ignite-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rishi Yagnik <rishiyag...@gmail.com>
Subject Re: IGNITE-2741 - spring session design
Date Sat, 18 Mar 2017 15:46:41 GMT
Thanks, Val.

When are we going to release Ignite 2.0 ? June ??

Thanks,

On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
valentin.kulichenko@gmail.com> wrote:

> Denis,
>
> Yes, this should be possible. I will try to finalize the fix asap.
>
> -Val
>
> On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda <dmagda@apache.org> wrote:
>
> > Val,
> >
> > Will it be possible to incorporate the fix into the nearest 2.0 release?
> >
> > —
> > Denis
> >
> > > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <rishiyagnik@gmail.com>
> > wrote:
> > >
> > > Hi Val,
> > >
> > > Hope you are well, any update on web session clustering.
> > >
> > > Thanks,
> > > Rishi
> > >
> > > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <rishiyagnik@gmail.com>
> > > wrote:
> > >
> > >> Hi Val,
> > >>
> > >> Thanks looking forward for the fix..
> > >>
> > >> Take Care,
> > >> Rishi
> > >>
> > >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> > >> valentin.kulichenko@gmail.com> wrote:
> > >>>
> > >>> Hi Rishi,
> > >>>
> > >>> I want to fix the bug first. It takes a bit longer than I thought,
> but
> > I
> > >>> should finish it over the weekend.
> > >>>
> > >>> -Val
> > >>>
> > >>>> On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
> rishiyagnik@gmail.com>
> > >> wrote:
> > >>>>
> > >>>> Hi Val,
> > >>>>
> > >>>> Did you chance to look into session handling issue ?
> > >>>>
> > >>>> Thanks,
> > >>>>
> > >>>> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <rishiyagnik@gmail.com
> >
> > >>>> wrote:
> > >>>>
> > >>>>> Hi Val,
> > >>>>>
> > >>>>> Do you think I can test a fix in 1.9 RC releases ? How are you
> > planning
> > >>>> to
> > >>>>> release a fix ?
> > >>>>>
> > >>>>> Did you also look into problem where storing xsrf token in Ignite
> > >> returns
> > >>>>> an exception and does not behave as expected ?
> > >>>>>
> > >>>>> In SecurityConfig.java use HttpSessionCsrfTokenRepository with
> > >> following
> > >>>>> code -
> > >>>>>
> > >>>>> .csrfTokenRepository(csrfTokenRepository())
> > >>>>>
> > >>>>> private CsrfTokenRepository csrfTokenRepository() {
> > >>>>>   HttpSessionCsrfTokenRepository repository = new
> > >>>> HttpSessionCsrfTokenRepository();
> > >>>>>   repository.setHeaderName("X-XSRF-TOKEN");
> > >>>>>   return repository;
> > >>>>> }
> > >>>>>
> > >>>>> Thank you for all your help,
> > >>>>>
> > >>>>>
> > >>>>> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> > >>>>> valentin.kulichenko@gmail.com> wrote:
> > >>>>>
> > >>>>>> Hi Rishi,
> > >>>>>>
> > >>>>>> I got to the bottom of it. Basically, the session is replaced in
> > >> Spring
> > >>>>>> filter, but caching happens based on the old version which doesn't
> > >> have
> > >>>>>> security attributes. The fix is going to be very easy, I will do
> it
> > >>>>>> tomorrow.
> > >>>>>>
> > >>>>>> -Val
> > >>>>>>
> > >>>>>> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik <
> rishiyagnik@gmail.com
> > >
> > >>>>>> wrote:
> > >>>>>>
> > >>>>>>> Val,
> > >>>>>>>
> > >>>>>>> Did you get chance to play around with the code ?
> > >>>>>>>
> > >>>>>>> Thanks,
> > >>>>>>>
> > >>>>>>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
> > rishiyagnik@gmail.com>
> > >>>>>>> wrote:
> > >>>>>>>
> > >>>>>>>> Val,
> > >>>>>>>>
> > >>>>>>>> Adding a filter before csrf filter will invoke the custom ignite
> > >>>>>> filter.
> > >>>>>>>>
> > >>>>>>>> Declare a custom filter class extends it with websession filter
> > >>>>>>>>
> > >>>>>>>> public class CustomWebSessionFilter extends WebSessionFilter {
> > >>>>>>>>
> > >>>>>>>>        private static boolean igniteInitialize = false
> > >>>>>>>>
> > >>>>>>>> @Override public void doFilter(ServletRequest req,
> ServletResponse
> > >>>>>> res,
> > >>>>>>>> FilterChain chain)
> > >>>>>>>>           throws IOException, ServletException {
> > >>>>>>>>       if(!igniteInitialize) {
> > >>>>>>>>           super.init(new FilterConfig() {
> > >>>>>>>>               @Override
> > >>>>>>>>               public String getFilterName() {
> > >>>>>>>>                   return "CustomWebSessionFilter";
> > >>>>>>>>               }
> > >>>>>>>>
> > >>>>>>>>               @Override
> > >>>>>>>>               public ServletContext getServletContext() {
> > >>>>>>>>                   return req.getServletContext();
> > >>>>>>>>               }
> > >>>>>>>>
> > >>>>>>>>               @Override
> > >>>>>>>>               public String getInitParameter(String name) {
> > >>>>>>>>                   return null;
> > >>>>>>>>               }
> > >>>>>>>>
> > >>>>>>>>               @Override
> > >>>>>>>>               public Enumeration<String>
> getInitParameterNames() {
> > >>>>>>>>                   return null;
> > >>>>>>>>               }
> > >>>>>>>>           });
> > >>>>>>>>           igniteInitialize = true;
> > >>>>>>>>       }
> > >>>>>>>>       super.doFilter(req,res,chain);
> > >>>>>>>>   }
> > >>>>>>>> }
> > >>>>>>>>
> > >>>>>>>> And in SecurityConfig.java add following line to invoke filter
> > >>>> before
> > >>>>>>>> Ignite Web Session filter -
> > >>>>>>>>
> > >>>>>>>> .addFilterBefore(new ArWebSessionFilter(), CsrfFilter.class)
> > >>>>>>>>
> > >>>>>>>> Hope it helps..
> > >>>>>>>>
> > >>>>>>>> Thanks,
> > >>>>>>>>
> > >>>>>>>> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
> > >>>>>>>> valentin.kulichenko@gmail.com> wrote:
> > >>>>>>>>
> > >>>>>>>>> Rishi,
> > >>>>>>>>>
> > >>>>>>>>> Can you please share how you forced Ignite filter to be invoked
> > >>>>>> before
> > >>>>>>>>> security filter?
> > >>>>>>>>>
> > >>>>>>>>> -Val
> > >>>>>>>>>
> > >>>>>>>>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik <
> > >>>> rishiyagnik@gmail.com
> > >>>>>>>
> > >>>>>>>>> wrote:
> > >>>>>>>>>
> > >>>>>>>>>> Hi Val,
> > >>>>>>>>>>
> > >>>>>>>>>> Thanks for the response, we have executed ignite filter before
> > >>>>>> spring
> > >>>>>>>>>> security filter but somehow the ignite filter does not do the
> > job
> > >>>>>> of
> > >>>>>>>>>> setting spring principle context.
> > >>>>>>>>>>
> > >>>>>>>>>> As a result even though we have spring principle in session,
> > >>>> spring
> > >>>>>>>>> filter
> > >>>>>>>>>> does not recognize it and sends us back to log in page.
> > >>>>>>>>>>
> > >>>>>>>>>> I think there s some more work needed here to change the
> filter
> > >>>> and
> > >>>>>>> make
> > >>>>>>>>>> it work with spring boot application.
> > >>>>>>>>>>
> > >>>>>>>>>> Take Care,
> > >>>>>>>>>> Rishi
> > >>>>>>>>>>
> > >>>>>>>>>>> On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
> > >>>>>>>>>> valentin.kulichenko@gmail.com> wrote:
> > >>>>>>>>>>>
> > >>>>>>>>>>> Hi Rishi,
> > >>>>>>>>>>>
> > >>>>>>>>>>> I did some debugging. Apparently, the reason for this
> behavior
> > >>>> is
> > >>>>>>> that
> > >>>>>>>>>>> Spring Security filter resides before Ignite's filter in the
> > >>>>>> chain
> > >>>>>>>>> list.
> > >>>>>>>>>> I
> > >>>>>>>>>>> think that eventually this should be fixed in the product,
> but
> > >>>> in
> > >>>>>>> the
> > >>>>>>>>>>> meantime there must be a way to work around the problem by
> > >>>>>>> controlling
> > >>>>>>>>>> the
> > >>>>>>>>>>> order. Do you know how this can be done in Spring Boot?
> > >>>>>>>>>>>
> > >>>>>>>>>>> -Val
> > >>>>>>>>>>>
> > >>>>>>>>>>>> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik <
> > >>>>>>> rishiyagnik@gmail.com
> > >>>>>>>>>>
> > >>>>>>>>>> wrote:
> > >>>>>>>>>>>>
> > >>>>>>>>>>>> Hi Val,
> > >>>>>>>>>>>>
> > >>>>>>>>>>>> Sorry for pestering, thanks for all your help.
> > >>>>>>>>>>>>
> > >>>>>>>>>>>> Rishi
> > >>>>>>>>>>>>
> > >>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:22 PM, Valentin Kulichenko <
> > >>>>>>>>>>>> valentin.kulichenko@gmail.com> wrote:
> > >>>>>>>>>>>>
> > >>>>>>>>>>>>> Hi Rishi,
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> Sorry, not yet. But this on my short list of TODOs, will
> try
> > >>>> to
> > >>>>>>>>> give an
> > >>>>>>>>>>>>> update as soon as possible.
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik <
> > >>>>>>>>> rishiyagnik@gmail.com>
> > >>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>>> Hi Val,
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>> any update on session replication issue ?
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>> Thanks,
> > >>>>>>>>>>>>>> Rishi
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>> On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik <
> > >>>>>>>>> rishiyagnik@gmail.com>
> > >>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>> Thanks Val for looking into it.
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>> On Wed, Feb 22, 2017 at 9:32 PM, Valentin Kulichenko <
> > >>>>>>>>>>>>>>> valentin.kulichenko@gmail.com> wrote:
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> Hi Rishi,
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> Got it, I think I'm reproducing the issue. I'll take a
> > >>>> look
> > >>>>>> and
> > >>>>>>>>> let
> > >>>>>>>>>>>>> you
> > >>>>>>>>>>>>>>>> know my findings soon.
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <
> > >>>>>>>>>>>> rishiyagnik@gmail.com>
> > >>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>> Hi Val,
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>> The issue will occur in cluster environment, please
> setup
> > >>>>>> the
> > >>>>>>>>>>>> spring
> > >>>>>>>>>>>>>>>> boot
> > >>>>>>>>>>>>>>>>> on 2 different host with LB (F5 OR Reverse proxy) in
> > >>>> front
> > >>>>>> and
> > >>>>>>>>> try
> > >>>>>>>>>>>>> to
> > >>>>>>>>>>>>>>>>> login.
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>> In cluster environment, Spring security does not
> > >>>> recognize
> > >>>>>> the
> > >>>>>>>>>>>>> session
> > >>>>>>>>>>>>>>>> on
> > >>>>>>>>>>>>>>>>> the host you are not logged in, as a result, spring
> > >>>>>> security
> > >>>>>>>>> will
> > >>>>>>>>>>>>>>>> redirect
> > >>>>>>>>>>>>>>>>> to login url however the correct behavior should be
> that
> > >>>>>> user
> > >>>>>>>>>>>> would
> > >>>>>>>>>>>>>> stay
> > >>>>>>>>>>>>>>>>> logged in with session replication.
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>> Do let me know if you need more information.
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>> Thanks,
> > >>>>>>>>>>>>>>>>> Rishi
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:08 PM, Valentin Kulichenko <
> > >>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com> wrote:
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>> Hi Rishi,
> > >>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>> I was able to build and run the application. Can you
> > >>>> give
> > >>>>>>> some
> > >>>>>>>>>>>>>>>>> description
> > >>>>>>>>>>>>>>>>>> on what should I test to understand the issue? What
> > >>>>>> exactly
> > >>>>>>>>>>>> didn't
> > >>>>>>>>>>>>>>>> work
> > >>>>>>>>>>>>>>>>> for
> > >>>>>>>>>>>>>>>>>> you?
> > >>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 10:52 AM, Valentin Kulichenko
> <
> > >>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com> wrote:
> > >>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>> Hi Rishi,
> > >>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>> Thanks, I'll take a look.
> > >>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik <
> > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com>
> > >>>>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> Hi Val,
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> As promised, please find attached code for spring
> boot
> > >>>>>>>>>>>>>> integration
> > >>>>>>>>>>>>>>>>> with
> > >>>>>>>>>>>>>>>>>>>> spring security along with Ignite.
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> Some more information on project -
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> - It is a maven project ( Ignite 1.7.0, SB 1.4.3 )
> > >>>>>>>>>>>>>>>>>>>> - spring security integrated with boot project along
> > >>>>>> with
> > >>>>>>>>>>>>>> ignite
> > >>>>>>>>>>>>>>>>>>>> - HttpSessionCookieCsrfTokenRepository does not
> > >>>> work,
> > >>>>>>>>>>>> gives
> > >>>>>>>>>>>>>>>>>>>> intermediate errors on single instance so used
> > >>>>>>>>>>>>>>>>>> CookieCsrfTokenRepository
> > >>>>>>>>>>>>>>>>>>>> for CSRF token, again I think we need a fix here
> > >>>> from
> > >>>>>>>>>>>>> Ignite.
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> I cant reproduce this errors while I am running on
> > >>>>>> single
> > >>>>>>>>>>>>>> instance,
> > >>>>>>>>>>>>>>>>> you
> > >>>>>>>>>>>>>>>>>>>> need to run this app on 2 spring boot instance
> having
> > >>>>>> proxy
> > >>>>>>>>>>>> in
> > >>>>>>>>>>>>>>>> front (
> > >>>>>>>>>>>>>>>>>> F5,
> > >>>>>>>>>>>>>>>>>>>> OR any proxy ) with round robin fashion ( no sticky
> > >>>>>> session
> > >>>>>>>>>>>> on
> > >>>>>>>>>>>>> F5
> > >>>>>>>>>>>>>>>> OR
> > >>>>>>>>>>>>>>>>>>>> proxies ).
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> We were thinking with round robin the user session
> > >>>> will
> > >>>>>>>>>>>> active
> > >>>>>>>>>>>>>>>> since
> > >>>>>>>>>>>>>>>>> we
> > >>>>>>>>>>>>>>>>>>>> used session replication on backend.
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> Do let me know if you need more information here.
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> Thanks,
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> Rishi
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 9:57 PM, Rishi Yagnik <
> > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com>
> > >>>>>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>> Val,
> > >>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>> My SB sample project is ready however I have asked
> > >>>> for
> > >>>>>> an
> > >>>>>>>>>>>>>>>> approval to
> > >>>>>>>>>>>>>>>>>>>>> submit sample project to you, it would take day or
> > >>>> two.
> > >>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>> I will keep you posted.
> > >>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>> Thanks for all your help,
> > >>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi Yagnik <
> > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com
> > >>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>> Let me build an example app for you and send it
> > >>>>>> across to
> > >>>>>>>>>>>>> you.
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>> Thanks,
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin
> > >>>> Kulichenko <
> > >>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>> Rishi,
> > >>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>> No I don't, and I think that's what we should
> start
> > >>>>>>> with.
> > >>>>>>>>>>>> I
> > >>>>>>>>>>>>>>>> want to
> > >>>>>>>>>>>>>>>>>>>>>>> understand a use case that is currently not
> > >>>> supported
> > >>>>>>> (if
> > >>>>>>>>>>>>> any)
> > >>>>>>>>>>>>>>>> and
> > >>>>>>>>>>>>>>>>>> then
> > >>>>>>>>>>>>>>>>>>>>>>> find the best solution. And I would like to reuse
> > >>>>>>> existing
> > >>>>>>>>>>>>>> code
> > >>>>>>>>>>>>>>>> as
> > >>>>>>>>>>>>>>>>>>>>>>> much as
> > >>>>>>>>>>>>>>>>>>>>>>> possible.
> > >>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>> Do you have any code that reproduces the problem
> > >>>> you
> > >>>>>> had
> > >>>>>>>>>>>> and
> > >>>>>>>>>>>>>> how
> > >>>>>>>>>>>>>>>>> you
> > >>>>>>>>>>>>>>>>>>>>>>> tried
> > >>>>>>>>>>>>>>>>>>>>>>> to utilize current web session clustering? Can
> you
> > >>>>>> share
> > >>>>>>>>>>>> it
> > >>>>>>>>>>>>>> with
> > >>>>>>>>>>>>>>>>> us?
> > >>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi Yagnik <
> > >>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com>
> > >>>>>>>>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>> I am working on SB platform with spring security
> > >>>>>> and we
> > >>>>>>>>>>>>>> found
> > >>>>>>>>>>>>>>>> out
> > >>>>>>>>>>>>>>>>>>>>>>> that the
> > >>>>>>>>>>>>>>>>>>>>>>>> web session filter ignite provides does not work
> > >>>> for
> > >>>>>>>>>>>>> session
> > >>>>>>>>>>>>>>>>>>>>>>> management on
> > >>>>>>>>>>>>>>>>>>>>>>>> 2 node spring boot cluster.
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>> Somehow, spring security filter kicks in result
> in
> > >>>>>> some
> > >>>>>>>>>>>>>> weird
> > >>>>>>>>>>>>>>>>>> errors
> > >>>>>>>>>>>>>>>>>>>>>>> with
> > >>>>>>>>>>>>>>>>>>>>>>>> web session filter.
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>> So making compatible with spring security
> somehow,
> > >>>>>> we
> > >>>>>>>>>>>> need
> > >>>>>>>>>>>>>> to
> > >>>>>>>>>>>>>>>>> write
> > >>>>>>>>>>>>>>>>>>>>>>>> implementation on spring session.
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>> Do you have any test cases that says web session
> > >>>>>> filter
> > >>>>>>>>>>>>>> would
> > >>>>>>>>>>>>>>>>> work
> > >>>>>>>>>>>>>>>>>>>>>>> with
> > >>>>>>>>>>>>>>>>>>>>>>>> spring security on boot platform ?
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>> Thanks,
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 1:03 PM, Valentin
> > >>>>>> Kulichenko <
> > >>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>> Can you please take a look at web session
> > >>>>>> clustering
> > >>>>>>>>>>>>>> feature
> > >>>>>>>>>>>>>>>>> [1]
> > >>>>>>>>>>>>>>>>>>>>>>> provided
> > >>>>>>>>>>>>>>>>>>>>>>>>> by Ignite? I'm looking at Spring Session docs
> and
> > >>>>>> it
> > >>>>>>>>>>>>> seems
> > >>>>>>>>>>>>>>>> to
> > >>>>>>>>>>>>>>>>> me
> > >>>>>>>>>>>>>>>>>>>>>>> it does
> > >>>>>>>>>>>>>>>>>>>>>>>>> exactly the same - replaces HttpSession with
> > >>>> custom
> > >>>>>>>>>>>>>>>>>> implementation
> > >>>>>>>>>>>>>>>>>>>>>>> that
> > >>>>>>>>>>>>>>>>>>>>>>>> has
> > >>>>>>>>>>>>>>>>>>>>>>>>> a backend storage. If it doesn't provide any
> > >>>>>>>>>>>> additional
> > >>>>>>>>>>>>>> API
> > >>>>>>>>>>>>>>>> or
> > >>>>>>>>>>>>>>>>>>>>>>>>> functionality, I'm not sure I understand the
> > >>>>>> benefit
> > >>>>>>>>>>>> of
> > >>>>>>>>>>>>>> this
> > >>>>>>>>>>>>>>>>>>>>>>> feature.
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>> Let me know if I'm missing something.
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>> [1] https://apacheignite-mix.
> > >>>>>>>>>>>>> readme.io/docs/web-session-
> > >>>>>>>>>>>>>>>>>> clustering
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>> On Mon, Feb 13, 2017 at 2:41 PM, Rishi Yagnik <
> > >>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com>
> > >>>>>>>>>>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>> I would like to discuss session replication /
> > >>>> fail
> > >>>>>>>>>>>>> over
> > >>>>>>>>>>>>>>>>> design
> > >>>>>>>>>>>>>>>>>> on
> > >>>>>>>>>>>>>>>>>>>>>>>> spring
> > >>>>>>>>>>>>>>>>>>>>>>>>>> boot platform and wanted to find what is the
> > >>>> best
> > >>>>>>>>>>>> out
> > >>>>>>>>>>>>> to
> > >>>>>>>>>>>>>>>> get
> > >>>>>>>>>>>>>>>>>>>>>>> started
> > >>>>>>>>>>>>>>>>>>>>>>>>> here ?
> > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>> Possible approaches are as follows -
> > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>> - Make use of Spring Session for session
> > >>>>>>>>>>>>> replication
> > >>>>>>>>>>>>>>>> and
> > >>>>>>>>>>>>>>>>>> fail
> > >>>>>>>>>>>>>>>>>>>>>>> over
> > >>>>>>>>>>>>>>>>>>>>>>>>>> - Extend the web session filter and make it
> > >>>> work
> > >>>>>>>>>>>> on
> > >>>>>>>>>>>>>>>> spring
> > >>>>>>>>>>>>>>>>>>>>>>> boot
> > >>>>>>>>>>>>>>>>>>>>>>>>>> application
> > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>> I am thinking that best approach would be to
> get
> > >>>>>>>>>>>>> started
> > >>>>>>>>>>>>>>>> here
> > >>>>>>>>>>>>>>>>>>>>>>> with
> > >>>>>>>>>>>>>>>>>>>>>>>> spring
> > >>>>>>>>>>>>>>>>>>>>>>>>>> session design however I am open for feedback
> > >>>>>> here.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>
> > >>>>>>>>>>>>
> > >>>>>>>>>>>>
> > >>>>>>>>>>>> --
> > >>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>
> > >>>>>>>>>>
> > >>>>>>>>>
> > >>>>>>>>
> > >>>>>>>>
> > >>>>>>>>
> > >>>>>>>> --
> > >>>>>>>> Rishi Yagnik
> > >>>>>>>>
> > >>>>>>>
> > >>>>>>>
> > >>>>>>>
> > >>>>>>> --
> > >>>>>>> Rishi Yagnik
> > >>>>>>>
> > >>>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>> --
> > >>>>> Rishi Yagnik
> > >>>>>
> > >>>>
> > >>>>
> > >>>>
> > >>>> --
> > >>>> Rishi Yagnik
> > >>>>
> > >>
> > >
> > >
> > >
> > > --
> > > Rishi Yagnik
> >
> >
>



-- 
Rishi Yagnik

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message