Blogs Infinispan Node.js client supports authentication

Infinispan Node.js client supports authentication

Node.js Client 0.9.0

Infinispan Node.js client version 0.9.0 was released last week with added support for different SASL authentication mechanisms. Up to now, our Node.js client could connect to Infinispan Server security realms with disabled authentication.

DIGEST-MD5

Uses the MD5 hashing algorithm in addition to nonces to encrypt credentials.

SCRAM

Uses salt values in addition to hashing algorithms and nonce values to encrypt credentials. Hot Rod endpoints support SCRAM-SHA-1, SCRAM-SHA-256, SCRAM-SHA-384, SCRAM-SHA-512 hashing algorithms, in order of strength.

EXTERNAL

Uses client certificates to provide valid identities to Infinispan Server and enable encryption.

OAUTHBEARER

Uses tokens obtained via an OAuth 2.0 provider to securely connect to Infinispan Server.

PLAIN:

Sends credentials in plain text (unencrypted) over the wire in a way that is similar to HTTP BASIC authentication.

Warning
To secure Infinispan credentials, you should use PLAIN authentication only in combination with TLS encryption.

Run the Infinispan Server

Run the Infinispan Server with Docker or Podman
docker run -it -p 11222:11222 -e USER="admin" -e PASS="password" quay.io/infinispan/server:12.1

podman run -it -p 11222:11222 -e USER="admin" -e PASS="password" --net=host quay.io/infinispan/server:12.1
Important
If you are using Docker for Mac, there is a known limitation. You will need to download the server distribution and run the server manually.
Run the Infinispan Server from the file system
./bin/cli.sh user create admin -p password
./bin/server.sh

Create a cache from Infinispan Console

Access the Infinispan Console in http://localhost:11222/ and create a text based cache, named it 'my-cache' with the provided configuration.

Connect to Infinispan
{
  "distributed-cache": {
    "mode": "SYNC",
    "encoding": {
      "media-type": "text/plain"
    },
    "statistics": true
  }
}

Use the Node.js client in your application

Add the dependency to your project.

package.json
"dependencies": {
"infinispan": "^0.9.0"
}

Configure the Infinispan Node.js client to connect with authentication and then check the created cache entry from the console.

application.js
var connected = infinispan.client({port: 11222, host: '127.0.0.1'},
{
    cacheName: 'my-cache',
    authentication: {
        enabled: true,
        saslMechanism: 'DIGEST-MD5',
        userName: 'admin',
        password: 'password'
    }
});

connected.then(function (client) {
    return client.put('key', 'value')
    .finally(function() {
    return client.disconnect();
  });
});

To go further

Full client documentation is now available in the Hot Rod JS Client Guide.

Jira tracker for this client is available here.

Get it, Use it, Ask us!

We’re hard at work on new features, improvements and fixes, so watch this space for more announcements!

Please, download and test the latest release.

The source code is hosted on GitHub. If you need to report a bug or request a new feature, look for a similar one on our JIRA issues tracker. If you don’t find any, create a new issue.

If you have questions, are experiencing a bug or want advice on using Infinispan, you can use StackOverflow. We will do our best to answer you as soon as we can.

The Infinispan community uses Zulip for real-time communications. Join us using either a web-browser or a dedicated application on the Infinispan chat.

Katia Aresti

Katia Aresti is a Senior Software Engineer working for Red Hat since 2017. She is part of the core Infinispan team, reponsible of the integration with other frameworks such as Spring-Boot, Vert.x or Quarkus, developing new features such as Clustered Counters, REST API endpoints and the new Server Web Console.