Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
litespeed_wiki:lsmcd:sasl [2018/06/04 17:50] Robert Perper [Configuring SASL] |
litespeed_wiki:lsmcd:sasl [2019/02/25 13:32] (current) Robert Perper [Configure for PHP] |
||
|---|---|---|---|
| Line 5: | Line 5: | ||
| Enabling SASL is database wide. Once SASL is enabled, all non-SASL databases will need to be regenerated. You will also need to regenerate your databases (the files stored in the ''Cached.ShmDir'' parameter of your node.conf file) if you wish to remove SASL. | Enabling SASL is database wide. Once SASL is enabled, all non-SASL databases will need to be regenerated. You will also need to regenerate your databases (the files stored in the ''Cached.ShmDir'' parameter of your node.conf file) if you wish to remove SASL. | ||
| + | You can secure data by user if you enable SASL. This is particularly helpful if you wish to install a single copy of memcached and then share it across your user secured network. See https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:lsmcd:sasl_secure_user_data for full details. | ||
| ===== Configuring SASL ===== | ===== Configuring SASL ===== | ||
| There are a number steps to configuring LSMCD to operate with SASL: | There are a number steps to configuring LSMCD to operate with SASL: | ||
| - | * Enable lsmcd to operate in a non-SASL environment. See [[https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:lsmcd:configuration|Configuring LSMCD]] | + | * Enable SASL in your node.conf file |
| - | * Enable SASL in your lsmcd.conf file | + | |
| * Create and configure a SASL configuration file | * Create and configure a SASL configuration file | ||
| * Create and configure a user database. | * Create and configure a user database. | ||
| Line 16: | Line 16: | ||
| ==== Enable SASL in Your Configuration File ==== | ==== Enable SASL in Your Configuration File ==== | ||
| - | This is discussed at [[https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:lsmcd:configuration|lscmd Configuration]] | + | This is discussed at [[https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:lsmcd:configuration|lscmd Configuration]] which also discusses overall configuration. |
| In particular you need to specify in your node.conf file: <code>CACHED.USESASL=TRUE</code> | In particular you need to specify in your node.conf file: <code>CACHED.USESASL=TRUE</code> | ||
| + | |||
| + | Once you have changed this value, you must delete your existing LSMCD files: <code>rm -rf /dev/shm/lsmcd</code> | ||
| ==== Create and Configure a SASL Configuration File ==== | ==== Create and Configure a SASL Configuration File ==== | ||
| Line 43: | Line 45: | ||
| Some notes for all programming environments: | Some notes for all programming environments: | ||
| - | * You must instantiate an instance of the Memcached object (Memcache no longer works). | + | * You must instantiate an instance of the Memcached object (Memcache no longer works). |
| - | * You must use the binary protocol. | + | * You must use the binary protocol. |
| - | * You must make the call to set the SASL authentication information (user/password) before you add the server. | + | * You must make the call to set the SASL authentication information (user/password) before you add the server. |
| - | * Once you add the server successfully, you can perform all standard Memcached operations (get, put, etc.). | + | * Once you add the server successfully, you can perform all standard Memcached operations (get, put, etc.). |
| <code> | <code> | ||
| <?php | <?php | ||
| $mem_var = new Memcached(); | $mem_var = new Memcached(); | ||
| - | $mem_var->setSaslAuthData('user', 'password'); | ||
| $mem_var->setOption(Memcached::OPT_BINARY_PROTOCOL, true); | $mem_var->setOption(Memcached::OPT_BINARY_PROTOCOL, true); | ||
| $mem_var->setOption(Memcached::OPT_COMPRESSION, false); | $mem_var->setOption(Memcached::OPT_COMPRESSION, false); | ||
| $mem_var->addServer("127.0.0.1", 11211); | $mem_var->addServer("127.0.0.1", 11211); | ||
| + | $mem_var->setSaslAuthData('user', 'password'); | ||
| $response = $mem_var->get("SampleKey"); | $response = $mem_var->get("SampleKey"); | ||
| if ($response) { | if ($response) { | ||
| Line 69: | Line 71: | ||
| Start LiteSpeed and LSMCD and point your browser to the web page you created. If the user or password are incorrect you'll see a message like ''Error in get: 41: AUTHENTICATION FAILURE''. However if you have it right you'll see the first time you access the page ''Adding a key/value: SampleKey/SampleValue'' and subsequent accesses will show ''get(SampleKey) => SampleValue''. | Start LiteSpeed and LSMCD and point your browser to the web page you created. If the user or password are incorrect you'll see a message like ''Error in get: 41: AUTHENTICATION FAILURE''. However if you have it right you'll see the first time you access the page ''Adding a key/value: SampleKey/SampleValue'' and subsequent accesses will show ''get(SampleKey) => SampleValue''. | ||
| + | |||
| + | If you do not use the ''$mem_var->setSaslAuthData('user', 'password');'' line, then this example will work for non-SASL environments as well. | ||
| + | |||
| + | ==== Configure for Python ==== | ||
| + | There are a number of external classes for Python access to memcached. However, only the Python Binary Memcached client https://python-binary-memcached.readthedocs.io/ has been certified by LiteSpeed to work with LSMCD in SASL mode. Installation and use is fully described on their web site. | ||