spring-session

Custom cookie name when using Spring Session

一世执手 提交于 2019-12-19 11:37:06
问题 I am using v1.0.1 of Spring Sessions. I have got my application setup using XML configurations. I now need to change the cookie name from the default of "SESSION" based on some property. For example to myApp_SESSION where myApp will be read from a property file. I noticed that the SessionRepositoryFilter has only one constructor that takes a sessionRepository and the httpSessionStrategy with CookieHttpSessionStrategy using default values. My current XML configuration is as below. <bean id=

Spring Security maxSession doesn't work

拜拜、爱过 提交于 2019-12-19 03:16:19
问题 I want to prevent login when user exceed maxSession count. For example every user can login once. And then if logged user try another login system should disable login for him. .sessionManagement() .maximumSessions(1).expiredUrl("/login?expire").maxSessionsPreventsLogin(true) .sessionRegistry(sessionRegistry()); @Bean public static ServletListenerRegistrationBean httpSessionEventPublisher() { return new ServletListenerRegistrationBean(new HttpSessionEventPublisher()); } 回答1: NOTE : This is

How to change spring session (redis) cookie name?

偶尔善良 提交于 2019-12-13 17:06:20
问题 We have two projects behind same domain ( zuul proxy in front of them ), both uses spring session project with sessions kept in redis. Those two sessions should be different, but seems they are overwriting each other id in cookie named 'SESSION'. How to change that name? Is there any easy way to do that through configuration? 回答1: ok, I did not find any property in configuration to change that. I dig in a bit in spring-session source code, and finally do: @Bean public <S extends

Spring session unable save session to Redis

穿精又带淫゛_ 提交于 2019-12-13 16:04:27
问题 I have an application that is integrated with spring security. I separated this application to two app for this I want to config spring session with Redis for centralization authentication between this two app. I have configured Redis but when I want to log in the below exception is raised: Caused by: org.springframework.core.serializer.support.SerializationFailedException: Failed to serialize object using DefaultSerializer; nested exception is java.io.NotSerializableException: org

spring session redis 'No bean named 'springSessionRepositoryFilter' is defined'

删除回忆录丶 提交于 2019-12-13 07:00:01
问题 JDK1.7 Tomcat8 Redis sv 3.0 Spring3.2.14, jedis 2.8.1, spring session 1.2, spring data redis 1.7 [INFO ][XmlBeanDefinitionReader(loadBeanDefinitions:316)] Loading XML bean definitions [INFO ][DefaultListableBeanFactory(preInstantiateSingletons:603)] Pre-instantiating singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@66039e85: defining beans [redisHttpSessionConfiguration,jedisPoolConfig,jedisConnectionFactory,redisTemplate]; root of factory hierarchyerere

How can I get my Custom Filter to continue on to do Spring Session?

旧巷老猫 提交于 2019-12-12 04:25:48
问题 I've got this code which seems to be working mostly ok. filter public class JsonAuthenticationFilter extends AbstractAuthenticationProcessingFilter { private final ObjectMapper objectMapper; private final Validator validator; protected JsonAuthenticationFilter( final RequestMatcher matcher, final ObjectMapper objectMapper, final Validator validator ) { super( matcher ); this.objectMapper = objectMapper; this.validator = validator; } @Override public Authentication attemptAuthentication( final

Session attributes missing intermittently - Spring Session + Pivotal GemFire Implementation

我与影子孤独终老i 提交于 2019-12-11 20:39:15
问题 Facing a strange issue for sometime in Spring Session with Pivotal GemFire integration. We have multiple HTTP requests, which eventually does set/get of session attributes in a varying order based on several conditions. At some given point... (T) session.getAttribute(sessionKeyN); // (T) is template object ... is retrieving null . We have cross verified that no session.setAttribute(..) is invoked in between two session.getAttribute(..) calls out of which one misses the object. We enabled

Spring Session table-name property does not change the table name

纵饮孤独 提交于 2019-12-11 18:41:02
问题 I have to be able to rename the default Spring Session table and found the following configuration options in the spring session documentation. spring.session.jdbc.schema=classpath:org/springframework/session/jdbc/schema-@@platform@@.sql # Path to the SQL file to use to initialize the database schema. spring.session.jdbc.table-name=SPRING_SESSION # Name of database table used to store sessions. Here is what I am trying to set in application.properties: spring.session.store-type=jdbc spring

Multiple Spring Security configurations for REST via BasicAuth vs. Session with CSRF

别来无恙 提交于 2019-12-11 14:53:41
问题 In am working on a Spring Boot (1.3.2) application which just serves Spring MVC REST controllers that are consumed by a JavaScript single page app (deployed standalone, not inside the boot jar). The setup uses Spring Security , Spring Session and has CSRF protection enabled. This works as expected for the JavaScript client. A login is done by a GET call with Basic Auth provided, the backend creates a session, returns a cookie and also provides the CSRF token in the response according to this

Spring webflux session management

早过忘川 提交于 2019-12-11 14:53:08
问题 I am using Spring boot 2 with spring webflux running on netty. I would like to add session management without needing to have a backing database or redis server (so Spring Session doesn't seem to be a solution here). I could use WebSession in my controllers, but then I would need to enable sticky sessions on my load balancer, which I would prefer to avoid. What I would like is one of the following: Client side session like in Play framework (session is stored as a cookie and added onto each