Getting Started With The Coherence Memcached Adaptor

Overview

Coherence 12c (12.1.3) adds support for Memcached clients to directly store data a in Coherence cluster using the Binary Memcached protocol. This post outlines how to configure the Coherence Memcached Adaptor and includes a simple PHP example to show how Memecached clients can connect to a Coherence cluster.

The Memcached adaptor is configured as a proxy service that runs in the Coherence cluster.  This is highlighted in the example cache configuration below:

<?xml version="1.0"?>
<cache-config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns="http://xmlns.oracle.com/coherence/coherence-cache-config"
  xsi:schemaLocation="http://xmlns.oracle.com/coherence/coherence-cache-config 
  http://xmlns.oracle.com/coherence/coherence-cache-config/1.2/coherence-cache-config.xsd">
  <defaults>
    <serializer>pof</serializer>
  </defaults>
  <caching-scheme-mapping>
    <cache-mapping>
      <cache-name>memcache</cache-name>
      <scheme-name>DistributedCacheScheme</scheme-name>
    </cache-mapping>
  </caching-scheme-mapping>
  <caching-schemes>
    <distributed-scheme>
      <scheme-name>DistributedCacheScheme</scheme-name>
      <service-name>DistributedCacheService</service-name>
      <backing-map-scheme>
        <local-scheme/>
      </backing-map-scheme>
      <autostart>true</autostart>
    </distributed-scheme>
    <proxy-scheme>
      <service-name>MemecachdTcpCacheService</service-name>
      <acceptor-config>
        <memcached-acceptor>
          <cache-name>memcache</cache-name>
          <memcached-auth-method>plain</memcached-auth-method>
          <address-provider>memcached-addr-provider</address-provider>
        </memcached-acceptor>
      </acceptor-config>
      <autostart>true</autostart>
    </proxy-scheme>
  </caching-schemes>
</cache-config>

Note a couple of things:

  1. The <cache-name> element under <memcached-acceptor> defines the distributed cache for the Memcached acceptor.  All Memcached clients connecting to this acceptor will access this cache.
  2. You can optionally enable client authentication by setting the <memcached-auth-method>. Currently the only supported method is SASL (Simple Authentication and Security Layer) plain authentication.
  3. The <address-provider> element defines the socket-address that the Memcached Adapter will listen on for connections.  It is defined in the Coherence operational configuration file.

Below is an example operational configuration file that shows the setup of an address-provider:

<?xml version='1.0'?>
<coherence
 xmlns="http://xmlns.oracle.com/coherence/coherence-operational-config"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="http://xmlns.oracle.com/coherence/coherence-operational-config 
 http://xmlns.oracle.com/coherence/coherence-operational-config/1.2/coherence-operational-config.xsd">
 <cluster-config>
    <address-providers>
      <address-provider id="memcached-addr-provider">
        <socket-address>
          <address>127.0.0.1</address>
          <port>11211</port>
        </socket-address>
      </address-provider>
    </address-providers>
  </cluster-config>
  <logging-config>
    <destination system-property="tangosol.coherence.log">stdout</destination>
    <severity-level system-property="tangosol.coherence.log.level">9</severity-level>
  </logging-config>
  <security-config>
    <identity-asserter>
      <class-name>memcached.PasswordIdentityAsserter</class-name>
    </identity-asserter>
  </security-config>
</coherence>

The address provider with id memcached-addr-provider defines the socket-address reference. 

Authentication

For authentication, you can write a custom IdentityAsserter implementation and declare it in the operational configuration file. This is shown above but the relevant snippet is shown below:

<security-config>
    <identity-asserter>
      <class-name>memcached.PasswordIdentityAsserter</class-name>
    </identity-asserter>
 </security-config>

The Memcached Adapter calls the IdentityAsserter implementation and passes the com.tangosol.net.security.UsernameAndPassword object as a token.

A sample IdentityAsserter is shown below:

package memcached;
import com.tangosol.net.Service;
import com.tangosol.net.security.IdentityAsserter;
import com.tangosol.net.security.UsernameAndPassword;
import javax.security.auth.Subject;
public class PasswordIdentityAsserter implements IdentityAsserter {
  public Subject assertIdentity(Object oToken, Service service)
  throws SecurityException {
    if (oToken instanceof UsernameAndPassword) {
      UsernameAndPassword secToken = (UsernameAndPassword) oToken;
      String sPwd = new String(secToken.getPassword());
      if (secToken.getUsername().equals("username")
          && sPwd.equals("password")) {
        return new Subject();
      }
    }
    throw new SecurityException("Access denied");
  }
}

PHP Memcached client

There are 2 very popular PHP memcached clients – Memcache and Memcached. Memcached is the newer one and supports both the Binary Memcached protocol and SASL authentication. To enable Memcached and SASL, add the following to the php.ini file:

    extension=memcached.so
    memcached.use_sasl = 1

The following PHP code uses the PHP Memcached client library to connect to a Coherence cluster, add an entry and then retrieve it again.

<?php
  $m = new Memcached();
  $m->setOption(Memcached::OPT_BINARY_PROTOCOL, true);
  $m->setSaslAuthData("username", "password");
  if (!count($m->getServerList())) {
    // List of Coherence proxy service nodes
    $m->addServer('127.0.0.1', 11211);
  }
  print_r($m->getVersion());
  $m->set('test', 'test_string');
  print_r('Cache value: ' . $m->get('test'));
?>

Putting it all together

This is easy to try out for yourself.  First download and install Coherence, PHP and the PHP Memcached client library. Then in a test dir create an operational configuration file called tangosol-coherence-override.xml with the operational configuration details outlined above. Similarly create a cache configuration file called coherence-cache-config.xml with the specified cache configuration for Memcached clients. Finally, in the test dir create a dir called memcached and in it create a file called PasswordIdentityAsserter.java with the code listing above.

On the PHP side just save the example PHP code above to a file called test.php. Now we are ready to test everything. 

To startup Coherence we will need to refer to the Coherence libraries. To make this easier define an environment variable for the location of the Coherence installation called COH_HOME. Below we will assume a Linux/OSX environment but its very similar on Windows.

Build the PasswordIdentityAsserter by running the following command in your test dir:

javac –cp $COH_HOME/lib/coherence.jar memcached/PasswordIdentityAsserter.java

Now start a Coherence cache server to store the Memcached client data:

java -cp .:$COH_HOME/lib/coherence.jar com.tangosol.net.DefaultCacheServer

Lastly test that the PHP client can connect, store and read data securely via the Coherence Memcached Adaptor:

php test.php
The output should be:

 Array
 (
     [127.0.0.1:11211] => 12.1.3
 )
 Cache value: test_string

This shows that the value inserted into Coherence by the PHP client, test_string, has successfully been read back.

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

Oracle Coherence, the market leading in-memory datagrid product.
Stay Connected...

Search

Archives
« September 2015
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today