Thanks Val for looking into it. On Wed, Feb 22, 2017 at 9:32 PM, Valentin Kulichenko < valentin.kuliche...@gmail.com> wrote:
> Hi Rishi, > > Got it, I think I'm reproducing the issue. I'll take a look and let you > know my findings soon. > > -Val > > On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <rishiyag...@gmail.com> > wrote: > > > Hi Val, > > > > The issue will occur in cluster environment, please setup the spring boot > > on 2 different host with LB (F5 OR Reverse proxy) in front and try to > > login. > > > > In cluster environment, Spring security does not recognize the session on > > the host you are not logged in, as a result, spring security will > redirect > > to login url however the correct behavior should be that user would stay > > logged in with session replication. > > > > Do let me know if you need more information. > > > > Thanks, > > Rishi > > > > > > > > On Tue, Feb 21, 2017 at 7:08 PM, Valentin Kulichenko < > > valentin.kuliche...@gmail.com> wrote: > > > > > Hi Rishi, > > > > > > I was able to build and run the application. Can you give some > > description > > > on what should I test to understand the issue? What exactly didn't work > > for > > > you? > > > > > > -Val > > > > > > On Wed, Feb 15, 2017 at 10:52 AM, Valentin Kulichenko < > > > valentin.kuliche...@gmail.com> wrote: > > > > > > > Hi Rishi, > > > > > > > > Thanks, I'll take a look. > > > > > > > > -Val > > > > > > > > On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik <rishiyag...@gmail.com > > > > > > wrote: > > > > > > > >> Hi Val, > > > >> > > > >> As promised, please find attached code for spring boot integration > > with > > > >> spring security along with Ignite. > > > >> > > > >> Some more information on project - > > > >> > > > >> - It is a maven project ( Ignite 1.7.0, SB 1.4.3 ) > > > >> - spring security integrated with boot project along with ignite > > > >> - HttpSessionCookieCsrfTokenRepository does not work, gives > > > >> intermediate errors on single instance so used > > > CookieCsrfTokenRepository > > > >> for CSRF token, again I think we need a fix here from Ignite. > > > >> > > > >> I cant reproduce this errors while I am running on single instance, > > you > > > >> need to run this app on 2 spring boot instance having proxy in > front ( > > > F5, > > > >> OR any proxy ) with round robin fashion ( no sticky session on F5 OR > > > >> proxies ). > > > >> > > > >> We were thinking with round robin the user session will active since > > we > > > >> used session replication on backend. > > > >> > > > >> Do let me know if you need more information here. > > > >> > > > >> Thanks, > > > >> > > > >> Rishi > > > >> > > > >> > > > >> > > > >> > > > >> On Tue, Feb 14, 2017 at 9:57 PM, Rishi Yagnik < > rishiyag...@gmail.com> > > > >> wrote: > > > >> > > > >>> Val, > > > >>> > > > >>> My SB sample project is ready however I have asked for an approval > to > > > >>> submit sample project to you, it would take day or two. > > > >>> > > > >>> I will keep you posted. > > > >>> > > > >>> Thanks for all your help, > > > >>> > > > >>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi Yagnik < > rishiyag...@gmail.com > > > > > > >>> wrote: > > > >>> > > > >>>> Let me build an example app for you and send it across to you. > > > >>>> > > > >>>> Thanks, > > > >>>> > > > >>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin Kulichenko < > > > >>>> valentin.kuliche...@gmail.com> wrote: > > > >>>> > > > >>>>> Rishi, > > > >>>>> > > > >>>>> No I don't, and I think that's what we should start with. I want > to > > > >>>>> understand a use case that is currently not supported (if any) > and > > > then > > > >>>>> find the best solution. And I would like to reuse existing code > as > > > >>>>> much as > > > >>>>> possible. > > > >>>>> > > > >>>>> Do you have any code that reproduces the problem you had and how > > you > > > >>>>> tried > > > >>>>> to utilize current web session clustering? Can you share it with > > us? > > > >>>>> > > > >>>>> -Val > > > >>>>> > > > >>>>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi Yagnik < > > > rishiyag...@gmail.com> > > > >>>>> wrote: > > > >>>>> > > > >>>>> > Hi Val, > > > >>>>> > > > > >>>>> > I am working on SB platform with spring security and we found > out > > > >>>>> that the > > > >>>>> > web session filter ignite provides does not work for session > > > >>>>> management on > > > >>>>> > 2 node spring boot cluster. > > > >>>>> > > > > >>>>> > Somehow, spring security filter kicks in result in some weird > > > errors > > > >>>>> with > > > >>>>> > web session filter. > > > >>>>> > > > > >>>>> > So making compatible with spring security somehow, we need to > > write > > > >>>>> > implementation on spring session. > > > >>>>> > > > > >>>>> > Do you have any test cases that says web session filter would > > work > > > >>>>> with > > > >>>>> > spring security on boot platform ? > > > >>>>> > > > > >>>>> > Thanks, > > > >>>>> > > > > >>>>> > > > > >>>>> > On Tue, Feb 14, 2017 at 1:03 PM, Valentin Kulichenko < > > > >>>>> > valentin.kuliche...@gmail.com> wrote: > > > >>>>> > > > > >>>>> > > Hi Rishi, > > > >>>>> > > > > > >>>>> > > Can you please take a look at web session clustering feature > > [1] > > > >>>>> provided > > > >>>>> > > by Ignite? I'm looking at Spring Session docs and it seems to > > me > > > >>>>> it does > > > >>>>> > > exactly the same - replaces HttpSession with custom > > > implementation > > > >>>>> that > > > >>>>> > has > > > >>>>> > > a backend storage. If it doesn't provide any additional API > or > > > >>>>> > > functionality, I'm not sure I understand the benefit of this > > > >>>>> feature. > > > >>>>> > > > > > >>>>> > > Let me know if I'm missing something. > > > >>>>> > > > > > >>>>> > > [1] https://apacheignite-mix.readme.io/docs/web-session- > > > clustering > > > >>>>> > > > > > >>>>> > > -Val > > > >>>>> > > > > > >>>>> > > On Mon, Feb 13, 2017 at 2:41 PM, Rishi Yagnik < > > > >>>>> rishiyag...@gmail.com> > > > >>>>> > > wrote: > > > >>>>> > > > > > >>>>> > > > I would like to discuss session replication / fail over > > design > > > on > > > >>>>> > spring > > > >>>>> > > > boot platform and wanted to find what is the best out to > get > > > >>>>> started > > > >>>>> > > here ? > > > >>>>> > > > > > > >>>>> > > > Possible approaches are as follows - > > > >>>>> > > > > > > >>>>> > > > - Make use of Spring Session for session replication and > > > fail > > > >>>>> over > > > >>>>> > > > - Extend the web session filter and make it work on > spring > > > >>>>> boot > > > >>>>> > > > application > > > >>>>> > > > > > > >>>>> > > > > > > >>>>> > > > I am thinking that best approach would be to get started > here > > > >>>>> with > > > >>>>> > spring > > > >>>>> > > > session design however I am open for feedback here. > > > >>>>> > > > > > > >>>>> > > > -- > > > >>>>> > > > Rishi Yagnik > > > >>>>> > > > > > > >>>>> > > > > > >>>>> > > > > >>>>> > > > > >>>>> > > > > >>>>> > -- > > > >>>>> > Rishi Yagnik > > > >>>>> > > > > >>>>> > > > >>>> > > > >>>> > > > >>>> > > > >>>> -- > > > >>>> Rishi Yagnik > > > >>>> > > > >>> > > > >>> > > > >>> > > > >>> -- > > > >>> Rishi Yagnik > > > >>> > > > >> > > > >> > > > >> > > > >> -- > > > >> Rishi Yagnik > > > >> > > > > > > > > > > > > > > > > > > > -- > > Rishi Yagnik > > > -- Rishi Yagnik
