ignite-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Valentin Kulichenko <valentin.kuliche...@gmail.com>
Subject Re: IGNITE-2741 - spring session design
Date Sat, 18 Mar 2017 11:02:20 GMT
Denis,

Yes, this should be possible. I will try to finalize the fix asap.

-Val

On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda <dmagda@apache.org> wrote:

> Val,
>
> Will it be possible to incorporate the fix into the nearest 2.0 release?
>
> —
> Denis
>
> > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <rishiyagnik@gmail.com>
> wrote:
> >
> > Hi Val,
> >
> > Hope you are well, any update on web session clustering.
> >
> > Thanks,
> > Rishi
> >
> > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <rishiyagnik@gmail.com>
> > wrote:
> >
> >> Hi Val,
> >>
> >> Thanks looking forward for the fix..
> >>
> >> Take Care,
> >> Rishi
> >>
> >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> >> valentin.kulichenko@gmail.com> wrote:
> >>>
> >>> Hi Rishi,
> >>>
> >>> I want to fix the bug first. It takes a bit longer than I thought, but
> I
> >>> should finish it over the weekend.
> >>>
> >>> -Val
> >>>
> >>>> On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <rishiyagnik@gmail.com>
> >> wrote:
> >>>>
> >>>> Hi Val,
> >>>>
> >>>> Did you chance to look into session handling issue ?
> >>>>
> >>>> Thanks,
> >>>>
> >>>> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <rishiyagnik@gmail.com>
> >>>> wrote:
> >>>>
> >>>>> Hi Val,
> >>>>>
> >>>>> Do you think I can test a fix in 1.9 RC releases ? How are you
> planning
> >>>> to
> >>>>> release a fix ?
> >>>>>
> >>>>> Did you also look into problem where storing xsrf token in Ignite
> >> returns
> >>>>> an exception and does not behave as expected ?
> >>>>>
> >>>>> In SecurityConfig.java use HttpSessionCsrfTokenRepository with
> >> following
> >>>>> code -
> >>>>>
> >>>>> .csrfTokenRepository(csrfTokenRepository())
> >>>>>
> >>>>> private CsrfTokenRepository csrfTokenRepository() {
> >>>>>   HttpSessionCsrfTokenRepository repository = new
> >>>> HttpSessionCsrfTokenRepository();
> >>>>>   repository.setHeaderName("X-XSRF-TOKEN");
> >>>>>   return repository;
> >>>>> }
> >>>>>
> >>>>> Thank you for all your help,
> >>>>>
> >>>>>
> >>>>> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> >>>>> valentin.kulichenko@gmail.com> wrote:
> >>>>>
> >>>>>> Hi Rishi,
> >>>>>>
> >>>>>> I got to the bottom of it. Basically, the session is replaced
in
> >> Spring
> >>>>>> filter, but caching happens based on the old version which doesn't
> >> have
> >>>>>> security attributes. The fix is going to be very easy, I will
do it
> >>>>>> tomorrow.
> >>>>>>
> >>>>>> -Val
> >>>>>>
> >>>>>> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik <rishiyagnik@gmail.com
> >
> >>>>>> wrote:
> >>>>>>
> >>>>>>> Val,
> >>>>>>>
> >>>>>>> Did you get chance to play around with the code ?
> >>>>>>>
> >>>>>>> Thanks,
> >>>>>>>
> >>>>>>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
> rishiyagnik@gmail.com>
> >>>>>>> wrote:
> >>>>>>>
> >>>>>>>> Val,
> >>>>>>>>
> >>>>>>>> Adding a filter before csrf filter will invoke the custom
ignite
> >>>>>> filter.
> >>>>>>>>
> >>>>>>>> Declare a custom filter class extends it with websession
filter
> >>>>>>>>
> >>>>>>>> public class CustomWebSessionFilter extends WebSessionFilter
{
> >>>>>>>>
> >>>>>>>>        private static boolean igniteInitialize = false
> >>>>>>>>
> >>>>>>>> @Override public void doFilter(ServletRequest req, ServletResponse
> >>>>>> res,
> >>>>>>>> FilterChain chain)
> >>>>>>>>           throws IOException, ServletException {
> >>>>>>>>       if(!igniteInitialize) {
> >>>>>>>>           super.init(new FilterConfig() {
> >>>>>>>>               @Override
> >>>>>>>>               public String getFilterName() {
> >>>>>>>>                   return "CustomWebSessionFilter";
> >>>>>>>>               }
> >>>>>>>>
> >>>>>>>>               @Override
> >>>>>>>>               public ServletContext getServletContext()
{
> >>>>>>>>                   return req.getServletContext();
> >>>>>>>>               }
> >>>>>>>>
> >>>>>>>>               @Override
> >>>>>>>>               public String getInitParameter(String
name) {
> >>>>>>>>                   return null;
> >>>>>>>>               }
> >>>>>>>>
> >>>>>>>>               @Override
> >>>>>>>>               public Enumeration<String> getInitParameterNames()
{
> >>>>>>>>                   return null;
> >>>>>>>>               }
> >>>>>>>>           });
> >>>>>>>>           igniteInitialize = true;
> >>>>>>>>       }
> >>>>>>>>       super.doFilter(req,res,chain);
> >>>>>>>>   }
> >>>>>>>> }
> >>>>>>>>
> >>>>>>>> And in SecurityConfig.java add following line to invoke
filter
> >>>> before
> >>>>>>>> Ignite Web Session filter -
> >>>>>>>>
> >>>>>>>> .addFilterBefore(new ArWebSessionFilter(), CsrfFilter.class)
> >>>>>>>>
> >>>>>>>> Hope it helps..
> >>>>>>>>
> >>>>>>>> Thanks,
> >>>>>>>>
> >>>>>>>> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko
<
> >>>>>>>> valentin.kulichenko@gmail.com> wrote:
> >>>>>>>>
> >>>>>>>>> Rishi,
> >>>>>>>>>
> >>>>>>>>> Can you please share how you forced Ignite filter
to be invoked
> >>>>>> before
> >>>>>>>>> security filter?
> >>>>>>>>>
> >>>>>>>>> -Val
> >>>>>>>>>
> >>>>>>>>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik <
> >>>> rishiyagnik@gmail.com
> >>>>>>>
> >>>>>>>>> wrote:
> >>>>>>>>>
> >>>>>>>>>> Hi Val,
> >>>>>>>>>>
> >>>>>>>>>> Thanks for the response, we have executed ignite
filter before
> >>>>>> spring
> >>>>>>>>>> security filter but somehow the ignite filter
does not do the
> job
> >>>>>> of
> >>>>>>>>>> setting spring principle context.
> >>>>>>>>>>
> >>>>>>>>>> As a result even though we have spring principle
in session,
> >>>> spring
> >>>>>>>>> filter
> >>>>>>>>>> does not recognize it and sends us back to log
in page.
> >>>>>>>>>>
> >>>>>>>>>> I think there s some more work needed here to
change the filter
> >>>> and
> >>>>>>> make
> >>>>>>>>>> it work with spring boot application.
> >>>>>>>>>>
> >>>>>>>>>> Take Care,
> >>>>>>>>>> Rishi
> >>>>>>>>>>
> >>>>>>>>>>> On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko
<
> >>>>>>>>>> valentin.kulichenko@gmail.com> wrote:
> >>>>>>>>>>>
> >>>>>>>>>>> Hi Rishi,
> >>>>>>>>>>>
> >>>>>>>>>>> I did some debugging. Apparently, the reason
for this behavior
> >>>> is
> >>>>>>> that
> >>>>>>>>>>> Spring Security filter resides before Ignite's
filter in the
> >>>>>> chain
> >>>>>>>>> list.
> >>>>>>>>>> I
> >>>>>>>>>>> think that eventually this should be fixed
in the product, but
> >>>> in
> >>>>>>> the
> >>>>>>>>>>> meantime there must be a way to work around
the problem by
> >>>>>>> controlling
> >>>>>>>>>> the
> >>>>>>>>>>> order. Do you know how this can be done
in Spring Boot?
> >>>>>>>>>>>
> >>>>>>>>>>> -Val
> >>>>>>>>>>>
> >>>>>>>>>>>> On Tue, Feb 28, 2017 at 9:31 AM, Rishi
Yagnik <
> >>>>>>> rishiyagnik@gmail.com
> >>>>>>>>>>
> >>>>>>>>>> wrote:
> >>>>>>>>>>>>
> >>>>>>>>>>>> Hi Val,
> >>>>>>>>>>>>
> >>>>>>>>>>>> Sorry for pestering, thanks for all
your help.
> >>>>>>>>>>>>
> >>>>>>>>>>>> Rishi
> >>>>>>>>>>>>
> >>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:22 PM, Valentin
Kulichenko <
> >>>>>>>>>>>> valentin.kulichenko@gmail.com> wrote:
> >>>>>>>>>>>>
> >>>>>>>>>>>>> Hi Rishi,
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Sorry, not yet. But this on my short
list of TODOs, will try
> >>>> to
> >>>>>>>>> give an
> >>>>>>>>>>>>> update as soon as possible.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> -Val
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:47 AM,
Rishi Yagnik <
> >>>>>>>>> rishiyagnik@gmail.com>
> >>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> Hi Val,
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> any update on session replication
issue ?
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> Thanks,
> >>>>>>>>>>>>>> Rishi
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> On Thu, Feb 23, 2017 at 8:07
AM, Rishi Yagnik <
> >>>>>>>>> rishiyagnik@gmail.com>
> >>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> Thanks Val for looking into
it.
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> On Wed, Feb 22, 2017 at
9:32 PM, Valentin Kulichenko <
> >>>>>>>>>>>>>>> valentin.kulichenko@gmail.com>
wrote:
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Hi Rishi,
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Got it, I think I'm
reproducing the issue. I'll take a
> >>>> look
> >>>>>> and
> >>>>>>>>> let
> >>>>>>>>>>>>> you
> >>>>>>>>>>>>>>>> know my findings soon.
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> -Val
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> On Tue, Feb 21, 2017
at 7:27 PM, Rishi Yagnik <
> >>>>>>>>>>>> rishiyagnik@gmail.com>
> >>>>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> Hi Val,
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> The issue will occur
in cluster environment, please setup
> >>>>>> the
> >>>>>>>>>>>> spring
> >>>>>>>>>>>>>>>> boot
> >>>>>>>>>>>>>>>>> on 2 different host
with LB (F5 OR Reverse proxy) in
> >>>> front
> >>>>>> and
> >>>>>>>>> try
> >>>>>>>>>>>>> to
> >>>>>>>>>>>>>>>>> login.
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> In cluster environment,
Spring security does not
> >>>> recognize
> >>>>>> the
> >>>>>>>>>>>>> session
> >>>>>>>>>>>>>>>> on
> >>>>>>>>>>>>>>>>> the host you are
not logged in, as a result, spring
> >>>>>> security
> >>>>>>>>> will
> >>>>>>>>>>>>>>>> redirect
> >>>>>>>>>>>>>>>>> to login url however
the correct behavior should be that
> >>>>>> user
> >>>>>>>>>>>> would
> >>>>>>>>>>>>>> stay
> >>>>>>>>>>>>>>>>> logged in with session
replication.
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> Do let me know if
you need more information.
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> Thanks,
> >>>>>>>>>>>>>>>>> Rishi
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> On Tue, Feb 21,
2017 at 7:08 PM, Valentin Kulichenko <
> >>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com>
wrote:
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>> Hi Rishi,
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>> I was able to
build and run the application. Can you
> >>>> give
> >>>>>>> some
> >>>>>>>>>>>>>>>>> description
> >>>>>>>>>>>>>>>>>> on what should
I test to understand the issue? What
> >>>>>> exactly
> >>>>>>>>>>>> didn't
> >>>>>>>>>>>>>>>> work
> >>>>>>>>>>>>>>>>> for
> >>>>>>>>>>>>>>>>>> you?
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>> -Val
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>> On Wed, Feb
15, 2017 at 10:52 AM, Valentin Kulichenko <
> >>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com>
wrote:
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>> Hi Rishi,
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>> Thanks,
I'll take a look.
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>> -Val
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>> On Wed,
Feb 15, 2017 at 9:07 AM, Rishi Yagnik <
> >>>>>>>>>>>>>>>> rishiyagnik@gmail.com>
> >>>>>>>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> Hi Val,
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> As promised,
please find attached code for spring boot
> >>>>>>>>>>>>>> integration
> >>>>>>>>>>>>>>>>> with
> >>>>>>>>>>>>>>>>>>>> spring
security along with Ignite.
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> Some
more information on project -
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> - It
is a maven project ( Ignite 1.7.0, SB 1.4.3 )
> >>>>>>>>>>>>>>>>>>>> - spring
security integrated with boot project along
> >>>>>> with
> >>>>>>>>>>>>>> ignite
> >>>>>>>>>>>>>>>>>>>> - HttpSessionCookieCsrfTokenRepository
does not
> >>>> work,
> >>>>>>>>>>>> gives
> >>>>>>>>>>>>>>>>>>>> intermediate
errors on single instance so used
> >>>>>>>>>>>>>>>>>> CookieCsrfTokenRepository
> >>>>>>>>>>>>>>>>>>>> for
CSRF token, again I think we need a fix here
> >>>> from
> >>>>>>>>>>>>> Ignite.
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> I cant
reproduce this errors while I am running on
> >>>>>> single
> >>>>>>>>>>>>>> instance,
> >>>>>>>>>>>>>>>>> you
> >>>>>>>>>>>>>>>>>>>> need
to run this app on 2 spring boot instance having
> >>>>>> proxy
> >>>>>>>>>>>> in
> >>>>>>>>>>>>>>>> front (
> >>>>>>>>>>>>>>>>>> F5,
> >>>>>>>>>>>>>>>>>>>> OR any
proxy ) with round robin fashion ( no sticky
> >>>>>> session
> >>>>>>>>>>>> on
> >>>>>>>>>>>>> F5
> >>>>>>>>>>>>>>>> OR
> >>>>>>>>>>>>>>>>>>>> proxies
).
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> We were
thinking with round robin the user session
> >>>> will
> >>>>>>>>>>>> active
> >>>>>>>>>>>>>>>> since
> >>>>>>>>>>>>>>>>> we
> >>>>>>>>>>>>>>>>>>>> used
session replication on backend.
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> Do let
me know if you need more information here.
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> Thanks,
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> Rishi
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> On Tue,
Feb 14, 2017 at 9:57 PM, Rishi Yagnik <
> >>>>>>>>>>>>>>>> rishiyagnik@gmail.com>
> >>>>>>>>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>
Val,
> >>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>
My SB sample project is ready however I have asked
> >>>> for
> >>>>>> an
> >>>>>>>>>>>>>>>> approval to
> >>>>>>>>>>>>>>>>>>>>>
submit sample project to you, it would take day or
> >>>> two.
> >>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>
I will keep you posted.
> >>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>
Thanks for all your help,
> >>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>
On Tue, Feb 14, 2017 at 3:51 PM, Rishi Yagnik <
> >>>>>>>>>>>>>>>> rishiyagnik@gmail.com
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>
wrote:
> >>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>
Let me build an example app for you and send it
> >>>>>> across to
> >>>>>>>>>>>>> you.
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>
Thanks,
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>
On Tue, Feb 14, 2017 at 3:28 PM, Valentin
> >>>> Kulichenko <
> >>>>>>>>>>>>>>>>>>>>>>
valentin.kulichenko@gmail.com> wrote:
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>
Rishi,
> >>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>
No I don't, and I think that's what we should start
> >>>>>>> with.
> >>>>>>>>>>>> I
> >>>>>>>>>>>>>>>> want to
> >>>>>>>>>>>>>>>>>>>>>>>
understand a use case that is currently not
> >>>> supported
> >>>>>>> (if
> >>>>>>>>>>>>> any)
> >>>>>>>>>>>>>>>> and
> >>>>>>>>>>>>>>>>>> then
> >>>>>>>>>>>>>>>>>>>>>>>
find the best solution. And I would like to reuse
> >>>>>>> existing
> >>>>>>>>>>>>>> code
> >>>>>>>>>>>>>>>> as
> >>>>>>>>>>>>>>>>>>>>>>>
much as
> >>>>>>>>>>>>>>>>>>>>>>>
possible.
> >>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>
Do you have any code that reproduces the problem
> >>>> you
> >>>>>> had
> >>>>>>>>>>>> and
> >>>>>>>>>>>>>> how
> >>>>>>>>>>>>>>>>> you
> >>>>>>>>>>>>>>>>>>>>>>>
tried
> >>>>>>>>>>>>>>>>>>>>>>>
to utilize current web session clustering? Can you
> >>>>>> share
> >>>>>>>>>>>> it
> >>>>>>>>>>>>>> with
> >>>>>>>>>>>>>>>>> us?
> >>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>
-Val
> >>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>
On Tue, Feb 14, 2017 at 11:28 AM, Rishi Yagnik <
> >>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com>
> >>>>>>>>>>>>>>>>>>>>>>>
wrote:
> >>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>
Hi Val,
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>
I am working on SB platform with spring security
> >>>>>> and we
> >>>>>>>>>>>>>> found
> >>>>>>>>>>>>>>>> out
> >>>>>>>>>>>>>>>>>>>>>>>
that the
> >>>>>>>>>>>>>>>>>>>>>>>>
web session filter ignite provides does not work
> >>>> for
> >>>>>>>>>>>>> session
> >>>>>>>>>>>>>>>>>>>>>>>
management on
> >>>>>>>>>>>>>>>>>>>>>>>>
2 node spring boot cluster.
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>
Somehow, spring security filter kicks in result in
> >>>>>> some
> >>>>>>>>>>>>>> weird
> >>>>>>>>>>>>>>>>>> errors
> >>>>>>>>>>>>>>>>>>>>>>>
with
> >>>>>>>>>>>>>>>>>>>>>>>>
web session filter.
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>
So making compatible with spring security somehow,
> >>>>>> we
> >>>>>>>>>>>> need
> >>>>>>>>>>>>>> to
> >>>>>>>>>>>>>>>>> write
> >>>>>>>>>>>>>>>>>>>>>>>>
implementation on spring session.
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>
Do you have any test cases that says web session
> >>>>>> filter
> >>>>>>>>>>>>>> would
> >>>>>>>>>>>>>>>>> work
> >>>>>>>>>>>>>>>>>>>>>>>
with
> >>>>>>>>>>>>>>>>>>>>>>>>
spring security on boot platform ?
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>
Thanks,
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>
On Tue, Feb 14, 2017 at 1:03 PM, Valentin
> >>>>>> Kulichenko <
> >>>>>>>>>>>>>>>>>>>>>>>>
valentin.kulichenko@gmail.com> wrote:
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>
Hi Rishi,
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>
Can you please take a look at web session
> >>>>>> clustering
> >>>>>>>>>>>>>> feature
> >>>>>>>>>>>>>>>>> [1]
> >>>>>>>>>>>>>>>>>>>>>>>
provided
> >>>>>>>>>>>>>>>>>>>>>>>>>
by Ignite? I'm looking at Spring Session docs and
> >>>>>> it
> >>>>>>>>>>>>> seems
> >>>>>>>>>>>>>>>> to
> >>>>>>>>>>>>>>>>> me
> >>>>>>>>>>>>>>>>>>>>>>>
it does
> >>>>>>>>>>>>>>>>>>>>>>>>>
exactly the same - replaces HttpSession with
> >>>> custom
> >>>>>>>>>>>>>>>>>> implementation
> >>>>>>>>>>>>>>>>>>>>>>>
that
> >>>>>>>>>>>>>>>>>>>>>>>>
has
> >>>>>>>>>>>>>>>>>>>>>>>>>
a backend storage. If it doesn't provide any
> >>>>>>>>>>>> additional
> >>>>>>>>>>>>>> API
> >>>>>>>>>>>>>>>> or
> >>>>>>>>>>>>>>>>>>>>>>>>>
functionality, I'm not sure I understand the
> >>>>>> benefit
> >>>>>>>>>>>> of
> >>>>>>>>>>>>>> this
> >>>>>>>>>>>>>>>>>>>>>>>
feature.
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>
Let me know if I'm missing something.
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>
[1] https://apacheignite-mix.
> >>>>>>>>>>>>> readme.io/docs/web-session-
> >>>>>>>>>>>>>>>>>> clustering
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>
-Val
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>
On Mon, Feb 13, 2017 at 2:41 PM, Rishi Yagnik <
> >>>>>>>>>>>>>>>>>>>>>>>
rishiyagnik@gmail.com>
> >>>>>>>>>>>>>>>>>>>>>>>>>
wrote:
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>
I would like to discuss session replication /
> >>>> fail
> >>>>>>>>>>>>> over
> >>>>>>>>>>>>>>>>> design
> >>>>>>>>>>>>>>>>>> on
> >>>>>>>>>>>>>>>>>>>>>>>>
spring
> >>>>>>>>>>>>>>>>>>>>>>>>>>
boot platform and wanted to find what is the
> >>>> best
> >>>>>>>>>>>> out
> >>>>>>>>>>>>> to
> >>>>>>>>>>>>>>>> get
> >>>>>>>>>>>>>>>>>>>>>>>
started
> >>>>>>>>>>>>>>>>>>>>>>>>>
here ?
> >>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>
Possible approaches are as follows -
> >>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>
- Make use of Spring Session for session
> >>>>>>>>>>>>> replication
> >>>>>>>>>>>>>>>> and
> >>>>>>>>>>>>>>>>>> fail
> >>>>>>>>>>>>>>>>>>>>>>>
over
> >>>>>>>>>>>>>>>>>>>>>>>>>>
- Extend the web session filter and make it
> >>>> work
> >>>>>>>>>>>> on
> >>>>>>>>>>>>>>>> spring
> >>>>>>>>>>>>>>>>>>>>>>>
boot
> >>>>>>>>>>>>>>>>>>>>>>>>>>
application
> >>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>
I am thinking that best approach would be to get
> >>>>>>>>>>>>> started
> >>>>>>>>>>>>>>>> here
> >>>>>>>>>>>>>>>>>>>>>>>
with
> >>>>>>>>>>>>>>>>>>>>>>>>
spring
> >>>>>>>>>>>>>>>>>>>>>>>>>>
session design however I am open for feedback
> >>>>>> here.
> >>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>
--
> >>>>>>>>>>>>>>>>>>>>>>>>>>
Rishi Yagnik
> >>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>
--
> >>>>>>>>>>>>>>>>>>>>>>>>
Rishi Yagnik
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>
--
> >>>>>>>>>>>>>>>>>>>>>>
Rishi Yagnik
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>
--
> >>>>>>>>>>>>>>>>>>>>>
Rishi Yagnik
> >>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> --
> >>>>>>>>>>>>>>>>>>>> Rishi
Yagnik
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> --
> >>>>>>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> --
> >>>>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> --
> >>>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>> --
> >>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> --
> >>>>>>>> Rishi Yagnik
> >>>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> --
> >>>>>>> Rishi Yagnik
> >>>>>>>
> >>>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> --
> >>>>> Rishi Yagnik
> >>>>>
> >>>>
> >>>>
> >>>>
> >>>> --
> >>>> Rishi Yagnik
> >>>>
> >>
> >
> >
> >
> > --
> > Rishi Yagnik
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message