Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
litespeed_wiki:lsmcd:sasl_secure_user_data [2018/08/14 12:22] Robert Perper [LSMCD Secure User Data Using SASL] |
litespeed_wiki:lsmcd:sasl_secure_user_data [2019/11/27 14:29] (current) Robert Perper [Anonymous User] |
||
|---|---|---|---|
| Line 18: | Line 18: | ||
| As mentioned above, once you have made this change you must delete your existing databases or LSMCD will refuse to come up, as it will notice the changed data condition. | As mentioned above, once you have made this change you must delete your existing databases or LSMCD will refuse to come up, as it will notice the changed data condition. | ||
| - | The default is ''false'' so that data created by all users is visible to all users. Once it is set to ''true'', each user's data can only be visible to that user. | + | The default is ''false'' so that data created by all users is visible to all users. Once it is set to ''true'', each user's data can only be visible to that user. Note that you must enable SASL to enable DataByUser. |
| ==== Use ==== | ==== Use ==== | ||
| LSMCD can be used once configured and activated using the traditional Memcached protocols and user commands. However, any data visible will only be visible to the authenticated user that created it. This means that the same data may be stored multiple times for separate users, but each user will only see the data created by that user. Expiration and deletion will again by based on the criteria set when the user created the data or on the parameters for the system as a whole. | LSMCD can be used once configured and activated using the traditional Memcached protocols and user commands. However, any data visible will only be visible to the authenticated user that created it. This means that the same data may be stored multiple times for separate users, but each user will only see the data created by that user. Expiration and deletion will again by based on the criteria set when the user created the data or on the parameters for the system as a whole. | ||
| - | The default size for a user cache is by design set quite low to 1000 bytes to avoid the memory and disk overhead with a large number of users. You can specify the size in bytes with the parameter ''Cached.UserSize''. You can also use the ''Cached.MemMaxSz'' parameter to have the cache begin aging out data when it reaches your specified size. | + | You can also use the ''Cached.MemMaxSz'' parameter to have the cache begin aging out data when it reaches your specified size. |
| If you specify a realm qualified name (a name with a ''@hostname'' suffix) in your application, then that name will be used for storage. If you then specify a non-realm qualified name then the unqualified name will be resolved as a different name. This is so that names that appear different are handled differently. | If you specify a realm qualified name (a name with a ''@hostname'' suffix) in your application, then that name will be used for storage. If you then specify a non-realm qualified name then the unqualified name will be resolved as a different name. This is so that names that appear different are handled differently. | ||
| Line 37: | Line 37: | ||
| The default is ''false'' so that you do not mistakenly allow unauthenticated users access to Memcached facilities (even though the data would be separated). | The default is ''false'' so that you do not mistakenly allow unauthenticated users access to Memcached facilities (even though the data would be separated). | ||
| + | |||
| + | If you turn the anonymous user on, then telnet and other ASCII activity will be re-enabled. As mentioned above if you have ''Cached.DataByUser'' enabled, this data is written to a separate area in the database from binary data secured with SASL. | ||