search

baiheqiang / memcached-session-manager

Automatically exported from code.google.com/p/memcached-session-manager
0 stars 0 forks source link

SASL not working with multiple memcached servers #124

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
I have a setup of 2 tomcats and 2 memcached servers - non-sticky option.
I am not able to authenticate against memcached servers. While debuging I found 
out this code section in MemcachedSessionService that handles differently the 
authentication code in case of encoded nodes in session. It will work if 
ConnectionFactoryBuilder is used in case of 
SuffixLocatorBinaryConnectionFactory.

    protected ConnectionFactory createConnectionFactory(final MemcachedNodesManager memcachedNodesManager,
            final ConnectionType connectionType, final Statistics statistics ) {
        if (PROTOCOL_BINARY.equals( _memcachedProtocol )) {
            if (connectionType.isSASL()) {
                // FIXME: CF with AuthDescriptor is only used if nodeIdIsNotEncodedInSessionId.
                // Shouldn't the AuthDescriptor also be used if !nodeIdIsNotEncodedInSessionId?
                return memcachedNodesManager.isEncodeNodeIdInSessionId()
                      ? new SuffixLocatorBinaryConnectionFactory( memcachedNodesManager,
                              memcachedNodesManager.getSessionIdFormat(), statistics, _operationTimeout )
                      : 
                      new ConnectionFactoryBuilder().setProtocol(ConnectionFactoryBuilder.Protocol.BINARY)
                          .setAuthDescriptor(new AuthDescriptor(new String[]{"PLAIN"},
                                  new PlainCallbackHandler(_username, _password)))
                          .setOpTimeout(_operationTimeout).build();

Original issue reported on code.google.com by angelo.o...@gmail.com on 29 Feb 2012 at 12:55

GoogleCodeExporter commented 8 years ago 
On a second thought, actually I think SuffixLocatorBinaryConnectionFactory 
should be changed to support SASL. I noticed that using the simple 
ConnectionFactoryBuilder the replication doesn't work - bringing one memcached 
down I loose those sessions.

Original comment by angelo.o...@gmail.com on 29 Feb 2012 at 2:02

GoogleCodeExporter commented 8 years ago 
Please post your configuration!

Original comment by martin.grotzke on 29 Feb 2012 at 7:37

GoogleCodeExporter commented 8 years ago

Original comment by martin.grotzke on 29 Feb 2012 at 9:50

GoogleCodeExporter commented 8 years ago 
Hey Martin,

I tried a few things out and I manged to make it work.
So what I changed is SuffixLocatorBinaryConnectionFactory, I extended the 
constructor to accept an AuthDescriptor.

private final AuthDescriptor _authDescriptor;
...
   public SuffixLocatorBinaryConnectionFactory( final MemcachedNodesManager memcachedNodesManager, final SessionIdFormat sessionIdFormat,
            final Statistics statistics, long operationTimeout, AuthDescriptor authDescriptor) {
        _memcachedNodesManager = memcachedNodesManager;
        _sessionIdFormat = sessionIdFormat;
        _statistics = statistics;
        _operationTimeout = operationTimeout;
        _authDescriptor = authDescriptor;
    }

Then I've also overriden this spymemcached method
   @Override
    public AuthDescriptor getAuthDescriptor() {
        return _authDescriptor;
    }

Also I set he doAuth based on that auth object

    public MemcachedNode createMemcachedNode(final SocketAddress sa,
            final SocketChannel c, final int bufSize) {
        final boolean doAuth = (_authDescriptor == null ? true : false);

And then in MemcachedSessionService.createConnectionFactory you have to use 
this constructor for SASL and the initial one for non-SASL. 
Please let me know when you submit a changelist for this, thanks a lot!

Angelo

Original comment by angelo.o...@gmail.com on 29 Feb 2012 at 6:23

GoogleCodeExporter commented 8 years ago 
Do you have it in some fork on github? Then I could just pull it into a branch 
on my side...

What do you mean with "Please let me know when you submit a changelist for 
this"?

Original comment by martin.grotzke on 29 Feb 2012 at 9:20

GoogleCodeExporter commented 8 years ago 
I took your sources and recompiled a couple of classes and injected them in the 
jar and tested them out. So I didn't change it in the repository, and that's 
what I meant by changelist (perforce terminolagy), I meant when you submit the 
change in git (I don't really know how git works).

Angelo

Original comment by angelo.o...@gmail.com on 29 Feb 2012 at 9:31

GoogleCodeExporter commented 8 years ago 
You can
git clone git://github.com/magro/memcached-session-manager.git
cd memcached-session-manager
<make changes>
git commit -a
<enter commit message>
git format-patch origin/master --stdout > issue124.patch

and send this file to me.

Or, if you have a github account, you can just click on "Fork" here 
https://github.com/magro/memcached-session-manager/ and follow the 
instructions. When you've done your changes just push them to your repo/fork so 
that I can see it / pull from your fork.

Original comment by martin.grotzke on 29 Feb 2012 at 10:18

GoogleCodeExporter commented 8 years ago 
I submitted the changes in github if you wanna take a look...

Original comment by angelo.o...@gmail.com on 1 Mar 2012 at 1:23

GoogleCodeExporter commented 8 years ago 
Thanx for the pull request!

I just merged it, I only change one line in 
SuffixLocatorBinaryConnectionFactory, instead of
  final boolean doAuth = (_authDescriptor == null ? true : false);
it's now
  final boolean doAuth = _authDescriptor != null;

Original comment by martin.grotzke on 3 Mar 2012 at 11:59