spring-session

Session not replicated on session creation with Spring Boot, Session, and Redis

独自空忆成欢 提交于 2019-12-03 13:44:27
问题 I'm attempting to implement a microservices architecture using Spring Cloud's Zuul, Eureka, and my own services. I have multiple services that have UIs and services and each can authenticate users using x509 security. Now I'm trying to place Zuul in front of those services. Since Zuul can't forward client certs to the backend, I thought the next best thing would be to authenticate the user at the front door in Zuul, then use Spring Session to replicate their authenticated state across the

Session not replicated on session creation with Spring Boot, Session, and Redis

被刻印的时光 ゝ 提交于 2019-12-03 03:39:37
I'm attempting to implement a microservices architecture using Spring Cloud's Zuul, Eureka, and my own services. I have multiple services that have UIs and services and each can authenticate users using x509 security. Now I'm trying to place Zuul in front of those services. Since Zuul can't forward client certs to the backend, I thought the next best thing would be to authenticate the user at the front door in Zuul, then use Spring Session to replicate their authenticated state across the backend services. I have followed the tutorial here from Dave Syer and it almost works, but not on the

Spring session + Spring web socket. Send message to specific client based on session id

落爺英雄遲暮 提交于 2019-12-01 21:49:04
I have followed Quetion1 and Quetion2 from stack overflow to send messages to specific client, based on its sessionId but could not find success. Below is my sample RestController class @RestController public class SpringSessionTestApi { @Autowired public SimpMessageSendingOperations messagingTemplate; @MessageMapping("/messages") public void greeting(HelloMessage message, SimpMessageHeaderAccessor headerAccessor) throws Exception { String sessionId = (String) headerAccessor.getSessionAttributes().get("SPRING.SESSION.ID"); messagingTemplate.convertAndSendToUser(sessionId,"/queue/test",message,

Spring Security maxSession doesn't work

こ雲淡風輕ζ 提交于 2019-11-30 21:48:15
I want to prevent login when user exceed maxSession count. For example every user can login once. And then if logged user try another login system should disable login for him. .sessionManagement() .maximumSessions(1).expiredUrl("/login?expire").maxSessionsPreventsLogin(true) .sessionRegistry(sessionRegistry()); @Bean public static ServletListenerRegistrationBean httpSessionEventPublisher() { return new ServletListenerRegistrationBean(new HttpSessionEventPublisher()); } NOTE : This is tested on Spring MVC and 4.3.9.RELEASE , I haven't used Spring Boot yet. I found a solution, let me share how

OAuth2ClientContext (spring-security-oauth2) not persisted in Redis when using spring-session and spring-cloud-security

别来无恙 提交于 2019-11-30 13:21:35
问题 Thanks a lot in advance for reading this question. Setup I am using: spring-security-oauth2:2.0.7.RELEASE spring-cloud-security:1.0.1.RELEASE spring-session:1.0.1.RELEASE and would have a question regarding the persistence of spring-security-oauth2 OAuth2ClientContext in a Redis datastore when using spring-session (via @EnableRedisHttpSession ) in a Single-Sign-On ( @EnableOAuth2Sso ), reverse proxy ( @EnableZuulProxy ) gateway. Problem It seems to me that the SessionScoped

What is the default session timeout and how to configure it when using the Spring Session with Redis as the backend

ε祈祈猫儿з 提交于 2019-11-30 10:48:47
问题 My application currently use Spring Session together with Redis as the backend. I searched into the official documentation for Spring Session but was not able to find what the default session timeout is when using that module. Also I am not sure how to change that default timeout if necessary. Can someone please advise? 回答1: The easiest way to configure session timeout when using redis repository is @EnableRedisHttpSession(maxInactiveIntervalInSeconds = 60) The session expires when it is no

OAuth2ClientContext (spring-security-oauth2) not persisted in Redis when using spring-session and spring-cloud-security

时光怂恿深爱的人放手 提交于 2019-11-30 07:14:33
Thanks a lot in advance for reading this question. Setup I am using: spring-security-oauth2:2.0.7.RELEASE spring-cloud-security:1.0.1.RELEASE spring-session:1.0.1.RELEASE and would have a question regarding the persistence of spring-security-oauth2 OAuth2ClientContext in a Redis datastore when using spring-session (via @EnableRedisHttpSession ) in a Single-Sign-On ( @EnableOAuth2Sso ), reverse proxy ( @EnableZuulProxy ) gateway. Problem It seems to me that the SessionScoped JdkDynamicAopProxied DefaultOAuth2ClientContext created in org.springframework.cloud.security.oauth2.client

Error with cookie-value when adding a new Spring Session

此生再无相见时 提交于 2019-11-29 01:30:44
In my Spring Boot 1.4 based application I use Spring Session to store session data in the database with JDBC . This works fine with the default session. But when I want to add a new session (by adding ?_s=1 to the application url) I get the following exception: java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie value What is the issue here? Edit: Note that I do not set the cookie value myself, Spring Session does that. Thus I can not tell which value it tries to set. The complete stacktrace is here: java.lang.IllegalArgumentException: An invalid character

Spring Zuul API Gateway with Spring Session / Redis Authenticate and Route in same Request

冷暖自知 提交于 2019-11-27 20:36:12
问题 I have been really been searching high and low for the last few days on how to do this and have finally decided to admit defeat and ask for help, please!!! I have followed Dr Dave Syer's tutorial on Angular and Spring Security specifically the Zuul Proxy as an api gateway and using Spring Session with Redis (https://github.com/spring-guides/tut-spring-security-and-angular-js/tree/master/double#_sso_with_oauth2_angular_js_and_spring_security_part_v) The issue I am having is that I am calling

Error with cookie-value when adding a new Spring Session

半城伤御伤魂 提交于 2019-11-27 16:04:08
问题 In my Spring Boot 1.4 based application I use Spring Session to store session data in the database with JDBC . This works fine with the default session. But when I want to add a new session (by adding ?_s=1 to the application url) I get the following exception: java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie value What is the issue here? Edit: Note that I do not set the cookie value myself, Spring Session does that. Thus I can not tell which value it