The official documentation specifies how to disable realm and user caching, but how do I disable other local caching mentioned in infinispan in standalone.xml, like sessions, clientSessions etc?
https://www.keycloak.org/docs/6.0/server_installation/#disabling-caching
Disabling caching for session is not a good idea since all types of sessions stored ONLY in infinispan cache. Afaik there was an option described in documentation (or maybe a topic in Keycloak mailing list) that allows you to also persist all sessions in DB, but that was discouraged because of great performance penalty.
Related
I'm currently leveraging the features in Spring Boot Admin that allow changing log levels and clearing caches. Best as I can tell, one is able to change the log levels for all instances at once, but the caches seem to only affect a single instance.
Is there a configuration option that allows for clearing the cache for all instances with a single click? If not is this something that could added via custom view?
We are not currently leveraging a centralized cache solution such as Redis so I think being able to clear the cache for an individual instance and all instances would be very helpful.
Thanks in advance for your time.
As of Spring Boot Admin version 2.7.5 this appears to be working.
The "Instance" button on the page now toggles to "Application" if clicked upon. This allows using clearing the cache across all instances.
At the time of my original question I was on 2.7.1. Not sure if there was a bug or if this feature wasn't implemented yet in this version.
Please don't mark this question as a duplicate. I read the previous questions, but I am still unable to understand it.
I am currently into a project designed in Java which uses MongoDB for persistence. But due to some performance issues with it, I am asked to use Memcached. But I am unable to figure out how can Memcached help me in doing this.
While surfing, I got more confused because of caching services like Memcache and Memcached. Can someone please explain me how are these different and why does PHP comes into the answer in some questions when Memcached is asked.
I request all to answer clearly and let me know with an example how could I use Memcached into my project. What is Memcache, Memcached, Jcache and SpyMemcached?
If possible, please provide a link to complete Memcached example somewhere.
Memcache and Memcached are the same thing, the "correct name" being Memcached ( http://memcached.org/ ).
JCache is the name of a standard Java API (JSR 107 - https://jcp.org/en/jsr/detail?id=107 ) that provides a generic API to interact with caching layer/solutions. (get/set/remove data from a Key/Value cache to simplify)
So you really want to use a caching layer at the top of MongoDB in your Java application you have to:
Install Memcached somewhere on your infrastructure (if not install already, you can test it quickly with telnet. The default port is 11211, so you can run telnet localhost 11211 to see if it is working.
You have to use a JCache implementation for Memcached, for example this one: https://github.com/toelen/spymemcached-jcache This will allow you to store and get data into a Memcached process running somwhere in your infrastructure.
Since you are talking about JCache, you are Using Java, it is also possible to use Java based cache that will work in your JVM Directly without having a 3rd party cache/process (memcached). You can find many of them, it could be for example eHCache, JBoss Cache, and most of them expose their API using the standard JCache API.
Now you need to code your Data Access layer to get the data out of MongoDB and set them into the Cache using JCache API. IN this code you will have to check if a data is in the cache, if not query the data from MongoDB, and set it in the cache and use it. Be careful about the eviction strategy.
This document about using JCache in Google App Engine documentation is interesting to see the "pseudo code" https://developers.google.com/appengine/docs/java/memcache/usingjcache (your code will be different but it should help you to see what you have to do in your code.)
The reason why you often see Memcached and PHP together is just because Memcached is the most common caching layer for PHP application, with many many API/FWK that are using this. In Java we have many options, from a pure Java layer to Memcached or other...
However, this is the "overall" approach, but before doing this I would check "why" you are saying that MongoDB is slow, and solve the issue.
It is generally recommended not to store credentials in a repository. The question is, where should they be stored then, so all developers have access to the same configuration?
The question is subjective - different practices may be applied. For me, the approach that worked best is utilisation of some form of "Single Sign-On" where possible and provision of personal logins to every system to developers. This also has an advantage of being able to find out who was responsible for a destructive action (which sometimes happens).
You can also take the approach as described here: store the credentials in the SCM, but in encrypted form. This will allow to maintain versioning, yet not allow access "for everyone". I'd say, best option is to combine these two approaches (and store only developer-environment "service" credentials - encrypted - in the SCM)
I stored the config files in a private S3 bucket and manage access via IAM. The configuration updates and revisions are handled by a small script using the AWS gem. That way anybody with sufficient privileges can access them, and we also can issue access credentials for each developer separately.
Folks,
We are evaluating distributed caching solutions for our application. We started with looking at Memcache, then expanded to look at Couchbase. One of our key requirements is the ability to back up the (in-memory) cache reliably to RDBMS and to restore from it in case of nod/cluster failure.
Our preferred option would be to have a configuration switch in couchbase that would cause it to back up new entries to RDBMS.
What we would like to avoid is writing application code that sends cache entries/refreshes explicitly to RDBMS.
Can anyone tell me if couchbase (cluster) can be configured to do so?
Thanks.
-Raj
Couchbase cannot be configured to write through to an RDBMS for backup. What you should take a look at is the Couchbase bucket, not the memcached bucket. The Couchbase bucket uses the memcached layer as a cache and provides replication and persistence out of the box. With this setup you do not need a separate RDBMS because Couchbase will take care of all of the persistence for you and it will replicate your data so that if you have server failures you can just failover any failed nodes and promote other replica nodes to active ones. Take a look at this page http://www.couchbase.com/couchbase-server/features and if you have any other architecture questions here then I would recommend posting them on the Couchbase forums http://www.couchbase.com/forums where some of the developers can give you some more in depth answers.
Document databases that support REST-style JSON over HTTP access seem ideal for supporting AJAX-rich applications where the browser is making direct calls to the database, bypassing the traditional web server / application logic components. An example of this might be retrieving user preferences once a user has been authenticated. (BBC Homepage might be a good example of this, prior to crashing under the load!)
The problem with this scenario is the security issue - if a user is authenticated using a web server (e.g. basic forms authentication), how is this identity carried over to the document DB. Is the only answer to proxy all requests to the DB through the web server anyway - i.e. secure the document DB so that there is no direct external access?
This seems to make most sense, and is the easiest to implement, but I was wondering whether anyone out there had an experience and / or advice on using document dbs in a heterogeneous environment?
This probably differs in every database you mention. Here's how it works in CouchDB.
CouchDB allows you to manage users and roles.
You can use the validate_doc_update function in your design documents to restrict document creation/update. For example, you can write a validation that denies document update to anyone but its author.
To restrict who can read documents from a database, you can edit the /db_name/_security document and list the users or roles.
However, I don't think you can make the read access more granular (i.e. allow a user to read only the documents they created).
To achieve that, you have to put the CouchDB behind a proxy and use views to serve the documents to authenticated users. You can still use CouchDB user management this way. The proxy just hides the direct access to the database.
For more detailed info, check the security overview on CouchDB wiki, the security chapter of the Relax book and this short screencast.
Well, I only have experience with CouchDB, but hope I can help you nonetheless.
CouchDB has a validation process built-in, you write your validation rules in javascript, and have access to the group in which the current user is. It's all handled by CouchDB itself basically, you don't have to care how you get to login information.