ignite-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Valentin Kulichenko <valentin.kuliche...@gmail.com>
Subject Re: IGNITE-2741 - spring session design
Date Thu, 23 Feb 2017 03:32:17 GMT
Hi Rishi,

Got it, I think I'm reproducing the issue. I'll take a look and let you
know my findings soon.

-Val

On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <rishiyagnik@gmail.com> wrote:

> Hi Val,
>
> The issue will occur in cluster environment, please setup the spring boot
> on 2 different host with LB (F5 OR Reverse proxy) in front and try to
> login.
>
> In cluster environment, Spring security does not recognize the session on
> the host you are not logged in, as a result, spring security will redirect
> to login url however the correct behavior should be that user would stay
> logged in with session replication.
>
> Do let me know if you need more information.
>
> Thanks,
> Rishi
>
>
>
> On Tue, Feb 21, 2017 at 7:08 PM, Valentin Kulichenko <
> valentin.kulichenko@gmail.com> wrote:
>
> > Hi Rishi,
> >
> > I was able to build and run the application. Can you give some
> description
> > on what should I test to understand the issue? What exactly didn't work
> for
> > you?
> >
> > -Val
> >
> > On Wed, Feb 15, 2017 at 10:52 AM, Valentin Kulichenko <
> > valentin.kulichenko@gmail.com> wrote:
> >
> > > Hi Rishi,
> > >
> > > Thanks, I'll take a look.
> > >
> > > -Val
> > >
> > > On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik <rishiyagnik@gmail.com>
> > > wrote:
> > >
> > >> Hi Val,
> > >>
> > >> As promised, please find attached code for spring boot integration
> with
> > >> spring security along with Ignite.
> > >>
> > >> Some more information on project -
> > >>
> > >>    - It is a maven project ( Ignite 1.7.0, SB 1.4.3 )
> > >>    - spring security integrated with boot project along with ignite
> > >>    - HttpSessionCookieCsrfTokenRepository does not work, gives
> > >>    intermediate errors on single instance so used
> > CookieCsrfTokenRepository
> > >>    for CSRF token, again I think we need a fix here from Ignite.
> > >>
> > >> I cant reproduce this errors while I am running on single instance,
> you
> > >> need to run this app on 2 spring boot instance having proxy in front (
> > F5,
> > >> OR any proxy ) with round robin fashion ( no sticky session on F5 OR
> > >> proxies ).
> > >>
> > >> We were thinking with round robin the user session will active since
> we
> > >> used session replication on backend.
> > >>
> > >> Do let me know if you need more information here.
> > >>
> > >> Thanks,
> > >>
> > >> Rishi
> > >>
> > >>
> > >>
> > >>
> > >> On Tue, Feb 14, 2017 at 9:57 PM, Rishi Yagnik <rishiyagnik@gmail.com>
> > >> wrote:
> > >>
> > >>> Val,
> > >>>
> > >>> My SB sample project is ready however I have asked for an approval
to
> > >>> submit sample project to you, it would take day or two.
> > >>>
> > >>> I will keep you posted.
> > >>>
> > >>> Thanks for all your help,
> > >>>
> > >>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi Yagnik <rishiyagnik@gmail.com
> >
> > >>> wrote:
> > >>>
> > >>>> Let me build an example app for you and send it across to you.
> > >>>>
> > >>>> Thanks,
> > >>>>
> > >>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin Kulichenko <
> > >>>> valentin.kulichenko@gmail.com> wrote:
> > >>>>
> > >>>>> Rishi,
> > >>>>>
> > >>>>> No I don't, and I think that's what we should start with. I
want to
> > >>>>> understand a use case that is currently not supported (if any)
and
> > then
> > >>>>> find the best solution. And I would like to reuse existing
code as
> > >>>>> much as
> > >>>>> possible.
> > >>>>>
> > >>>>> Do you have any code that reproduces the problem you had and
how
> you
> > >>>>> tried
> > >>>>> to utilize current web session clustering? Can you share it
with
> us?
> > >>>>>
> > >>>>> -Val
> > >>>>>
> > >>>>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi Yagnik <
> > rishiyagnik@gmail.com>
> > >>>>> wrote:
> > >>>>>
> > >>>>> > Hi Val,
> > >>>>> >
> > >>>>> > I am working on SB platform with spring security and we
found out
> > >>>>> that the
> > >>>>> > web session filter ignite provides does not work for session
> > >>>>> management on
> > >>>>> > 2 node spring boot cluster.
> > >>>>> >
> > >>>>> > Somehow, spring security filter kicks in result in some
weird
> > errors
> > >>>>> with
> > >>>>> > web session filter.
> > >>>>> >
> > >>>>> > So making compatible with spring security somehow, we
need to
> write
> > >>>>> > implementation on spring session.
> > >>>>> >
> > >>>>> > Do you have any test cases that says web session filter
would
> work
> > >>>>> with
> > >>>>> > spring security on boot platform ?
> > >>>>> >
> > >>>>> > Thanks,
> > >>>>> >
> > >>>>> >
> > >>>>> > On Tue, Feb 14, 2017 at 1:03 PM, Valentin Kulichenko <
> > >>>>> > valentin.kulichenko@gmail.com> wrote:
> > >>>>> >
> > >>>>> > > Hi Rishi,
> > >>>>> > >
> > >>>>> > > Can you please take a look at web session clustering
feature
> [1]
> > >>>>> provided
> > >>>>> > > by Ignite? I'm looking at Spring Session docs and
it seems to
> me
> > >>>>> it does
> > >>>>> > > exactly the same - replaces HttpSession with custom
> > implementation
> > >>>>> that
> > >>>>> > has
> > >>>>> > > a backend storage. If it doesn't provide any additional
API or
> > >>>>> > > functionality, I'm not sure I understand the benefit
of this
> > >>>>> feature.
> > >>>>> > >
> > >>>>> > > Let me know if I'm missing something.
> > >>>>> > >
> > >>>>> > > [1] https://apacheignite-mix.readme.io/docs/web-session-
> > clustering
> > >>>>> > >
> > >>>>> > > -Val
> > >>>>> > >
> > >>>>> > > On Mon, Feb 13, 2017 at 2:41 PM, Rishi Yagnik <
> > >>>>> rishiyagnik@gmail.com>
> > >>>>> > > wrote:
> > >>>>> > >
> > >>>>> > > > I would like to discuss session replication
/ fail over
> design
> > on
> > >>>>> > spring
> > >>>>> > > > boot platform and wanted to find what is the
best out to get
> > >>>>> started
> > >>>>> > > here ?
> > >>>>> > > >
> > >>>>> > > > Possible approaches are as follows -
> > >>>>> > > >
> > >>>>> > > >    - Make use of Spring Session for session
replication and
> > fail
> > >>>>> over
> > >>>>> > > >    - Extend the web session filter and make
it work on spring
> > >>>>> boot
> > >>>>> > > >    application
> > >>>>> > > >
> > >>>>> > > >
> > >>>>> > > > I am thinking that best approach would be to
get started here
> > >>>>> with
> > >>>>> > spring
> > >>>>> > > > session design however I am open for feedback
here.
> > >>>>> > > >
> > >>>>> > > > --
> > >>>>> > > > Rishi Yagnik
> > >>>>> > > >
> > >>>>> > >
> > >>>>> >
> > >>>>> >
> > >>>>> >
> > >>>>> > --
> > >>>>> > Rishi Yagnik
> > >>>>> >
> > >>>>>
> > >>>>
> > >>>>
> > >>>>
> > >>>> --
> > >>>> Rishi Yagnik
> > >>>>
> > >>>
> > >>>
> > >>>
> > >>> --
> > >>> Rishi Yagnik
> > >>>
> > >>
> > >>
> > >>
> > >> --
> > >> Rishi Yagnik
> > >>
> > >
> > >
> >
>
>
>
> --
> Rishi Yagnik
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message