Infinispan Node.js client supports authentication
Node.js Client 0.9.0
Infinispan Node.js client version 0.9.0 was released last week with added support for different SASL authentication mechanisms. Up to now, our Node.js client could connect to Infinispan Server security realms with disabled authentication.
Mechanisms
DIGEST-MD5
Uses the MD5 hashing algorithm in addition to nonces to encrypt credentials.
SCRAM
Uses salt values in addition to hashing algorithms and nonce values to encrypt credentials. Hot Rod endpoints support SCRAM-SHA-1, SCRAM-SHA-256, SCRAM-SHA-384, SCRAM-SHA-512 hashing algorithms, in order of strength.
EXTERNAL
Uses client certificates to provide valid identities to Infinispan Server and enable encryption.
OAUTHBEARER
Uses tokens obtained via an OAuth 2.0 provider to securely connect to Infinispan Server.
PLAIN:
Sends credentials in plain text (unencrypted) over the wire in a way that is similar to HTTP BASIC authentication.
|
Warning
|
To secure Infinispan credentials, you should use PLAIN authentication only in combination with TLS encryption. |
Run the Infinispan Server
docker run -it -p 11222:11222 -e USER="admin" -e PASS="password" quay.io/infinispan/server:12.1
podman run -it -p 11222:11222 -e USER="admin" -e PASS="password" --net=host quay.io/infinispan/server:12.1|
Important
|
If you are using Docker for Mac, there is a known limitation. You will need to download the server distribution and run the server manually. |
./bin/cli.sh user create admin -p password
./bin/server.shCreate a cache from Infinispan Console
Access the Infinispan Console in http://localhost:11222/ and create a text based cache, named it 'my-cache' with the provided configuration.
{
"distributed-cache": {
"mode": "SYNC",
"encoding": {
"media-type": "text/plain"
},
"statistics": true
}
}Use the Node.js client in your application
Add the dependency to your project.
"dependencies": {
"infinispan": "^0.9.0"
}Configure the Infinispan Node.js client to connect with authentication and then check the created cache entry from the console.
var connected = infinispan.client({port: 11222, host: '127.0.0.1'},
{
cacheName: 'my-cache',
authentication: {
enabled: true,
saslMechanism: 'DIGEST-MD5',
userName: 'admin',
password: 'password'
}
});
connected.then(function (client) {
return client.put('key', 'value')
.finally(function() {
return client.disconnect();
});
});To go further
Full client documentation is now available in the Hot Rod JS Client Guide.
Jira tracker for this client is available here.
Get it, Use it, Ask us!
We’re hard at work on new features, improvements and fixes, so watch this space for more announcements!Please, download and test the latest release.
The source code is hosted on GitHub. If you need to report a bug or request a new feature, look for a similar one on our GitHub issues tracker. If you don’t find any, create a new issue.
If you have questions, are experiencing a bug or want advice on using Infinispan, you can use GitHub discussions. We will do our best to answer you as soon as we can.
The Infinispan community uses Zulip for real-time communications. Join us using either a web-browser or a dedicated application on the Infinispan chat.
Katia Aresti
Katia Aresti is a Senior Software Engineer working for Red Hat since 2017. She is part of the core Infinispan team, reponsible of the integration with other frameworks such as Spring-Boot, Vert.x or Quarkus, developing new features such as Clustered Counters, REST API endpoints and the new Server Web Console.
