Re: Authentication Memcached + Tomcat

2014-11-03 Thread Nilson Uehara 
2014-11-02 4:34 GMT-02:00 Igor Cicimov icici...@gmail.com:

 On 01/11/2014 6:52 AM, Nilson Uehara nilueh...@gmail.com wrote:
 
  I'm testing Memcached to implement failover on my Tomcat servers.
 
  Is there any way of implementing security by user / password?
 From what I can see here

 https://code.google.com/p/memcached-session-manager/wiki/SetupAndConfiguration
 the instructions are pretty clear. You need memcache compiled and
 configured with sasl support and thats pretty much it.


I found the solution!
I included memcachedProtocol=binary in the context.xml.

Manager className=de.javakaffee.web.msm.MemcachedBackupSessionManager
memcachedNodes=n1:1.2.3.4:11211
memcachedProtocol=binary
requestUriIgnorePattern=.*\.(png|gif|jpg|css|js|ico)$
username=user
password=123
/

Re: Authentication Memcached + Tomcat

2014-11-01 Thread Nilson Uehara 
Dan,
I'm trying to implement Memcached with SASL authentication

https://code.google.com/p/memcached/wiki/SASLHowto

But I can not get Tomcat to connect to it

Nilson Uehara

2014-10-31 18:18 GMT-02:00 Daniel Mikusa dmik...@pivotal.io:

 On Fri, Oct 31, 2014 at 3:51 PM, Nilson Uehara nilueh...@gmail.com
 wrote:

  I'm testing Memcached to implement failover on my Tomcat servers.
 
  Is there any way of implementing security by user / password?
 

 Can you clarify this request?  Are these two separate thoughts, or is
 memcached somehow related to the security question?

 If it's just security you're after, then see this section in the docs.

   http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html

 Dan

Authentication Memcached + Tomcat

2014-10-31 Thread Nilson Uehara 
I'm testing Memcached to implement failover on my Tomcat servers.

Is there any way of implementing security by user / password?

Fwd:

2014-10-29 Thread Nilson Uehara 
I have a Ubuntu with 2 Tomcat7 with a cluster configurations.

The balancer is Apache MOD_JK.

*SERVER.XML:*

Engine name=Catalina defaultHost=localhost jvmRoute=no0
Cluster className=org.apache.catalina.ha.tcp.SimpleTcpCluster
 channelSendOptions=8
  Manager className=org.apache.catalina.ha.session.DeltaManager
   expireSessionsOnShutdown=false
   notifyListenersOnReplication=true/
  Channel
className=org.apache.catalina.tribes.group.GroupChannel
Membership
className=org.apache.catalina.tribes.membership.McastService
address=228.0.0.4
port=45564
frequency=500
dropTime=3/
Receiver
className=org.apache.catalina.tribes.transport.nio.NioReceiver
  address=10.0.2.15
  port=4001
  autoBind=100
  selectorTimeout=5000
  maxThreads=6/
Sender
className=org.apache.catalina.tribes.transport.ReplicationTransmitter
  Transport
className=org.apache.catalina.tribes.transport.nio.PooledParallelSender/
/Sender
Interceptor
className=org.apache.catalina.tribes.group.interceptors.TcpPingInterceptor/
Interceptor
className=org.apache.catalina.tribes.group.interceptors.TcpFailureDetector/
Interceptor
className=org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor/
  /Channel
  Valve className=org.apache.catalina.ha.tcp.ReplicationValve
filter=/
  Valve
className=org.apache.catalina.ha.session.JvmRouteBinderValve/
  !--Deployer
className=org.apache.catalina.ha.deploy.FarmWarDeployer
tempDir=/home/nilson/war-temp/
deployDir=/home/nilson/war-deploy/
watchDir=/home/nilson/war-listen/
watchEnabled=false/--
  ClusterListener
className=org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener/
  ClusterListener
className=org.apache.catalina.ha.session.ClusterSessionListener/
/Cluster


In server.xml of tomcat2, the ports are 8105, 8109 and 8180 and
jvmRoute=no1 and port=4002



*WORKERS.PROPERTIES:*
worker.list=no0, no1, cluster

worker.cluster.type=lb
worker.cluster.balance_workers=no0, no1
worker.cluster.sticky_session=1

worker.no0.type=ajp13
worker.no0.host=localhost
worker.no0.port=8009
worker.no0.lbfactor=1

worker.no1.type=ajp13
worker.no1.host=localhost
worker.no1.port=8109
worker.no1.lbfactor=1


*$ route*
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse
Iface
default 10.0.2.20.0.0.0 UG0  00 eth0
10.0.2.0*   255.255.255.0   U 1  00 eth0
224.0.0.0   *   240.0.0.0   U 0  00 eth0


*$ ifconfig*
eth0  Link encap:Ethernet  HWaddr 08:00:27:d2:22:ac
  inet addr:10.0.2.15  Bcast:10.0.2.255  Mask:255.255.255.0
  inet6 addr: fe80::a00:27ff:fed2:22ac/64 Scope:Link
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:112 errors:0 dropped:0 overruns:0 frame:0
  TX packets:164 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:1000
  RX bytes:54502 (54.5 KB)  TX bytes:19774 (19.7 KB)


*$sudo iptables -L*
Chain INPUT (policy ACCEPT)
target prot opt source   destination

Chain FORWARD (policy ACCEPT)
target prot opt source   destination

Chain OUTPUT (policy ACCEPT)
target prot opt source   destination


Clusters log

*TOMCAT1-CLUSTER.LOG:* -http://pastebin.com/w1TV73Qk

*TOMCAT2-CLUSTER.LOG:* -http://pastebin.com/V7C35LTL

One point I found interesting in the log is:

   1. FINE: Received a failure detector
   
packet:ClusterData[src=org.apache.catalina.tribes.membership.MemberImpl[tcp://{10,
   0, 2, 15}:4002,{10, 0, 2, 15},4002, alive=1414598894083, securePort=-1, UDP
   Port=-1, id={-127 -84 -80 -93 43 11 68 -77 -65 -49 47 -119 -59 -120 40 19
   }, payload={}, command={}, domain={}, ]; id={84 35 -110 45 -81 -92 66 86
   -65 -60 -61 68 -70 -31 -59 -92 }; sent=2014-10-29 14:08:14.095]
   2. Oct 29, 2014 2:08:14 PM
   org.apache.catalina.tribes.transport.nio.NioReplicationTask remoteEof
   3. FINE: Channel closed on the remote end, disconnecting


What I understood is that the tomcats are able to communicate and when one
falls the other receives the request with the session of the first
normally. It seems the problem is that tomcat is not able to receive or
read session data, then just resetting it and the value of the session
variable is lost.


Tks!
Nilson Uehara

Tomcat7 cluster don't replicates session

2014-10-29 Thread Nilson Uehara 
I have a Ubuntu with 2 Tomcat7 with a cluster configurations.

The balancer is Apache MOD_JK.

*SERVER.XML:*

Engine name=Catalina defaultHost=localhost jvmRoute=no0
Cluster className=org.apache.catalina.ha.tcp.SimpleTcpCluster
 channelSendOptions=8
  Manager className=org.apache.catalina.ha.session.DeltaManager
   expireSessionsOnShutdown=false
   notifyListenersOnReplication=true/
  Channel
className=org.apache.catalina.tribes.group.GroupChannel
Membership
className=org.apache.catalina.tribes.membership.McastService
address=228.0.0.4
port=45564
frequency=500
dropTime=3/
Receiver
className=org.apache.catalina.tribes.transport.nio.NioReceiver
  address=10.0.2.15
  port=4001
  autoBind=100
  selectorTimeout=5000
  maxThreads=6/
Sender
className=org.apache.catalina.tribes.transport.ReplicationTransmitter
  Transport
className=org.apache.catalina.tribes.transport.nio.PooledParallelSender/
/Sender
Interceptor
className=org.apache.catalina.tribes.group.interceptors.TcpPingInterceptor/
Interceptor
className=org.apache.catalina.tribes.group.interceptors.TcpFailureDetector/
Interceptor
className=org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor/
  /Channel
  Valve className=org.apache.catalina.ha.tcp.ReplicationValve
filter=/
  Valve
className=org.apache.catalina.ha.session.JvmRouteBinderValve/
  !--Deployer
className=org.apache.catalina.ha.deploy.FarmWarDeployer
tempDir=/home/nilson/war-temp/
deployDir=/home/nilson/war-deploy/
watchDir=/home/nilson/war-listen/
watchEnabled=false/--
  ClusterListener
className=org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener/
  ClusterListener
className=org.apache.catalina.ha.session.ClusterSessionListener/
/Cluster


In server.xml of tomcat2, the ports are 8105, 8109 and 8180 and
jvmRoute=no1 and port=4002



*WORKERS.PROPERTIES:*
worker.list=no0, no1, cluster

worker.cluster.type=lb
worker.cluster.balance_workers=no0, no1
worker.cluster.sticky_session=1

worker.no0.type=ajp13
worker.no0.host=localhost
worker.no0.port=8009
worker.no0.lbfactor=1

worker.no1.type=ajp13
worker.no1.host=localhost
worker.no1.port=8109
worker.no1.lbfactor=1


*$ route*
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse
Iface
default 10.0.2.20.0.0.0 UG0  00 eth0
10.0.2.0*   255.255.255.0   U 1  00 eth0
224.0.0.0   *   240.0.0.0   U 0  00 eth0


*$ ifconfig*
eth0  Link encap:Ethernet  HWaddr 08:00:27:d2:22:ac
  inet addr:10.0.2.15  Bcast:10.0.2.255  Mask:255.255.255.0
  inet6 addr: fe80::a00:27ff:fed2:22ac/64 Scope:Link
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:112 errors:0 dropped:0 overruns:0 frame:0
  TX packets:164 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:1000
  RX bytes:54502 (54.5 KB)  TX bytes:19774 (19.7 KB)


*$sudo iptables -L*
Chain INPUT (policy ACCEPT)
target prot opt source   destination

Chain FORWARD (policy ACCEPT)
target prot opt source   destination

Chain OUTPUT (policy ACCEPT)
target prot opt source   destination


Clusters log

*TOMCAT1-CLUSTER.LOG:* -http://pastebin.com/w1TV73Qk

*TOMCAT2-CLUSTER.LOG:* -http://pastebin.com/V7C35LTL

One point I found interesting in the log is:

   1. FINE: Received a failure detector
   
packet:ClusterData[src=org.apache.catalina.tribes.membership.MemberImpl[tcp://{10,
   0, 2, 15}:4002,{10, 0, 2, 15},4002, alive=1414598894083, securePort=-1, UDP
   Port=-1, id={-127 -84 -80 -93 43 11 68 -77 -65 -49 47 -119 -59 -120 40 19
   }, payload={}, command={}, domain={}, ]; id={84 35 -110 45 -81 -92 66 86
   -65 -60 -61 68 -70 -31 -59 -92 }; sent=2014-10-29 14:08:14.095]
   2. Oct 29, 2014 2:08:14 PM
   org.apache.catalina.tribes.transport.nio.NioReplicationTask remoteEof
   3. FINE: Channel closed on the remote end, disconnecting


What I understood is that the tomcats are able to communicate and when one
falls the other receives the request with the session of the first
normally. It seems the problem is that tomcat is not able to receive or
read session data, then just resetting it and the value of the session
variable is lost.

PS:


Tks!
Nilson Uehara