springsecuritycachingehcachejcs

Avoid manipulation of distributed cache


I plan to use JCS or ehcache in Spring Cache and put this into a REST based webservice. The webservice will be distributed across at least two application servers. Because of this I plan to use a distributed cache. From my understanding this means the cache service needs to be accessible via the network. During the research I did I found nothing about securing the connection. So I fear that someone knowing that the cache service is running will be able to manipulate the data.

Can I and if yes how can I secure JCS or ehcache in a distributed cache configuration ?


Solution

  • In the case of ehcache, if you want to go to a distributed cache with inter-node security then their commercial product BigMemory Max gives that functionality.

    According to their documentation:

    You can choose one of the following to secure servers:

    SSL-based security – Provides certificate-based authentication for all nodes (including clients) and secures the entire cluster with encrypted connections. Can be used with role-based authorization. LDAP-based authentication – Uses your organization's authentication database to secure access to Terracotta servers.