Connecting to "Secure" Redis

[whigley]

What is the URL to use the session manager to connect to secure AWS ElastiCache Redis

className="de.javakaffee.web.msm.MemcachedBackupSessionManager"
memcachedNodes="redis://master.secure-xxxxxxxxxxxx:6379"
sticky="true"
enabled="true"
sessionBackupAsync="false"
requestUriIgnorePattern=".*.(ico|png|gif|jpg|css|js)$"
storageKeyPrefix="context.hash,webappVersion"
transcoderFactoryClass="de.javakaffee.web.msm.serializer.kryo.KryoTranscoderFactory"

I tried using "rediss://" instead of "redis://" ... but no luck.

It works fine with non-secure redis node

[LLY-SC]

            已收到你的邮件，我会尽快与你联系回复！谢谢！！

[pawelpytelpoznan]

Hi,
for me it's working with pattern as below:
redis://:{password}@{ip_address}:{port}
https://github.com/redis/lettuce/wiki/Redis-URI-and-connection-details

Security concern:

@magro but there is one huge security concern then - the MemcachedSessionService logs this secure data in INFO log, from startInternal method
_log.info( getClass().getSimpleName() + " starts initialization... (configured" + " nodes definition " + _memcachedNodes + ", failover nodes " + _failoverNodes + ")" )

This memcachedNodes variable contains senstiive data. Could we somehow overcome this issue?

[LLY-SC]

            已收到你的邮件，我会尽快与你联系回复！谢谢！！