IdP with memcached

Ramon Pfeiffer ramon.pfeiffer at uni-tuebingen.de
Wed Oct 18 03:42:48 EDT 2017 

Hi all,

currently, I'm trying to use memcached as a session storage.

I have set up memcached and have defined a bean as shown in [1]. In
idp.properties, I have set idp.session.StorageService and
idp.cas.StorageService to shibboleth.MemcachedStorageService (but not
idp.consent.StorageService).

On IdP startup, I don't get any errors logged. However, on a login
attempt, the following is logged:

2017-10-18 09:22:14,049 - DEBUG
[net.shibboleth.idp.session.impl.StorageBackedIdPSessionSerializer:138]
- Unable to serialize SP session due to to storage service limitations
2017-10-18 09:22:14,055 - ERROR
[net.shibboleth.idp.session.impl.StorageBackedSessionManager:528] -
Exception while storing new session for principal <principal>
java.io.IOException:
net.shibboleth.utilities.java.support.logic.ConstraintViolationException:
Storage object was not present in session
        at
org.opensaml.storage.AbstractMapBackedStorageService.create(AbstractMapBackedStorageService.java:75)
Caused by:
net.shibboleth.utilities.java.support.logic.ConstraintViolationException:
Storage object was not present in session
        at
net.shibboleth.utilities.java.support.logic.Constraint.isNotNull(Constraint.java:227)
2017-10-18 09:22:14,063 - ERROR
[net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:178]
- Profile Action UpdateSessionWithAuthenticationResult: Error creating
session for principal <principal>
net.shibboleth.idp.session.SessionException: Exception while storing new
session
        at
net.shibboleth.idp.session.impl.StorageBackedSessionManager.createSession(StorageBackedSessionManager.java:530)
Caused by: java.io.IOException:
net.shibboleth.utilities.java.support.logic.ConstraintViolationException:
Storage object was not present in session
        at
org.opensaml.storage.AbstractMapBackedStorageService.create(AbstractMapBackedStorageService.java:75)
Caused by:
net.shibboleth.utilities.java.support.logic.ConstraintViolationException:
Storage object was not present in session
        at
net.shibboleth.utilities.java.support.logic.Constraint.isNotNull(Constraint.java:227)

Apparently, some limitations I have unknowingly set up prevent the
storage of the sessions in memcached. For testing purposes, I had the
idp.consent.StorageService set up to use memcached as well, a look into
the storage shows me quite some attribute and TOU consents.

Any ideas where I could look to make memcached store sessions as well?

Thanks
Ramon Pfeiffer


[1]:
https://wiki.shibboleth.net/confluence/display/IDP30/StorageConfiguration#StorageConfiguration-MemcachedStorageService

-- 
--
Universität Tübingen
Zentrum für Datenverarbeitung
Wächterstraße 76
72074 Tübingen

E-Mail: ramon.pfeiffer at uni-tuebingen.de
Telefon: +49-7071-29-70213


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5217 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://shibboleth.net/pipermail/users/attachments/20171018/9cbc7896/attachment.p7s>

More information about the users mailing list