with generic object cache libraries. It can also be customized to address local network configurations, failure patterns, disaster recovery, or availability profiles.
Executive Summary
This is a quick introduction for those in a hurry.
...