Support durable authentication sessions

Bug #1753565 reported by Jeff Godin on 2018-03-05
This bug affects 2 people
Affects Status Importance Assigned to Milestone

Bug Description

Currently, Evergreen authentication sessions are stored only in memcached, and are subject to being lost on memcached restart, failure, eviction or change in server list[1].

There would be advantages in supporting (even optionally) a durable session store where authentication sessions could live, while continuing to use memcached as a cache for those sessions.

A cache miss on a memcached GET for oils_auth_[token] would then result in a session being retrieved and cached. A negative retrieval result could also be cached, to avoid multiple "costly" retrieval attempts for an invalid session.

[1]: In theory. We may not have any sites using memcached server lists with >1 members.

Bill Erickson (berick) wrote :

I can confirm sites exist with multiple memcache servers. Even for sites that only have 1 server, being able to perform maintenance on a cache server without having to bring the ILS down would be nice to have.

Changed in evergreen:
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers