I experimented a bit with creating an OpenID provider entity using Zend_OpenId_Provider. It was not a hard task to implement, but seeing that the default storage class is file based made me shiver. There are two reasons why I hate anything to do with local disk access:
- It’s s-l-o-w-w-w. Disk I/O is the pitfall of performance for web applications. Avoid when possible.
- It’s usually not fitting for clustered environments. If you have a cluster of application servers (running php for example), and you are using disk access, it will only update the disk on the application node you were directed to in the current request. On the next request to the application, you might not be directed to the same application server (if the load balancing is not ip-hashed or session based). Of course this is not always the case – sometimes there’s a network storage, sometimes several directories can be rsynced across the cluster — but as a rule of thumb, local disk access is not good for clustered environments.
So the obvious thing when implementing an OpenID provider using Zend Framework is to change the default Storage class, and use a storage that’s not a traditional filesystem. Before jumping into using a MySQL backend for this, and coming up with a full blown OpenID provider, I needed something quick that will replace disk storage, but will also work on a clustered environment. So it was really natural to turn to memcached.
I am not sure that using memcached as a final storage engine for an OpenID provider is really a good call. Caches expire, keys are being purged, and whole memcached nodes can evaporate. However, it might fit a provider that is not a full blown OpenID service. If you can find a way to addUser() to the storage every time before a user starts an authentication attempt (and it’s not that difficult, considering the 10-stage authentication process), and if you can handle associations and other info being deleted from time to time (and if your users can handle it…) — memcached storage can be what you need.
In any case, even if just for testing purposes, here’s a memcached storage class for Zend Framework’s OpenID Provider I wrote (it’s a plain text file, apologies for the doc/msword file type).