Re: Authentication Memcached + Tomcat
2014-11-02 4:34 GMT-02:00 Igor Cicimov icici...@gmail.com: On 01/11/2014 6:52 AM, Nilson Uehara nilueh...@gmail.com wrote: I'm testing Memcached to implement failover on my Tomcat servers. Is there any way of implementing security by user / password? From what I can see here https://code.google.com/p/memcached-session-manager/wiki/SetupAndConfiguration the instructions are pretty clear. You need memcache compiled and configured with sasl support and thats pretty much it. I found the solution! I included memcachedProtocol=binary in the context.xml. Manager className=de.javakaffee.web.msm.MemcachedBackupSessionManager memcachedNodes=n1:1.2.3.4:11211 memcachedProtocol=binary requestUriIgnorePattern=.*\.(png|gif|jpg|css|js|ico)$ username=user password=123 /
Re: Authentication Memcached + Tomcat
Dan, I'm trying to implement Memcached with SASL authentication https://code.google.com/p/memcached/wiki/SASLHowto But I can not get Tomcat to connect to it Nilson Uehara 2014-10-31 18:18 GMT-02:00 Daniel Mikusa dmik...@pivotal.io: On Fri, Oct 31, 2014 at 3:51 PM, Nilson Uehara nilueh...@gmail.com wrote: I'm testing Memcached to implement failover on my Tomcat servers. Is there any way of implementing security by user / password? Can you clarify this request? Are these two separate thoughts, or is memcached somehow related to the security question? If it's just security you're after, then see this section in the docs. http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html Dan
Authentication Memcached + Tomcat
I'm testing Memcached to implement failover on my Tomcat servers. Is there any way of implementing security by user / password?
Fwd:
I have a Ubuntu with 2 Tomcat7 with a cluster configurations. The balancer is Apache MOD_JK. *SERVER.XML:* Engine name=Catalina defaultHost=localhost jvmRoute=no0 Cluster className=org.apache.catalina.ha.tcp.SimpleTcpCluster channelSendOptions=8 Manager className=org.apache.catalina.ha.session.DeltaManager expireSessionsOnShutdown=false notifyListenersOnReplication=true/ Channel className=org.apache.catalina.tribes.group.GroupChannel Membership className=org.apache.catalina.tribes.membership.McastService address=228.0.0.4 port=45564 frequency=500 dropTime=3/ Receiver className=org.apache.catalina.tribes.transport.nio.NioReceiver address=10.0.2.15 port=4001 autoBind=100 selectorTimeout=5000 maxThreads=6/ Sender className=org.apache.catalina.tribes.transport.ReplicationTransmitter Transport className=org.apache.catalina.tribes.transport.nio.PooledParallelSender/ /Sender Interceptor className=org.apache.catalina.tribes.group.interceptors.TcpPingInterceptor/ Interceptor className=org.apache.catalina.tribes.group.interceptors.TcpFailureDetector/ Interceptor className=org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor/ /Channel Valve className=org.apache.catalina.ha.tcp.ReplicationValve filter=/ Valve className=org.apache.catalina.ha.session.JvmRouteBinderValve/ !--Deployer className=org.apache.catalina.ha.deploy.FarmWarDeployer tempDir=/home/nilson/war-temp/ deployDir=/home/nilson/war-deploy/ watchDir=/home/nilson/war-listen/ watchEnabled=false/-- ClusterListener className=org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener/ ClusterListener className=org.apache.catalina.ha.session.ClusterSessionListener/ /Cluster In server.xml of tomcat2, the ports are 8105, 8109 and 8180 and jvmRoute=no1 and port=4002 *WORKERS.PROPERTIES:* worker.list=no0, no1, cluster worker.cluster.type=lb worker.cluster.balance_workers=no0, no1 worker.cluster.sticky_session=1 worker.no0.type=ajp13 worker.no0.host=localhost worker.no0.port=8009 worker.no0.lbfactor=1 worker.no1.type=ajp13 worker.no1.host=localhost worker.no1.port=8109 worker.no1.lbfactor=1 *$ route* Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface default 10.0.2.20.0.0.0 UG0 00 eth0 10.0.2.0* 255.255.255.0 U 1 00 eth0 224.0.0.0 * 240.0.0.0 U 0 00 eth0 *$ ifconfig* eth0 Link encap:Ethernet HWaddr 08:00:27:d2:22:ac inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fed2:22ac/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:112 errors:0 dropped:0 overruns:0 frame:0 TX packets:164 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:54502 (54.5 KB) TX bytes:19774 (19.7 KB) *$sudo iptables -L* Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Clusters log *TOMCAT1-CLUSTER.LOG:* -http://pastebin.com/w1TV73Qk *TOMCAT2-CLUSTER.LOG:* -http://pastebin.com/V7C35LTL One point I found interesting in the log is: 1. FINE: Received a failure detector packet:ClusterData[src=org.apache.catalina.tribes.membership.MemberImpl[tcp://{10, 0, 2, 15}:4002,{10, 0, 2, 15},4002, alive=1414598894083, securePort=-1, UDP Port=-1, id={-127 -84 -80 -93 43 11 68 -77 -65 -49 47 -119 -59 -120 40 19 }, payload={}, command={}, domain={}, ]; id={84 35 -110 45 -81 -92 66 86 -65 -60 -61 68 -70 -31 -59 -92 }; sent=2014-10-29 14:08:14.095] 2. Oct 29, 2014 2:08:14 PM org.apache.catalina.tribes.transport.nio.NioReplicationTask remoteEof 3. FINE: Channel closed on the remote end, disconnecting What I understood is that the tomcats are able to communicate and when one falls the other receives the request with the session of the first normally. It seems the problem is that tomcat is not able to receive or read session data, then just resetting it and the value of the session variable is lost. Tks! Nilson Uehara
Tomcat7 cluster don't replicates session
I have a Ubuntu with 2 Tomcat7 with a cluster configurations. The balancer is Apache MOD_JK. *SERVER.XML:* Engine name=Catalina defaultHost=localhost jvmRoute=no0 Cluster className=org.apache.catalina.ha.tcp.SimpleTcpCluster channelSendOptions=8 Manager className=org.apache.catalina.ha.session.DeltaManager expireSessionsOnShutdown=false notifyListenersOnReplication=true/ Channel className=org.apache.catalina.tribes.group.GroupChannel Membership className=org.apache.catalina.tribes.membership.McastService address=228.0.0.4 port=45564 frequency=500 dropTime=3/ Receiver className=org.apache.catalina.tribes.transport.nio.NioReceiver address=10.0.2.15 port=4001 autoBind=100 selectorTimeout=5000 maxThreads=6/ Sender className=org.apache.catalina.tribes.transport.ReplicationTransmitter Transport className=org.apache.catalina.tribes.transport.nio.PooledParallelSender/ /Sender Interceptor className=org.apache.catalina.tribes.group.interceptors.TcpPingInterceptor/ Interceptor className=org.apache.catalina.tribes.group.interceptors.TcpFailureDetector/ Interceptor className=org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor/ /Channel Valve className=org.apache.catalina.ha.tcp.ReplicationValve filter=/ Valve className=org.apache.catalina.ha.session.JvmRouteBinderValve/ !--Deployer className=org.apache.catalina.ha.deploy.FarmWarDeployer tempDir=/home/nilson/war-temp/ deployDir=/home/nilson/war-deploy/ watchDir=/home/nilson/war-listen/ watchEnabled=false/-- ClusterListener className=org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener/ ClusterListener className=org.apache.catalina.ha.session.ClusterSessionListener/ /Cluster In server.xml of tomcat2, the ports are 8105, 8109 and 8180 and jvmRoute=no1 and port=4002 *WORKERS.PROPERTIES:* worker.list=no0, no1, cluster worker.cluster.type=lb worker.cluster.balance_workers=no0, no1 worker.cluster.sticky_session=1 worker.no0.type=ajp13 worker.no0.host=localhost worker.no0.port=8009 worker.no0.lbfactor=1 worker.no1.type=ajp13 worker.no1.host=localhost worker.no1.port=8109 worker.no1.lbfactor=1 *$ route* Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface default 10.0.2.20.0.0.0 UG0 00 eth0 10.0.2.0* 255.255.255.0 U 1 00 eth0 224.0.0.0 * 240.0.0.0 U 0 00 eth0 *$ ifconfig* eth0 Link encap:Ethernet HWaddr 08:00:27:d2:22:ac inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fed2:22ac/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:112 errors:0 dropped:0 overruns:0 frame:0 TX packets:164 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:54502 (54.5 KB) TX bytes:19774 (19.7 KB) *$sudo iptables -L* Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Clusters log *TOMCAT1-CLUSTER.LOG:* -http://pastebin.com/w1TV73Qk *TOMCAT2-CLUSTER.LOG:* -http://pastebin.com/V7C35LTL One point I found interesting in the log is: 1. FINE: Received a failure detector packet:ClusterData[src=org.apache.catalina.tribes.membership.MemberImpl[tcp://{10, 0, 2, 15}:4002,{10, 0, 2, 15},4002, alive=1414598894083, securePort=-1, UDP Port=-1, id={-127 -84 -80 -93 43 11 68 -77 -65 -49 47 -119 -59 -120 40 19 }, payload={}, command={}, domain={}, ]; id={84 35 -110 45 -81 -92 66 86 -65 -60 -61 68 -70 -31 -59 -92 }; sent=2014-10-29 14:08:14.095] 2. Oct 29, 2014 2:08:14 PM org.apache.catalina.tribes.transport.nio.NioReplicationTask remoteEof 3. FINE: Channel closed on the remote end, disconnecting What I understood is that the tomcats are able to communicate and when one falls the other receives the request with the session of the first normally. It seems the problem is that tomcat is not able to receive or read session data, then just resetting it and the value of the session variable is lost. PS: Tks! Nilson Uehara