In this session Les Hazlewood, the Apache Shiro PMC Chair, will cover Shiro's enterprise session management capabilities, how it can be used across any application (not just web or JEE applications) and how to use Cassandra as Shiro's session store, enabling a distributed session cluster supporting hundreds of thousands or even millions of concurrent sessions. As a working example, Les will show how to set up a session cluster in under 10 minutes using Cassandra. If you need to scale user session load, you won't want to miss this!
Handwritten Text Recognition for manuscripts and early printed texts
Cassandra Day SV 2014: Infinite Session Clustering with Apache Cassandra
1. @lhazlewood
|
@goStormpath
Infinite
Session
Clustering
with
Apache
Shiro
&
Cassandra
Les
Hazlewood
@lhazlewood
Apache
Shiro
Project
Chair
CTO,
Stormpath
stormpath.com
Silicon
Valley
C*
Day
2014
2. @lhazlewood
|
@goStormpath
.com
• User
Management
and
AuthenAcaAon
API
• Security
for
your
applicaAons
• User
security
workflows
• Security
best
pracAces
• Developer
tools,
SDKs,
libraries
3. @lhazlewood
|
@goStormpath
• ApplicaAon
security
framework
• ASF
TLP
hMp://shiro.apache.org
• Quick
and
Easy
• Simplifies
Security
What
is
Apache
Shiro?
4. @lhazlewood
|
@goStormpath
Web
Session
Management
Auxiliary
Features
AuthorizaAon
AuthenAcaAon
Cryptography
Session
Management
Web
Support
16. @lhazlewood
|
@goStormpath
Session
Management
Architecture
Subject
SessionManager
SessionDAO
.getSession()
à
Session
ID
Generator
Session
Cache
Session
Factory
Session
Data
store
17. @lhazlewood
|
@goStormpath
Session
Management
Architecture
Subject
SessionManager
SessionDAO
.getSession()
à
Session
ID
Generator
Session
Cache
Session
Factory
ValidaAon
Scheduler
Session
Data
store
18. @lhazlewood
|
@goStormpath
Session
Management
Architecture
Subject
SessionManager
SessionDAO
.getSession()
à
Session
ID
Generator
Session
Cache
Session
Factory
ValidaAon
Scheduler
Session
Listeners
Session
Data
store
19. @lhazlewood
|
@goStormpath
Session
Clustering:
Clustered
Data
Store
of
Choice
SessionDAO
Session
ID
Generator
Session
Cache
ValidaAon
Scheduler
Data
store
20. @lhazlewood
|
@goStormpath
Web
ConfiguraNon
• web.xml
elements
• Protects
all
URLs
• InnovaAve
Filtering
(URL-‐specific
chains)
• JSP
Tag
support
• Transparent
HMpSession
support
23. @lhazlewood
|
@goStormpath
shiro.ini
overview
[main]
# bean config here
[users]
# optional static user accounts (and their roles) here
[roles]
# optional static roles (and their permissions) here
[urls]
# filter chains here
35. @lhazlewood
|
@goStormpath
TTL
for
session
Nmeout
[main]
# Cassandra can enforce a TTL.
# No need for Shiro to invalidate!
sessionManager.sessionValidationSchedulerEnabled = false
36. @lhazlewood
|
@goStormpath
Session
Upsert
(CQL
3)
UPDATE sessions USING TTL $timeout SET
start_ts = ?,
stop_ts = ?,
last_access_ts = ?,
timeout = ?,
expired = ?,
host = ?,
serialized_value = ?
WHERE
id = ?
40. @lhazlewood
|
@goStormpath
Row
Cache?
Don’t
need
it!
• SSTable
likely
in
OperaAng
System
page
cache
(off
heap)
• DO
use
Key
Cache
(very
important,
enabled
by
default
in
1.2+)