Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to use memcache for session storage #110

Open
anishnagaraj opened this issue Oct 22, 2020 · 0 comments
Open

Unable to use memcache for session storage #110

anishnagaraj opened this issue Oct 22, 2020 · 0 comments

Comments

@anishnagaraj
Copy link

anishnagaraj commented Oct 22, 2020

I am moving away from using cookies to a server-side for my application's session storage because of the size of the session object. Our application uses lua-resty-openidc integrated with Azure AD and I believe the security code generated by Azure is too large and thus the size of the session is also huge.

Environment

lua-resty-openidc version -1.7.3
OpenID Connect provider -Azure AD

Expected behaviour

We have to choose Memcache for the session storage. I put in all the configurations as mentioned by lua-resty-session but the creation of session fails.

Actual behaviour

The session is not created successfully. The error I see in the logs are as follows,

	/usr/local/share/lua/5.1/resty/session.lua: in function 'new'
	/usr/local/share/lua/5.1/resty/session.lua:571: in function 'open'
	/usr/local/share/lua/5.1/resty/session.lua:611: in function 'start'
	access_by_lua(lb.conf:225):2: in function <access_by_lua(lb.conf:225):1>, client: 10.244.1.5, server: xyz-dev.eo.tools, request: "GET /browse/homepage HTTP/1.1", host: "xyz-dev.eo.tools" 

I would expect that the exceptions provide more specific details.

My nginx.conf file

user www-data;
worker_processes auto;
error_log stderr warn;
pid /run/nginx/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /etc/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main_timed  '$remote_addr - $remote_user [$time_local] "$request" '
                            '$status $body_bytes_sent "$http_referer" '
                            '"$http_user_agent" "$http_x_forwarded_for" '
                            '$request_time $upstream_response_time $pipe $upstream_cache_status';

    access_log /dev/stdout main_timed;
    error_log /dev/stderr notice;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites/*.conf;

    lua_shared_dict sessions       1m;
    lua_shared_dict sessions_locks 1m;

    server {
        set $session_storage memcache;

        set $session_memcache_prefix           sessions;
        set $session_memcache_connect_timeout  1000; # (in milliseconds)
        set $session_memcache_send_timeout     1000; # (in milliseconds)
        set $session_memcache_read_timeout     1000; # (in milliseconds)
        set $session_memcache_socket           unix:///var/run/memcached/memcached.sock;
        set $session_memcache_host             aks-nodepool1-42857599-vmss000000;
        set $session_memcache_port             5000;
        set $session_memcache_uselocking       on;
        set $session_memcache_spinlockwait     150;  # (in milliseconds)
        set $session_memcache_maxlockwait      30;   # (in seconds)
        set $session_memcache_pool_name        sessions;
        set $session_memcache_pool_timeout     1000; # (in milliseconds)
        set $session_memcache_pool_size        10;
        set $session_memcache_pool_backlog     10;
        
    }

}

Could somebody help me find out what I am missing!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant