spring-session

I'm attempting to implement a microservices architecture using Spring Cloud's Zuul, Eureka, and my own services. I have multiple services that have UIs and services and each can authenticate users using x509 security. Now I'm trying to place Zuul in front of those services. Since Zuul can't forward client certs to the backend, I thought the next best thing would be to authenticate the user at the front door in Zuul, then use Spring Session to replicate their authenticated state across the backend services. I have followed the tutorial here from Dave Syer and it almost works, but not on the

I have followed Quetion1 and Quetion2 from stack overflow to send messages to specific client, based on its sessionId but could not find success. Below is my sample RestController class @RestController public class SpringSessionTestApi { @Autowired public SimpMessageSendingOperations messagingTemplate; @MessageMapping("/messages") public void greeting(HelloMessage message, SimpMessageHeaderAccessor headerAccessor) throws Exception { String sessionId = (String) headerAccessor.getSessionAttributes().get("SPRING.SESSION.ID"); messagingTemplate.convertAndSendToUser(sessionId,"/queue/test",message,

I want to prevent login when user exceed maxSession count. For example every user can login once. And then if logged user try another login system should disable login for him. .sessionManagement() .maximumSessions(1).expiredUrl("/login?expire").maxSessionsPreventsLogin(true) .sessionRegistry(sessionRegistry()); @Bean public static ServletListenerRegistrationBean httpSessionEventPublisher() { return new ServletListenerRegistrationBean(new HttpSessionEventPublisher()); } NOTE : This is tested on Spring MVC and 4.3.9.RELEASE , I haven't used Spring Boot yet. I found a solution, let me share how

Thanks a lot in advance for reading this question. Setup I am using: spring-security-oauth2:2.0.7.RELEASE spring-cloud-security:1.0.1.RELEASE spring-session:1.0.1.RELEASE and would have a question regarding the persistence of spring-security-oauth2 OAuth2ClientContext in a Redis datastore when using spring-session (via @EnableRedisHttpSession ) in a Single-Sign-On ( @EnableOAuth2Sso ), reverse proxy ( @EnableZuulProxy ) gateway. Problem It seems to me that the SessionScoped JdkDynamicAopProxied DefaultOAuth2ClientContext created in org.springframework.cloud.security.oauth2.client

In my Spring Boot 1.4 based application I use Spring Session to store session data in the database with JDBC . This works fine with the default session. But when I want to add a new session (by adding ?_s=1 to the application url) I get the following exception: java.lang.IllegalArgumentException: An invalid character [32] was present in the Cookie value What is the issue here? Edit: Note that I do not set the cookie value myself, Spring Session does that. Thus I can not tell which value it tries to set. The complete stacktrace is here: java.lang.IllegalArgumentException: An invalid character