I plan to use JCS or ehcache in Spring Cache and put this into a REST based webservice. The webservice will be distributed across at least two application servers. Because of this I plan to use a distributed cache. From my understanding this means the cache service needs to be accessible via the network. During the research I did I found nothing about securing the connection. So I fear that someone knowing that the cache service is running will be able to manipulate the data.
Can I and if yes how can I secure JCS or ehcache in a distributed cache configuration ?
In the case of ehcache, if you want to go to a distributed cache with inter-node security then their commercial product BigMemory Max gives that functionality.
According to their documentation:
You can choose one of the following to secure servers:
SSL-based security – Provides certificate-based authentication for all nodes (including clients) and secures the entire cluster with encrypted connections. Can be used with role-based authorization. LDAP-based authentication – Uses your organization's authentication database to secure access to Terracotta servers.