danieldbower · September 6, 2012 17:59
diff --git a/deployerConfigContext.xml b/deployerConfigContext.xml
 <?xml version="1.0" encoding="UTF-8"?>
 <!-- | deployerConfigContext.xml centralizes into one file some of the declarative 
 	configuration that | all CAS deployers will need to modify. | | This file 
 	declares some of the Spring-managed JavaBeans that make up a CAS deployment. 
 	| The beans declared in this file are instantiated at context initialization 
 	time by the Spring | ContextLoaderListener declared in web.xml. It finds 
 	this file because this | file is among those declared in the context parameter 
 	"contextConfigLocation". | | By far the most common change you will need 
 	to make in this file is to change the last bean | declaration to replace 
 	the default SimpleTestUsernamePasswordAuthenticationHandler with | one implementing 
 	your approach for authenticating usernames and passwords. + -->

 <!-- ~ Licensed to Jasig under one or more contributor license ~ agreements. 
 	See the NOTICE file distributed with this work ~ for additional information 
 	regarding copyright ownership. ~ Jasig licenses this file to you under the 
 	Apache License, ~ Version 2.0 (the "License"); you may not use this file 
 	~ except in compliance with the License. You may obtain a ~ copy of the License 
 	at the following location: ~ ~ http://www.apache.org/licenses/LICENSE-2.0 
 	~ ~ Unless required by applicable law or agreed to in writing, ~ software 
 	distributed under the License is distributed on an ~ "AS IS" BASIS, WITHOUT 
 	WARRANTIES OR CONDITIONS OF ANY ~ KIND, either express or implied. See the 
 	License for the ~ specific language governing permissions and limitations 
 	~ under the License. -->

 <beans xmlns="http://www.springframework.org/schema/beans"
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
 	xmlns:sec="http://www.springframework.org/schema/security" xmlns:tx="http://www.springframework.org/schema/tx"
 	xsi:schemaLocation="
       http://www.springframework.org/schema/beans     http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
       http://www.springframework.org/schema/security  http://www.springframework.org/schema/security/spring-security-3.1.xsd
       http://www.springframework.org/schema/tx        http://www.springframework.org/schema/tx/spring-tx-3.1.xsd">

 	<!-- Pooled DataSource using c3p0 -->
 	<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource"
 		p:driverClass="${database.driverClass}" p:jdbcUrl="${database.url}"
 		p:user="${database.user}" p:password="${database.password}"
 		p:initialPoolSize="${database.pool.minSize}" p:minPoolSize="${database.pool.minSize}"
 		p:maxPoolSize="${database.pool.maxSize}"
 		p:maxIdleTimeExcessConnections="${database.pool.maxIdleTime}"
 		p:checkoutTimeout="${database.pool.maxWait}" p:acquireIncrement="${database.pool.acquireIncrement}"
 		p:acquireRetryAttempts="${database.pool.acquireRetryAttempts}"
 		p:acquireRetryDelay="${database.pool.acquireRetryDelay}"
 		p:idleConnectionTestPeriod="${database.pool.idleConnectionTestPeriod}"
 		p:preferredTestQuery="${database.pool.connectionHealthQuery}" />

 	<!-- JPA Definition - See also persistence.xml -->
 	<bean id="entityManagerFactory"
 		class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
 		<property name="dataSource" ref="dataSource" />
 		<property name="jpaVendorAdapter">
 			<bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
 				<property name="generateDdl" value="true" />
 				<property name="showSql" value="true" />
 			</bean>
 		</property>
 		<property name="jpaProperties">
 			<props>
 				<prop key="hibernate.dialect">${database.hibernate.dialect}</prop>
 				<prop key="hibernate.hbm2ddl.auto">update</prop>
 			</props>
 		</property>
 	</bean>

 	<!-- Injects EntityManager/Factory instances into beans with @PersistenceUnit 
 		and @PersistenceContext -->
 	<bean
 		class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor" />

 	<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager"
 		p:entityManagerFactory-ref="entityManagerFactory" />

 	<tx:annotation-driven transaction-manager="transactionManager" />

 	<!-- | This bean declares our AuthenticationManager. The CentralAuthenticationService 
 		service bean | declared in applicationContext.xml picks up this AuthenticationManager 
 		by reference to its id, | "authenticationManager". Most deployers will be 
 		able to use the default AuthenticationManager | implementation and so do 
 		not need to change the class of this bean. We include the whole | AuthenticationManager 
 		here in the userConfigContext.xml so that you can see the things you will 
 		| need to change in context. + -->
 	<bean id="authenticationManager" class="org.jasig.cas.authentication.AuthenticationManagerImpl">

 		<!-- Uncomment the metadata populator to allow clearpass to capture and 
 			cache the password This switch effectively will turn on clearpass. <property 
 			name="authenticationMetaDataPopulators"> <list> <bean class="org.jasig.cas.extension.clearpass.CacheCredentialsMetaDataPopulator"> 
 			<constructor-arg index="0" ref="credentialsCache" /> </bean> </list> </property> -->

 		<!-- | This is the List of CredentialToPrincipalResolvers that identify 
 			what Principal is trying to authenticate. | The AuthenticationManagerImpl 
 			considers them in order, finding a CredentialToPrincipalResolver which | 
 			supports the presented credentials. | | AuthenticationManagerImpl uses these 
 			resolvers for two purposes. First, it uses them to identify the Principal 
 			| attempting to authenticate to CAS /login . In the default configuration, 
 			it is the DefaultCredentialsToPrincipalResolver | that fills this role. If 
 			you are using some other kind of credentials than UsernamePasswordCredentials, 
 			you will need to replace | DefaultCredentialsToPrincipalResolver with a CredentialsToPrincipalResolver 
 			that supports the credentials you are | using. | | Second, AuthenticationManagerImpl 
 			uses these resolvers to identify a service requesting a proxy granting ticket. 
 			| In the default configuration, it is the HttpBasedServiceCredentialsToPrincipalResolver 
 			that serves this purpose. | You will need to change this list if you are 
 			identifying services by something more or other than their callback URL. 
 			+ -->
 		<property name="credentialsToPrincipalResolvers">
 			<list>
 				<!-- | UsernamePasswordCredentialsToPrincipalResolver supports the UsernamePasswordCredentials 
 					that we use for /login | by default and produces SimplePrincipal instances 
 					conveying the username from the credentials. | | If you've changed your LoginFormAction 
 					to use credentials other than UsernamePasswordCredentials then you will also 
 					| need to change this bean declaration (or add additional declarations) to 
 					declare a CredentialsToPrincipalResolver that supports the | Credentials 
 					you are using. + -->
 				<bean
 					class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver">
 					<property name="attributeRepository" ref="attributeRepository" />
 				</bean>
 				
 				<!-- | HttpBasedServiceCredentialsToPrincipalResolver supports HttpBasedCredentials. 
 					It supports the CAS 2.0 approach of | authenticating services by SSL callback, 
 					extracting the callback URL from the Credentials and representing it as a 
 					| SimpleService identified by that callback URL. | | If you are representing 
 					services by something more or other than an HTTPS URL whereat they are able 
 					to | receive a proxy callback, you will need to change this bean declaration 
 					(or add additional declarations). + -->
 				<bean
 					class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
 			</list>
 		</property>

 		<!-- | Whereas CredentialsToPrincipalResolvers identify who it is some 
 			Credentials might authenticate, | AuthenticationHandlers actually authenticate 
 			credentials. Here we declare the AuthenticationHandlers that | authenticate 
 			the Principals that the CredentialsToPrincipalResolvers identified. CAS will 
 			try these handlers in turn | until it finds one that both supports the Credentials 
 			presented and succeeds in authenticating. + -->
 		<property name="authenticationHandlers">
 			<list>
 				<!-- | This is the authentication handler that authenticates services 
 					by means of callback via SSL, thereby validating | a server side SSL certificate. 
 					+ -->
 				<bean
 					class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
 					p:httpClient-ref="httpClient" />
 				<!-- | This is the authentication handler declaration that every CAS 
 					deployer will need to change before deploying CAS | into production. The 
 					default SimpleTestUsernamePasswordAuthenticationHandler authenticates UsernamePasswordCredentials 
 					| where the username equals the password. You will need to replace this with 
 					an AuthenticationHandler that implements your | local authentication strategy. 
 					You might accomplish this by coding a new such handler and declaring | edu.someschool.its.cas.MySpecialHandler 
 					here, or you might use one of the handlers provided in the adaptors modules. 
 					+ -->
 				<bean class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />
 			</list>
 		</property>
 	</bean>

 	<!-- Modify security of CAS services/manage.html app to use SAML instead of 
 		CAS 2.0 protocol - overrides the bean in 
 		WEB-INF/spring-configuration/securityContext.xml -->
 	<bean id="casAuthenticationProvider"
 		class="org.springframework.security.cas.authentication.CasAuthenticationProvider"
 		p:key="my_password_for_this_auth_provider_only"
 		p:serviceProperties-ref="serviceProperties">
 		<property name="authenticationUserDetailsService" ref="userDetailsService"/>
 		<property name="ticketValidator">
 			<bean class="org.jasig.cas.client.validation.Saml11TicketValidator">
 				<constructor-arg index="0"
 					value="${cas.securityContext.ticketValidator.casServerUrlPrefix}" />
 			</bean>
 		</property>
 	</bean>

 	<!-- Provides group membership to CAS services/manage.html app using SAML -->
 	<bean id="userDetailsService"
 		class="org.springframework.security.cas.userdetails.GrantedAuthorityFromAssertionAttributesUserDetailsService">
 		<constructor-arg>
 			<list>
 				<value>groupMembership</value>
 			</list>
 		</constructor-arg>
 	</bean>

 	<!-- Use JPA to store which services have access to CAS and its attributes -->
 	<bean id="serviceRegistryDao" class="org.jasig.cas.services.JpaServiceRegistryDaoImpl">
 		<property name="entityManagerFactory" ref="entityManagerFactory" />
 	</bean>

 	<!-- Pulls attributes for users from the list of PersonAttributeDaos and merge them together.  
 		These attributes are then pushed via SAML as configured in services/manage.html -->
 	<bean id="attributeRepository" class="org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl">
 		<property name="personAttributeDaos">
 			<list>
 				<!-- Access username/role combinations (authorities/groupMembership).  These could just as easily come from ldap or even another source -->
 				<bean class="com.bowerstudios.cas.UserRolePersonAttributeDaoImpl" />
 				<!-- Placeholder for later ldap implementation -->
 				<bean class="org.jasig.services.persondir.support.ComplexStubPersonAttributeDao">
 					<property name="backingMap">
 						<map>
 							<entry key="admin">
 								<map>
 									<entry key="firstName" value="Joe" />
 									<entry key="lastName" value="Admin" />
 									<entry key="email" value="[email protected]" />
 									<entry key="enabled" value="true" />
 								</map>
 							</entry>
 							<entry key="user">
 								<map>
 									<entry key="firstName" value="Joe" />
 									<entry key="lastName" value="User" />
 									<entry key="email" value="[email protected]" />
 									<entry key="enabled" value="true" />
 								</map>
 							</entry>
 						</map>
 					</property>
 				</bean>
 			</list>
 		</property>
 	</bean>
 	
 	<bean id="auditTrailManager"
 		class="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager" />

 	<bean id="healthCheckMonitor" class="org.jasig.cas.monitor.HealthCheckMonitor">
 		<property name="monitors">
 			<list>
 				<bean class="org.jasig.cas.monitor.MemoryMonitor"
 					p:freeMemoryWarnThreshold="10" />
 				<!-- NOTE The following ticket registries support SessionMonitor: * DefaultTicketRegistry 
 					* JpaTicketRegistry Remove this monitor if you use an unsupported registry. -->
 				<bean class="org.jasig.cas.monitor.SessionMonitor"
 					p:ticketRegistry-ref="ticketRegistry"
 					p:serviceTicketCountWarnThreshold="5000"
 					p:sessionCountWarnThreshold="100000" />
 			</list>
 		</property>
 	</bean>

 </beans>
	<?xml version="1.0" encoding="UTF-8"?>
	<!-- \| deployerConfigContext.xml centralizes into one file some of the declarative
	configuration that \| all CAS deployers will need to modify. \| \| This file
	declares some of the Spring-managed JavaBeans that make up a CAS deployment.
	\| The beans declared in this file are instantiated at context initialization
	time by the Spring \| ContextLoaderListener declared in web.xml. It finds
	this file because this \| file is among those declared in the context parameter
	"contextConfigLocation". \| \| By far the most common change you will need
	to make in this file is to change the last bean \| declaration to replace
	the default SimpleTestUsernamePasswordAuthenticationHandler with \| one implementing
	your approach for authenticating usernames and passwords. + -->

	<!-- ~ Licensed to Jasig under one or more contributor license ~ agreements.
	See the NOTICE file distributed with this work ~ for additional information
	regarding copyright ownership. ~ Jasig licenses this file to you under the
	Apache License, ~ Version 2.0 (the "License"); you may not use this file
	~ except in compliance with the License. You may obtain a ~ copy of the License
	at the following location: ~ ~ http://www.apache.org/licenses/LICENSE-2.0
	~ ~ Unless required by applicable law or agreed to in writing, ~ software
	distributed under the License is distributed on an ~ "AS IS" BASIS, WITHOUT
	WARRANTIES OR CONDITIONS OF ANY ~ KIND, either express or implied. See the
	License for the ~ specific language governing permissions and limitations
	~ under the License. -->

	<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
	xmlns:sec="http://www.springframework.org/schema/security" xmlns:tx="http://www.springframework.org/schema/tx"
	xsi:schemaLocation="
	http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
	http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
	http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.1.xsd">

	<!-- Pooled DataSource using c3p0 -->
	<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource"
	p:driverClass="${database.driverClass}" p:jdbcUrl="${database.url}"
	p:user="${database.user}" p:password="${database.password}"
	p:initialPoolSize="${database.pool.minSize}" p:minPoolSize="${database.pool.minSize}"
	p:maxPoolSize="${database.pool.maxSize}"
	p:maxIdleTimeExcessConnections="${database.pool.maxIdleTime}"
	p:checkoutTimeout="${database.pool.maxWait}" p:acquireIncrement="${database.pool.acquireIncrement}"
	p:acquireRetryAttempts="${database.pool.acquireRetryAttempts}"
	p:acquireRetryDelay="${database.pool.acquireRetryDelay}"
	p:idleConnectionTestPeriod="${database.pool.idleConnectionTestPeriod}"
	p:preferredTestQuery="${database.pool.connectionHealthQuery}" />

	<!-- JPA Definition - See also persistence.xml -->
	<bean id="entityManagerFactory"
	class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
	<property name="dataSource" ref="dataSource" />
	<property name="jpaVendorAdapter">
	<bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
	<property name="generateDdl" value="true" />
	<property name="showSql" value="true" />
	</bean>
	</property>
	<property name="jpaProperties">
	<props>
	<prop key="hibernate.dialect">${database.hibernate.dialect}</prop>
	<prop key="hibernate.hbm2ddl.auto">update</prop>
	</props>
	</property>
	</bean>

	<!-- Injects EntityManager/Factory instances into beans with @PersistenceUnit
	and @PersistenceContext -->
	<bean
	class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor" />

	<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager"
	p:entityManagerFactory-ref="entityManagerFactory" />

	<tx:annotation-driven transaction-manager="transactionManager" />

	<!-- \| This bean declares our AuthenticationManager. The CentralAuthenticationService
	service bean \| declared in applicationContext.xml picks up this AuthenticationManager
	by reference to its id, \| "authenticationManager". Most deployers will be
	able to use the default AuthenticationManager \| implementation and so do
	not need to change the class of this bean. We include the whole \| AuthenticationManager
	here in the userConfigContext.xml so that you can see the things you will
	\| need to change in context. + -->
	<bean id="authenticationManager" class="org.jasig.cas.authentication.AuthenticationManagerImpl">

	<!-- Uncomment the metadata populator to allow clearpass to capture and
	cache the password This switch effectively will turn on clearpass. <property
	name="authenticationMetaDataPopulators"> <list> <bean class="org.jasig.cas.extension.clearpass.CacheCredentialsMetaDataPopulator">
	<constructor-arg index="0" ref="credentialsCache" /> </bean> </list> </property> -->

	<!-- \| This is the List of CredentialToPrincipalResolvers that identify
	what Principal is trying to authenticate. \| The AuthenticationManagerImpl
	considers them in order, finding a CredentialToPrincipalResolver which \|
	supports the presented credentials. \| \| AuthenticationManagerImpl uses these
	resolvers for two purposes. First, it uses them to identify the Principal
	\| attempting to authenticate to CAS /login . In the default configuration,
	it is the DefaultCredentialsToPrincipalResolver \| that fills this role. If
	you are using some other kind of credentials than UsernamePasswordCredentials,
	you will need to replace \| DefaultCredentialsToPrincipalResolver with a CredentialsToPrincipalResolver
	that supports the credentials you are \| using. \| \| Second, AuthenticationManagerImpl
	uses these resolvers to identify a service requesting a proxy granting ticket.
	\| In the default configuration, it is the HttpBasedServiceCredentialsToPrincipalResolver
	that serves this purpose. \| You will need to change this list if you are
	identifying services by something more or other than their callback URL.
	+ -->
	<property name="credentialsToPrincipalResolvers">
	<list>
	<!-- \| UsernamePasswordCredentialsToPrincipalResolver supports the UsernamePasswordCredentials
	that we use for /login \| by default and produces SimplePrincipal instances
	conveying the username from the credentials. \| \| If you've changed your LoginFormAction
	to use credentials other than UsernamePasswordCredentials then you will also
	\| need to change this bean declaration (or add additional declarations) to
	declare a CredentialsToPrincipalResolver that supports the \| Credentials
	you are using. + -->
	<bean
	class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver">
	<property name="attributeRepository" ref="attributeRepository" />
	</bean>

	<!-- \| HttpBasedServiceCredentialsToPrincipalResolver supports HttpBasedCredentials.
	It supports the CAS 2.0 approach of \| authenticating services by SSL callback,
	extracting the callback URL from the Credentials and representing it as a
	\| SimpleService identified by that callback URL. \| \| If you are representing
	services by something more or other than an HTTPS URL whereat they are able
	to \| receive a proxy callback, you will need to change this bean declaration
	(or add additional declarations). + -->
	<bean
	class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
	</list>
	</property>

	<!-- \| Whereas CredentialsToPrincipalResolvers identify who it is some
	Credentials might authenticate, \| AuthenticationHandlers actually authenticate
	credentials. Here we declare the AuthenticationHandlers that \| authenticate
	the Principals that the CredentialsToPrincipalResolvers identified. CAS will
	try these handlers in turn \| until it finds one that both supports the Credentials
	presented and succeeds in authenticating. + -->
	<property name="authenticationHandlers">
	<list>
	<!-- \| This is the authentication handler that authenticates services
	by means of callback via SSL, thereby validating \| a server side SSL certificate.
	+ -->
	<bean
	class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
	p:httpClient-ref="httpClient" />
	<!-- \| This is the authentication handler declaration that every CAS
	deployer will need to change before deploying CAS \| into production. The
	default SimpleTestUsernamePasswordAuthenticationHandler authenticates UsernamePasswordCredentials
	\| where the username equals the password. You will need to replace this with
	an AuthenticationHandler that implements your \| local authentication strategy.
	You might accomplish this by coding a new such handler and declaring \| edu.someschool.its.cas.MySpecialHandler
	here, or you might use one of the handlers provided in the adaptors modules.
	+ -->
	<bean class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />
	</list>
	</property>
	</bean>

	<!-- Modify security of CAS services/manage.html app to use SAML instead of
	CAS 2.0 protocol - overrides the bean in
	WEB-INF/spring-configuration/securityContext.xml -->
	<bean id="casAuthenticationProvider"
	class="org.springframework.security.cas.authentication.CasAuthenticationProvider"
	p:key="my_password_for_this_auth_provider_only"
	p:serviceProperties-ref="serviceProperties">
	<property name="authenticationUserDetailsService" ref="userDetailsService"/>
	<property name="ticketValidator">
	<bean class="org.jasig.cas.client.validation.Saml11TicketValidator">
	<constructor-arg index="0"
	value="${cas.securityContext.ticketValidator.casServerUrlPrefix}" />
	</bean>
	</property>
	</bean>

	<!-- Provides group membership to CAS services/manage.html app using SAML -->
	<bean id="userDetailsService"
	class="org.springframework.security.cas.userdetails.GrantedAuthorityFromAssertionAttributesUserDetailsService">
	<constructor-arg>
	<list>
	<value>groupMembership</value>
	</list>
	</constructor-arg>
	</bean>

	<!-- Use JPA to store which services have access to CAS and its attributes -->
	<bean id="serviceRegistryDao" class="org.jasig.cas.services.JpaServiceRegistryDaoImpl">
	<property name="entityManagerFactory" ref="entityManagerFactory" />
	</bean>

	<!-- Pulls attributes for users from the list of PersonAttributeDaos and merge them together.
	These attributes are then pushed via SAML as configured in services/manage.html -->
	<bean id="attributeRepository" class="org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl">
	<property name="personAttributeDaos">
	<list>
	<!-- Access username/role combinations (authorities/groupMembership). These could just as easily come from ldap or even another source -->
	<bean class="com.bowerstudios.cas.UserRolePersonAttributeDaoImpl" />
	<!-- Placeholder for later ldap implementation -->
	<bean class="org.jasig.services.persondir.support.ComplexStubPersonAttributeDao">
	<property name="backingMap">
	<map>
	<entry key="admin">
	<map>
	<entry key="firstName" value="Joe" />
	<entry key="lastName" value="Admin" />
	<entry key="email" value="[email protected]" />
	<entry key="enabled" value="true" />
	</map>
	</entry>
	<entry key="user">
	<map>
	<entry key="firstName" value="Joe" />
	<entry key="lastName" value="User" />
	<entry key="email" value="[email protected]" />
	<entry key="enabled" value="true" />
	</map>
	</entry>
	</map>
	</property>
	</bean>
	</list>
	</property>
	</bean>

	<bean id="auditTrailManager"
	class="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager" />

	<bean id="healthCheckMonitor" class="org.jasig.cas.monitor.HealthCheckMonitor">
	<property name="monitors">
	<list>
	<bean class="org.jasig.cas.monitor.MemoryMonitor"
	p:freeMemoryWarnThreshold="10" />
	<!-- NOTE The following ticket registries support SessionMonitor: * DefaultTicketRegistry
	* JpaTicketRegistry Remove this monitor if you use an unsupported registry. -->
	<bean class="org.jasig.cas.monitor.SessionMonitor"
	p:ticketRegistry-ref="ticketRegistry"
	p:serviceTicketCountWarnThreshold="5000"
	p:sessionCountWarnThreshold="100000" />
	</list>
	</property>
	</bean>

	</beans>