MemCacheTicketRegistryAs of CAS 3.3, a MemCacheTicketRegistry is provided. Add the Memcached Client Artifact to Your WAR OverlayAdd the following to your pom.xml: ConfigurationCAS 3.5+ Memcached Configuration Using the KryoTranscoder bean offers a better serialization efficiency. By default, the objects used in the cas-server-core module are registered for the Kryo serialization. Other objects must be registered explicitely using the setSerializerMap method. Since CAS server 4.0.0, as the SAML support is no longer out of the box (but in the cas-server-support-saml module), the SamlService must be explicitely registered with its serializer : SamlServiceSerializer. CAS 3.4.x and Prior Memcached Configuration SecurityMemcached by default does not provide for authentication/authorization or a secure transport. You should discuss with your Network team on the best way to secure the data being sent to the memcache servers. An SSH tunnel is a reasonable solution to the secure transport problem. There is rudimentary support for SASL High Availability ConsiderationsMemcached does not provide for replication by design, but the client is tolerant to node failures with failureMode="Redistribute". In this mode, a write failure will simply cause the client to rekey the item and write it to an available node. It will continue to read and write from a backup node until the dead client becomes available, at which time if the key is still available in that node it will supercede the value known to the backup node. It may be helpful to examine the effect of the behavior above on a CAS SSO session. Consider a single CAS server that has a pool of 3 memcached nodes, memcached-[1|2|3], all of which are initially available.
While the above flow is not the only failure mode that can occur when a memcached node becomes unavailable, it's arguably by far the most common failure mode.
Ticket CleanupMemcached, like other cache-based storage mechanisms, inserts all items into the cache with an expiration period after which time the item is marked as expired and the storage is reclaimed. In this view Memcached like other caches is self cleaning and does not require (or support) the RegistryCleaner component. CouchbaseAs Couchbase (persistent NoSQL database) is natively supporting the Memcached protocol, the MemCacheTicketRegistry can be used to store/retrieve tickets in Couchbase. Links |