ignite-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rishi Yagnik <rishiyag...@gmail.com>
Subject Re: IGNITE-2741 - spring session design
Date Wed, 12 Apr 2017 20:00:59 GMT
Val,

I build it from master s and was able to integrate with our app, but as I
mentioned to you previously, I see the XSRF-Token errors in debug log,

[DEBUG] [XNIO-2 task-4] org.springframework.security.web.FilterChainProxy -
/app/xxx/yyy/zz/A at position 3 of 13 in additional filter chain; firing
Filter: 'HeaderWriterFilter'
[DEBUG] [XNIO-2 task-4] org.springframework.security.web.FilterChainProxy -
/app/xxx/yyy/zz/A at position 4 of 13 in additional filter chain; firing
Filter: 'CsrfFilter'

[DEBUG] [XNIO-2 task-4] org.springframework.security.web.csrf.CsrfFilter -
Invalid CSRF token found for http://localhost:9002/app/xxx/yyy/zz/A

And, then after, CSRF filter does not like the session, redirects to /403
error.

Just wondering why the XSRF Token is not being saved in the session  ?

More debugging is require for sure..

of course there is a work around to the problem, I can just use Cookie
based Token repository to avoid this issue.

.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())


will let you know my findings..

As always, thanks for all your help.

Thanks,
Rishi


On Tue, Apr 11, 2017 at 4:18 PM, Rishi Yagnik <rishiyagnik@gmail.com> wrote:

> Hi Val,
>
> I will build it from master s and let you know by tomorrow.
>
> Thanks,
>
>
> On Tue, Apr 11, 2017 at 3:53 PM, Valentin Kulichenko <
> valentin.kulichenko@gmail.com> wrote:
>
>> Hi Rishi,
>>
>> What was the issue with the HttpSessionCsrfTokenRepository? I didn't have
>> any problems after I added code you provided.
>>
>> The fix for [1] is already in master. Can you try building from there and
>> check if everything works fine for you?
>>
>> [1] https://issues.apache.org/jira/browse/IGNITE-4948
>>
>> -Val
>>
>> On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda <dmagda@gridgain.com> wrote:
>>
>> > Somewhere in April. This will be clarified on the dev list soon.
>> >
>> > On Saturday, March 18, 2017, Rishi Yagnik <rishiyagnik@gmail.com>
>> wrote:
>> >
>> > > Thanks, Val.
>> > >
>> > > When are we going to release Ignite 2.0 ? June ??
>> > >
>> > > Thanks,
>> > >
>> > > On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
>> > > valentin.kulichenko@gmail.com <javascript:;>> wrote:
>> > >
>> > > > Denis,
>> > > >
>> > > > Yes, this should be possible. I will try to finalize the fix asap.
>> > > >
>> > > > -Val
>> > > >
>> > > > On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda <dmagda@apache.org
>> > > <javascript:;>> wrote:
>> > > >
>> > > > > Val,
>> > > > >
>> > > > > Will it be possible to incorporate the fix into the nearest 2.0
>> > > release?
>> > > > >
>> > > > > —
>> > > > > Denis
>> > > > >
>> > > > > > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <
>> rishiyagnik@gmail.com
>> > > <javascript:;>>
>> > > > > wrote:
>> > > > > >
>> > > > > > Hi Val,
>> > > > > >
>> > > > > > Hope you are well, any update on web session clustering.
>> > > > > >
>> > > > > > Thanks,
>> > > > > > Rishi
>> > > > > >
>> > > > > > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
>> > > rishiyagnik@gmail.com <javascript:;>>
>> > > > > > wrote:
>> > > > > >
>> > > > > >> Hi Val,
>> > > > > >>
>> > > > > >> Thanks looking forward for the fix..
>> > > > > >>
>> > > > > >> Take Care,
>> > > > > >> Rishi
>> > > > > >>
>> > > > > >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
>> > > > > >> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>> > > > > >>>
>> > > > > >>> Hi Rishi,
>> > > > > >>>
>> > > > > >>> I want to fix the bug first. It takes a bit longer than I
>> > thought,
>> > > > but
>> > > > > I
>> > > > > >>> should finish it over the weekend.
>> > > > > >>>
>> > > > > >>> -Val
>> > > > > >>>
>> > > > > >>>> On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
>> > > > rishiyagnik@gmail.com <javascript:;>>
>> > > > > >> wrote:
>> > > > > >>>>
>> > > > > >>>> Hi Val,
>> > > > > >>>>
>> > > > > >>>> Did you chance to look into session handling issue ?
>> > > > > >>>>
>> > > > > >>>> Thanks,
>> > > > > >>>>
>> > > > > >>>> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <
>> > > rishiyagnik@gmail.com <javascript:;>
>> > > > >
>> > > > > >>>> wrote:
>> > > > > >>>>
>> > > > > >>>>> Hi Val,
>> > > > > >>>>>
>> > > > > >>>>> Do you think I can test a fix in 1.9 RC releases ? How are
>> you
>> > > > > planning
>> > > > > >>>> to
>> > > > > >>>>> release a fix ?
>> > > > > >>>>>
>> > > > > >>>>> Did you also look into problem where storing xsrf token in
>> > Ignite
>> > > > > >> returns
>> > > > > >>>>> an exception and does not behave as expected ?
>> > > > > >>>>>
>> > > > > >>>>> In SecurityConfig.java use HttpSessionCsrfTokenRepository
>> with
>> > > > > >> following
>> > > > > >>>>> code -
>> > > > > >>>>>
>> > > > > >>>>> .csrfTokenRepository(csrfTokenRepository())
>> > > > > >>>>>
>> > > > > >>>>> private CsrfTokenRepository csrfTokenRepository() {
>> > > > > >>>>>   HttpSessionCsrfTokenRepository repository = new
>> > > > > >>>> HttpSessionCsrfTokenRepository();
>> > > > > >>>>>   repository.setHeaderName("X-XSRF-TOKEN");
>> > > > > >>>>>   return repository;
>> > > > > >>>>> }
>> > > > > >>>>>
>> > > > > >>>>> Thank you for all your help,
>> > > > > >>>>>
>> > > > > >>>>>
>> > > > > >>>>> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
>> > > > > >>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>> > > > > >>>>>
>> > > > > >>>>>> Hi Rishi,
>> > > > > >>>>>>
>> > > > > >>>>>> I got to the bottom of it. Basically, the session is
>> replaced
>> > in
>> > > > > >> Spring
>> > > > > >>>>>> filter, but caching happens based on the old version which
>> > > doesn't
>> > > > > >> have
>> > > > > >>>>>> security attributes. The fix is going to be very easy, I
>> will
>> > do
>> > > > it
>> > > > > >>>>>> tomorrow.
>> > > > > >>>>>>
>> > > > > >>>>>> -Val
>> > > > > >>>>>>
>> > > > > >>>>>> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik <
>> > > > rishiyagnik@gmail.com <javascript:;>
>> > > > > >
>> > > > > >>>>>> wrote:
>> > > > > >>>>>>
>> > > > > >>>>>>> Val,
>> > > > > >>>>>>>
>> > > > > >>>>>>> Did you get chance to play around with the code ?
>> > > > > >>>>>>>
>> > > > > >>>>>>> Thanks,
>> > > > > >>>>>>>
>> > > > > >>>>>>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
>> > > > > rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>> wrote:
>> > > > > >>>>>>>
>> > > > > >>>>>>>> Val,
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> Adding a filter before csrf filter will invoke the custom
>> > > ignite
>> > > > > >>>>>> filter.
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> Declare a custom filter class extends it with websession
>> > > filter
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> public class CustomWebSessionFilter extends
>> > WebSessionFilter {
>> > > > > >>>>>>>>
>> > > > > >>>>>>>>        private static boolean igniteInitialize = false
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> @Override public void doFilter(ServletRequest req,
>> > > > ServletResponse
>> > > > > >>>>>> res,
>> > > > > >>>>>>>> FilterChain chain)
>> > > > > >>>>>>>>           throws IOException, ServletException {
>> > > > > >>>>>>>>       if(!igniteInitialize) {
>> > > > > >>>>>>>>           super.init(new FilterConfig() {
>> > > > > >>>>>>>>               @Override
>> > > > > >>>>>>>>               public String getFilterName() {
>> > > > > >>>>>>>>                   return "CustomWebSessionFilter";
>> > > > > >>>>>>>>               }
>> > > > > >>>>>>>>
>> > > > > >>>>>>>>               @Override
>> > > > > >>>>>>>>               public ServletContext getServletContext() {
>> > > > > >>>>>>>>                   return req.getServletContext();
>> > > > > >>>>>>>>               }
>> > > > > >>>>>>>>
>> > > > > >>>>>>>>               @Override
>> > > > > >>>>>>>>               public String getInitParameter(String
>> name) {
>> > > > > >>>>>>>>                   return null;
>> > > > > >>>>>>>>               }
>> > > > > >>>>>>>>
>> > > > > >>>>>>>>               @Override
>> > > > > >>>>>>>>               public Enumeration<String>
>> > > > getInitParameterNames() {
>> > > > > >>>>>>>>                   return null;
>> > > > > >>>>>>>>               }
>> > > > > >>>>>>>>           });
>> > > > > >>>>>>>>           igniteInitialize = true;
>> > > > > >>>>>>>>       }
>> > > > > >>>>>>>>       super.doFilter(req,res,chain);
>> > > > > >>>>>>>>   }
>> > > > > >>>>>>>> }
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> And in SecurityConfig.java add following line to invoke
>> > filter
>> > > > > >>>> before
>> > > > > >>>>>>>> Ignite Web Session filter -
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> .addFilterBefore(new ArWebSessionFilter(),
>> CsrfFilter.class)
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> Hope it helps..
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> Thanks,
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
>> > > > > >>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>> > > > > >>>>>>>>
>> > > > > >>>>>>>>> Rishi,
>> > > > > >>>>>>>>>
>> > > > > >>>>>>>>> Can you please share how you forced Ignite filter to be
>> > > invoked
>> > > > > >>>>>> before
>> > > > > >>>>>>>>> security filter?
>> > > > > >>>>>>>>>
>> > > > > >>>>>>>>> -Val
>> > > > > >>>>>>>>>
>> > > > > >>>>>>>>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik <
>> > > > > >>>> rishiyagnik@gmail.com <javascript:;>
>> > > > > >>>>>>>
>> > > > > >>>>>>>>> wrote:
>> > > > > >>>>>>>>>
>> > > > > >>>>>>>>>> Hi Val,
>> > > > > >>>>>>>>>>
>> > > > > >>>>>>>>>> Thanks for the response, we have executed ignite filter
>> > > before
>> > > > > >>>>>> spring
>> > > > > >>>>>>>>>> security filter but somehow the ignite filter does not
>> do
>> > > the
>> > > > > job
>> > > > > >>>>>> of
>> > > > > >>>>>>>>>> setting spring principle context.
>> > > > > >>>>>>>>>>
>> > > > > >>>>>>>>>> As a result even though we have spring principle in
>> > session,
>> > > > > >>>> spring
>> > > > > >>>>>>>>> filter
>> > > > > >>>>>>>>>> does not recognize it and sends us back to log in page.
>> > > > > >>>>>>>>>>
>> > > > > >>>>>>>>>> I think there s some more work needed here to change
>> the
>> > > > filter
>> > > > > >>>> and
>> > > > > >>>>>>> make
>> > > > > >>>>>>>>>> it work with spring boot application.
>> > > > > >>>>>>>>>>
>> > > > > >>>>>>>>>> Take Care,
>> > > > > >>>>>>>>>> Rishi
>> > > > > >>>>>>>>>>
>> > > > > >>>>>>>>>>> On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
>> > > > > >>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>> > > > > >>>>>>>>>>>
>> > > > > >>>>>>>>>>> Hi Rishi,
>> > > > > >>>>>>>>>>>
>> > > > > >>>>>>>>>>> I did some debugging. Apparently, the reason for this
>> > > > behavior
>> > > > > >>>> is
>> > > > > >>>>>>> that
>> > > > > >>>>>>>>>>> Spring Security filter resides before Ignite's filter
>> in
>> > > the
>> > > > > >>>>>> chain
>> > > > > >>>>>>>>> list.
>> > > > > >>>>>>>>>> I
>> > > > > >>>>>>>>>>> think that eventually this should be fixed in the
>> > product,
>> > > > but
>> > > > > >>>> in
>> > > > > >>>>>>> the
>> > > > > >>>>>>>>>>> meantime there must be a way to work around the
>> problem
>> > by
>> > > > > >>>>>>> controlling
>> > > > > >>>>>>>>>> the
>> > > > > >>>>>>>>>>> order. Do you know how this can be done in Spring
>> Boot?
>> > > > > >>>>>>>>>>>
>> > > > > >>>>>>>>>>> -Val
>> > > > > >>>>>>>>>>>
>> > > > > >>>>>>>>>>>> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik <
>> > > > > >>>>>>> rishiyagnik@gmail.com <javascript:;>
>> > > > > >>>>>>>>>>
>> > > > > >>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>> Hi Val,
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>> Sorry for pestering, thanks for all your help.
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>> Rishi
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:22 PM, Valentin Kulichenko
>> <
>> > > > > >>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>> Hi Rishi,
>> > > > > >>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>> Sorry, not yet. But this on my short list of TODOs,
>> > will
>> > > > try
>> > > > > >>>> to
>> > > > > >>>>>>>>> give an
>> > > > > >>>>>>>>>>>>> update as soon as possible.
>> > > > > >>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>> -Val
>> > > > > >>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik <
>> > > > > >>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>> Hi Val,
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>> any update on session replication issue ?
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>> Thanks,
>> > > > > >>>>>>>>>>>>>> Rishi
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>> On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik <
>> > > > > >>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>> Thanks Val for looking into it.
>> > > > > >>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>> On Wed, Feb 22, 2017 at 9:32 PM, Valentin
>> Kulichenko
>> > <
>> > > > > >>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
>> wrote:
>> > > > > >>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>> Hi Rishi,
>> > > > > >>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>> Got it, I think I'm reproducing the issue. I'll
>> > take a
>> > > > > >>>> look
>> > > > > >>>>>> and
>> > > > > >>>>>>>>> let
>> > > > > >>>>>>>>>>>>> you
>> > > > > >>>>>>>>>>>>>>>> know my findings soon.
>> > > > > >>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>> -Val
>> > > > > >>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <
>> > > > > >>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>> Hi Val,
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>> The issue will occur in cluster environment,
>> please
>> > > > setup
>> > > > > >>>>>> the
>> > > > > >>>>>>>>>>>> spring
>> > > > > >>>>>>>>>>>>>>>> boot
>> > > > > >>>>>>>>>>>>>>>>> on 2 different host with LB (F5 OR Reverse
>> proxy)
>> > in
>> > > > > >>>> front
>> > > > > >>>>>> and
>> > > > > >>>>>>>>> try
>> > > > > >>>>>>>>>>>>> to
>> > > > > >>>>>>>>>>>>>>>>> login.
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>> In cluster environment, Spring security does not
>> > > > > >>>> recognize
>> > > > > >>>>>> the
>> > > > > >>>>>>>>>>>>> session
>> > > > > >>>>>>>>>>>>>>>> on
>> > > > > >>>>>>>>>>>>>>>>> the host you are not logged in, as a result,
>> spring
>> > > > > >>>>>> security
>> > > > > >>>>>>>>> will
>> > > > > >>>>>>>>>>>>>>>> redirect
>> > > > > >>>>>>>>>>>>>>>>> to login url however the correct behavior
>> should be
>> > > > that
>> > > > > >>>>>> user
>> > > > > >>>>>>>>>>>> would
>> > > > > >>>>>>>>>>>>>> stay
>> > > > > >>>>>>>>>>>>>>>>> logged in with session replication.
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>> Do let me know if you need more information.
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>> Thanks,
>> > > > > >>>>>>>>>>>>>>>>> Rishi
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:08 PM, Valentin
>> > Kulichenko
>> > > <
>> > > > > >>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
>> > wrote:
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>> Hi Rishi,
>> > > > > >>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>> I was able to build and run the application.
>> Can
>> > you
>> > > > > >>>> give
>> > > > > >>>>>>> some
>> > > > > >>>>>>>>>>>>>>>>> description
>> > > > > >>>>>>>>>>>>>>>>>> on what should I test to understand the issue?
>> > What
>> > > > > >>>>>> exactly
>> > > > > >>>>>>>>>>>> didn't
>> > > > > >>>>>>>>>>>>>>>> work
>> > > > > >>>>>>>>>>>>>>>>> for
>> > > > > >>>>>>>>>>>>>>>>>> you?
>> > > > > >>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>> -Val
>> > > > > >>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 10:52 AM, Valentin
>> > > Kulichenko
>> > > > <
>> > > > > >>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
>> > > wrote:
>> > > > > >>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>> Hi Rishi,
>> > > > > >>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>> Thanks, I'll take a look.
>> > > > > >>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>> -Val
>> > > > > >>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik
>> <
>> > > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>>>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> Hi Val,
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> As promised, please find attached code for
>> > spring
>> > > > boot
>> > > > > >>>>>>>>>>>>>> integration
>> > > > > >>>>>>>>>>>>>>>>> with
>> > > > > >>>>>>>>>>>>>>>>>>>> spring security along with Ignite.
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> Some more information on project -
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> - It is a maven project ( Ignite 1.7.0, SB
>> > 1.4.3 )
>> > > > > >>>>>>>>>>>>>>>>>>>> - spring security integrated with boot
>> project
>> > > along
>> > > > > >>>>>> with
>> > > > > >>>>>>>>>>>>>> ignite
>> > > > > >>>>>>>>>>>>>>>>>>>> - HttpSessionCookieCsrfTokenRepository does
>> not
>> > > > > >>>> work,
>> > > > > >>>>>>>>>>>> gives
>> > > > > >>>>>>>>>>>>>>>>>>>> intermediate errors on single instance so
>> used
>> > > > > >>>>>>>>>>>>>>>>>> CookieCsrfTokenRepository
>> > > > > >>>>>>>>>>>>>>>>>>>> for CSRF token, again I think we need a fix
>> here
>> > > > > >>>> from
>> > > > > >>>>>>>>>>>>> Ignite.
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> I cant reproduce this errors while I am
>> running
>> > on
>> > > > > >>>>>> single
>> > > > > >>>>>>>>>>>>>> instance,
>> > > > > >>>>>>>>>>>>>>>>> you
>> > > > > >>>>>>>>>>>>>>>>>>>> need to run this app on 2 spring boot
>> instance
>> > > > having
>> > > > > >>>>>> proxy
>> > > > > >>>>>>>>>>>> in
>> > > > > >>>>>>>>>>>>>>>> front (
>> > > > > >>>>>>>>>>>>>>>>>> F5,
>> > > > > >>>>>>>>>>>>>>>>>>>> OR any proxy ) with round robin fashion ( no
>> > > sticky
>> > > > > >>>>>> session
>> > > > > >>>>>>>>>>>> on
>> > > > > >>>>>>>>>>>>> F5
>> > > > > >>>>>>>>>>>>>>>> OR
>> > > > > >>>>>>>>>>>>>>>>>>>> proxies ).
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> We were thinking with round robin the user
>> > session
>> > > > > >>>> will
>> > > > > >>>>>>>>>>>> active
>> > > > > >>>>>>>>>>>>>>>> since
>> > > > > >>>>>>>>>>>>>>>>> we
>> > > > > >>>>>>>>>>>>>>>>>>>> used session replication on backend.
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> Do let me know if you need more information
>> > here.
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> Thanks,
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> Rishi
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 9:57 PM, Rishi
>> Yagnik <
>> > > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>>>>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>> Val,
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>> My SB sample project is ready however I have
>> > > asked
>> > > > > >>>> for
>> > > > > >>>>>> an
>> > > > > >>>>>>>>>>>>>>>> approval to
>> > > > > >>>>>>>>>>>>>>>>>>>>> submit sample project to you, it would take
>> day
>> > > or
>> > > > > >>>> two.
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>> I will keep you posted.
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>> Thanks for all your help,
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi
>> Yagnik <
>> > > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>
>> > > > > >>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>> Let me build an example app for you and
>> send
>> > it
>> > > > > >>>>>> across to
>> > > > > >>>>>>>>>>>>> you.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>> Thanks,
>> > > > > >>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin
>> > > > > >>>> Kulichenko <
>> > > > > >>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
>> <javascript:;>>
>> > > wrote:
>> > > > > >>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> Rishi,
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> No I don't, and I think that's what we
>> should
>> > > > start
>> > > > > >>>>>>> with.
>> > > > > >>>>>>>>>>>> I
>> > > > > >>>>>>>>>>>>>>>> want to
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> understand a use case that is currently
>> not
>> > > > > >>>> supported
>> > > > > >>>>>>> (if
>> > > > > >>>>>>>>>>>>> any)
>> > > > > >>>>>>>>>>>>>>>> and
>> > > > > >>>>>>>>>>>>>>>>>> then
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> find the best solution. And I would like
>> to
>> > > reuse
>> > > > > >>>>>>> existing
>> > > > > >>>>>>>>>>>>>> code
>> > > > > >>>>>>>>>>>>>>>> as
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> much as
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> possible.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> Do you have any code that reproduces the
>> > > problem
>> > > > > >>>> you
>> > > > > >>>>>> had
>> > > > > >>>>>>>>>>>> and
>> > > > > >>>>>>>>>>>>>> how
>> > > > > >>>>>>>>>>>>>>>>> you
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> tried
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> to utilize current web session clustering?
>> > Can
>> > > > you
>> > > > > >>>>>> share
>> > > > > >>>>>>>>>>>> it
>> > > > > >>>>>>>>>>>>>> with
>> > > > > >>>>>>>>>>>>>>>>> us?
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> -Val
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi
>> > Yagnik
>> > > <
>> > > > > >>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> I am working on SB platform with spring
>> > > security
>> > > > > >>>>>> and we
>> > > > > >>>>>>>>>>>>>> found
>> > > > > >>>>>>>>>>>>>>>> out
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> that the
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> web session filter ignite provides does
>> not
>> > > work
>> > > > > >>>> for
>> > > > > >>>>>>>>>>>>> session
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> management on
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> 2 node spring boot cluster.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Somehow, spring security filter kicks in
>> > > result
>> > > > in
>> > > > > >>>>>> some
>> > > > > >>>>>>>>>>>>>> weird
>> > > > > >>>>>>>>>>>>>>>>>> errors
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> with
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> web session filter.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> So making compatible with spring security
>> > > > somehow,
>> > > > > >>>>>> we
>> > > > > >>>>>>>>>>>> need
>> > > > > >>>>>>>>>>>>>> to
>> > > > > >>>>>>>>>>>>>>>>> write
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> implementation on spring session.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Do you have any test cases that says web
>> > > session
>> > > > > >>>>>> filter
>> > > > > >>>>>>>>>>>>>> would
>> > > > > >>>>>>>>>>>>>>>>> work
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> with
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring security on boot platform ?
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Thanks,
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 1:03 PM, Valentin
>> > > > > >>>>>> Kulichenko <
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
>> > <javascript:;>>
>> > > wrote:
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Can you please take a look at web
>> session
>> > > > > >>>>>> clustering
>> > > > > >>>>>>>>>>>>>> feature
>> > > > > >>>>>>>>>>>>>>>>> [1]
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> provided
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> by Ignite? I'm looking at Spring Session
>> > docs
>> > > > and
>> > > > > >>>>>> it
>> > > > > >>>>>>>>>>>>> seems
>> > > > > >>>>>>>>>>>>>>>> to
>> > > > > >>>>>>>>>>>>>>>>> me
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> it does
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> exactly the same - replaces HttpSession
>> > with
>> > > > > >>>> custom
>> > > > > >>>>>>>>>>>>>>>>>> implementation
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> that
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> has
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> a backend storage. If it doesn't provide
>> > any
>> > > > > >>>>>>>>>>>> additional
>> > > > > >>>>>>>>>>>>>> API
>> > > > > >>>>>>>>>>>>>>>> or
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> functionality, I'm not sure I understand
>> > the
>> > > > > >>>>>> benefit
>> > > > > >>>>>>>>>>>> of
>> > > > > >>>>>>>>>>>>>> this
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> feature.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Let me know if I'm missing something.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> [1] https://apacheignite-mix.
>> > > > > >>>>>>>>>>>>> readme.io/docs/web-session-
>> > > > > >>>>>>>>>>>>>>>>>> clustering
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> -Val
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> On Mon, Feb 13, 2017 at 2:41 PM, Rishi
>> > > Yagnik <
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> I would like to discuss session
>> > replication
>> > > /
>> > > > > >>>> fail
>> > > > > >>>>>>>>>>>>> over
>> > > > > >>>>>>>>>>>>>>>>> design
>> > > > > >>>>>>>>>>>>>>>>>> on
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> boot platform and wanted to find what
>> is
>> > the
>> > > > > >>>> best
>> > > > > >>>>>>>>>>>> out
>> > > > > >>>>>>>>>>>>> to
>> > > > > >>>>>>>>>>>>>>>> get
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> started
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> here ?
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> Possible approaches are as follows -
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> - Make use of Spring Session for
>> session
>> > > > > >>>>>>>>>>>>> replication
>> > > > > >>>>>>>>>>>>>>>> and
>> > > > > >>>>>>>>>>>>>>>>>> fail
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> over
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> - Extend the web session filter and
>> make
>> > it
>> > > > > >>>> work
>> > > > > >>>>>>>>>>>> on
>> > > > > >>>>>>>>>>>>>>>> spring
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> boot
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> application
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> I am thinking that best approach would
>> be
>> > to
>> > > > get
>> > > > > >>>>>>>>>>>>> started
>> > > > > >>>>>>>>>>>>>>>> here
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> with
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> session design however I am open for
>> > > feedback
>> > > > > >>>>>> here.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>
>> > > > > >>>>>>>>>
>> > > > > >>>>>>>>
>> > > > > >>>>>>>>
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> --
>> > > > > >>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>
>> > > > > >>>>>>>
>> > > > > >>>>>>>
>> > > > > >>>>>>>
>> > > > > >>>>>>> --
>> > > > > >>>>>>> Rishi Yagnik
>> > > > > >>>>>>>
>> > > > > >>>>>>
>> > > > > >>>>>
>> > > > > >>>>>
>> > > > > >>>>>
>> > > > > >>>>> --
>> > > > > >>>>> Rishi Yagnik
>> > > > > >>>>>
>> > > > > >>>>
>> > > > > >>>>
>> > > > > >>>>
>> > > > > >>>> --
>> > > > > >>>> Rishi Yagnik
>> > > > > >>>>
>> > > > > >>
>> > > > > >
>> > > > > >
>> > > > > >
>> > > > > > --
>> > > > > > Rishi Yagnik
>> > > > >
>> > > > >
>> > > >
>> > >
>> > >
>> > >
>> > > --
>> > > Rishi Yagnik
>> > >
>> >
>>
>
>
>
> --
> Rishi Yagnik
>



-- 
Rishi Yagnik

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message