Hi Rishi, What was the issue with the HttpSessionCsrfTokenRepository? I didn't have any problems after I added code you provided.
The fix for [1] is already in master. Can you try building from there and check if everything works fine for you? [1] https://issues.apache.org/jira/browse/IGNITE-4948 -Val On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda <dma...@gridgain.com> wrote: > Somewhere in April. This will be clarified on the dev list soon. > > On Saturday, March 18, 2017, Rishi Yagnik <rishiyag...@gmail.com> wrote: > > > Thanks, Val. > > > > When are we going to release Ignite 2.0 ? June ?? > > > > Thanks, > > > > On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko < > > valentin.kuliche...@gmail.com <javascript:;>> wrote: > > > > > Denis, > > > > > > Yes, this should be possible. I will try to finalize the fix asap. > > > > > > -Val > > > > > > On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda <dma...@apache.org > > <javascript:;>> wrote: > > > > > > > Val, > > > > > > > > Will it be possible to incorporate the fix into the nearest 2.0 > > release? > > > > > > > > — > > > > Denis > > > > > > > > > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <rishiyag...@gmail.com > > <javascript:;>> > > > > wrote: > > > > > > > > > > Hi Val, > > > > > > > > > > Hope you are well, any update on web session clustering. > > > > > > > > > > Thanks, > > > > > Rishi > > > > > > > > > > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik < > > rishiyag...@gmail.com <javascript:;>> > > > > > wrote: > > > > > > > > > >> Hi Val, > > > > >> > > > > >> Thanks looking forward for the fix.. > > > > >> > > > > >> Take Care, > > > > >> Rishi > > > > >> > > > > >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko < > > > > >> valentin.kuliche...@gmail.com <javascript:;>> wrote: > > > > >>> > > > > >>> Hi Rishi, > > > > >>> > > > > >>> I want to fix the bug first. It takes a bit longer than I > thought, > > > but > > > > I > > > > >>> should finish it over the weekend. > > > > >>> > > > > >>> -Val > > > > >>> > > > > >>>> On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik < > > > rishiyag...@gmail.com <javascript:;>> > > > > >> wrote: > > > > >>>> > > > > >>>> Hi Val, > > > > >>>> > > > > >>>> Did you chance to look into session handling issue ? > > > > >>>> > > > > >>>> Thanks, > > > > >>>> > > > > >>>> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik < > > rishiyag...@gmail.com <javascript:;> > > > > > > > > >>>> wrote: > > > > >>>> > > > > >>>>> Hi Val, > > > > >>>>> > > > > >>>>> Do you think I can test a fix in 1.9 RC releases ? How are you > > > > planning > > > > >>>> to > > > > >>>>> release a fix ? > > > > >>>>> > > > > >>>>> Did you also look into problem where storing xsrf token in > Ignite > > > > >> returns > > > > >>>>> an exception and does not behave as expected ? > > > > >>>>> > > > > >>>>> In SecurityConfig.java use HttpSessionCsrfTokenRepository with > > > > >> following > > > > >>>>> code - > > > > >>>>> > > > > >>>>> .csrfTokenRepository(csrfTokenRepository()) > > > > >>>>> > > > > >>>>> private CsrfTokenRepository csrfTokenRepository() { > > > > >>>>> HttpSessionCsrfTokenRepository repository = new > > > > >>>> HttpSessionCsrfTokenRepository(); > > > > >>>>> repository.setHeaderName("X-XSRF-TOKEN"); > > > > >>>>> return repository; > > > > >>>>> } > > > > >>>>> > > > > >>>>> Thank you for all your help, > > > > >>>>> > > > > >>>>> > > > > >>>>> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko < > > > > >>>>> valentin.kuliche...@gmail.com <javascript:;>> wrote: > > > > >>>>> > > > > >>>>>> Hi Rishi, > > > > >>>>>> > > > > >>>>>> I got to the bottom of it. Basically, the session is replaced > in > > > > >> Spring > > > > >>>>>> filter, but caching happens based on the old version which > > doesn't > > > > >> have > > > > >>>>>> security attributes. The fix is going to be very easy, I will > do > > > it > > > > >>>>>> tomorrow. > > > > >>>>>> > > > > >>>>>> -Val > > > > >>>>>> > > > > >>>>>> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik < > > > rishiyag...@gmail.com <javascript:;> > > > > > > > > > >>>>>> wrote: > > > > >>>>>> > > > > >>>>>>> Val, > > > > >>>>>>> > > > > >>>>>>> Did you get chance to play around with the code ? > > > > >>>>>>> > > > > >>>>>>> Thanks, > > > > >>>>>>> > > > > >>>>>>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik < > > > > rishiyag...@gmail.com <javascript:;>> > > > > >>>>>>> wrote: > > > > >>>>>>> > > > > >>>>>>>> Val, > > > > >>>>>>>> > > > > >>>>>>>> Adding a filter before csrf filter will invoke the custom > > ignite > > > > >>>>>> filter. > > > > >>>>>>>> > > > > >>>>>>>> Declare a custom filter class extends it with websession > > filter > > > > >>>>>>>> > > > > >>>>>>>> public class CustomWebSessionFilter extends > WebSessionFilter { > > > > >>>>>>>> > > > > >>>>>>>> private static boolean igniteInitialize = false > > > > >>>>>>>> > > > > >>>>>>>> @Override public void doFilter(ServletRequest req, > > > ServletResponse > > > > >>>>>> res, > > > > >>>>>>>> FilterChain chain) > > > > >>>>>>>> throws IOException, ServletException { > > > > >>>>>>>> if(!igniteInitialize) { > > > > >>>>>>>> super.init(new FilterConfig() { > > > > >>>>>>>> @Override > > > > >>>>>>>> public String getFilterName() { > > > > >>>>>>>> return "CustomWebSessionFilter"; > > > > >>>>>>>> } > > > > >>>>>>>> > > > > >>>>>>>> @Override > > > > >>>>>>>> public ServletContext getServletContext() { > > > > >>>>>>>> return req.getServletContext(); > > > > >>>>>>>> } > > > > >>>>>>>> > > > > >>>>>>>> @Override > > > > >>>>>>>> public String getInitParameter(String name) { > > > > >>>>>>>> return null; > > > > >>>>>>>> } > > > > >>>>>>>> > > > > >>>>>>>> @Override > > > > >>>>>>>> public Enumeration<String> > > > getInitParameterNames() { > > > > >>>>>>>> return null; > > > > >>>>>>>> } > > > > >>>>>>>> }); > > > > >>>>>>>> igniteInitialize = true; > > > > >>>>>>>> } > > > > >>>>>>>> super.doFilter(req,res,chain); > > > > >>>>>>>> } > > > > >>>>>>>> } > > > > >>>>>>>> > > > > >>>>>>>> And in SecurityConfig.java add following line to invoke > filter > > > > >>>> before > > > > >>>>>>>> Ignite Web Session filter - > > > > >>>>>>>> > > > > >>>>>>>> .addFilterBefore(new ArWebSessionFilter(), CsrfFilter.class) > > > > >>>>>>>> > > > > >>>>>>>> Hope it helps.. > > > > >>>>>>>> > > > > >>>>>>>> Thanks, > > > > >>>>>>>> > > > > >>>>>>>> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko < > > > > >>>>>>>> valentin.kuliche...@gmail.com <javascript:;>> wrote: > > > > >>>>>>>> > > > > >>>>>>>>> Rishi, > > > > >>>>>>>>> > > > > >>>>>>>>> Can you please share how you forced Ignite filter to be > > invoked > > > > >>>>>> before > > > > >>>>>>>>> security filter? > > > > >>>>>>>>> > > > > >>>>>>>>> -Val > > > > >>>>>>>>> > > > > >>>>>>>>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik < > > > > >>>> rishiyag...@gmail.com <javascript:;> > > > > >>>>>>> > > > > >>>>>>>>> wrote: > > > > >>>>>>>>> > > > > >>>>>>>>>> Hi Val, > > > > >>>>>>>>>> > > > > >>>>>>>>>> Thanks for the response, we have executed ignite filter > > before > > > > >>>>>> spring > > > > >>>>>>>>>> security filter but somehow the ignite filter does not do > > the > > > > job > > > > >>>>>> of > > > > >>>>>>>>>> setting spring principle context. > > > > >>>>>>>>>> > > > > >>>>>>>>>> As a result even though we have spring principle in > session, > > > > >>>> spring > > > > >>>>>>>>> filter > > > > >>>>>>>>>> does not recognize it and sends us back to log in page. > > > > >>>>>>>>>> > > > > >>>>>>>>>> I think there s some more work needed here to change the > > > filter > > > > >>>> and > > > > >>>>>>> make > > > > >>>>>>>>>> it work with spring boot application. > > > > >>>>>>>>>> > > > > >>>>>>>>>> Take Care, > > > > >>>>>>>>>> Rishi > > > > >>>>>>>>>> > > > > >>>>>>>>>>> On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko < > > > > >>>>>>>>>> valentin.kuliche...@gmail.com <javascript:;>> wrote: > > > > >>>>>>>>>>> > > > > >>>>>>>>>>> Hi Rishi, > > > > >>>>>>>>>>> > > > > >>>>>>>>>>> I did some debugging. Apparently, the reason for this > > > behavior > > > > >>>> is > > > > >>>>>>> that > > > > >>>>>>>>>>> Spring Security filter resides before Ignite's filter in > > the > > > > >>>>>> chain > > > > >>>>>>>>> list. > > > > >>>>>>>>>> I > > > > >>>>>>>>>>> think that eventually this should be fixed in the > product, > > > but > > > > >>>> in > > > > >>>>>>> the > > > > >>>>>>>>>>> meantime there must be a way to work around the problem > by > > > > >>>>>>> controlling > > > > >>>>>>>>>> the > > > > >>>>>>>>>>> order. Do you know how this can be done in Spring Boot? > > > > >>>>>>>>>>> > > > > >>>>>>>>>>> -Val > > > > >>>>>>>>>>> > > > > >>>>>>>>>>>> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik < > > > > >>>>>>> rishiyag...@gmail.com <javascript:;> > > > > >>>>>>>>>> > > > > >>>>>>>>>> wrote: > > > > >>>>>>>>>>>> > > > > >>>>>>>>>>>> Hi Val, > > > > >>>>>>>>>>>> > > > > >>>>>>>>>>>> Sorry for pestering, thanks for all your help. > > > > >>>>>>>>>>>> > > > > >>>>>>>>>>>> Rishi > > > > >>>>>>>>>>>> > > > > >>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:22 PM, Valentin Kulichenko < > > > > >>>>>>>>>>>> valentin.kuliche...@gmail.com <javascript:;>> wrote: > > > > >>>>>>>>>>>> > > > > >>>>>>>>>>>>> Hi Rishi, > > > > >>>>>>>>>>>>> > > > > >>>>>>>>>>>>> Sorry, not yet. But this on my short list of TODOs, > will > > > try > > > > >>>> to > > > > >>>>>>>>> give an > > > > >>>>>>>>>>>>> update as soon as possible. > > > > >>>>>>>>>>>>> > > > > >>>>>>>>>>>>> -Val > > > > >>>>>>>>>>>>> > > > > >>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik < > > > > >>>>>>>>> rishiyag...@gmail.com <javascript:;>> > > > > >>>>>>>>>>>>> wrote: > > > > >>>>>>>>>>>>> > > > > >>>>>>>>>>>>>> Hi Val, > > > > >>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>> any update on session replication issue ? > > > > >>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>> Thanks, > > > > >>>>>>>>>>>>>> Rishi > > > > >>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>> On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik < > > > > >>>>>>>>> rishiyag...@gmail.com <javascript:;>> > > > > >>>>>>>>>>>>>> wrote: > > > > >>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>> Thanks Val for looking into it. > > > > >>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>> On Wed, Feb 22, 2017 at 9:32 PM, Valentin Kulichenko > < > > > > >>>>>>>>>>>>>>> valentin.kuliche...@gmail.com <javascript:;>> wrote: > > > > >>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>> Hi Rishi, > > > > >>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>> Got it, I think I'm reproducing the issue. I'll > take a > > > > >>>> look > > > > >>>>>> and > > > > >>>>>>>>> let > > > > >>>>>>>>>>>>> you > > > > >>>>>>>>>>>>>>>> know my findings soon. > > > > >>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>> -Val > > > > >>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik < > > > > >>>>>>>>>>>> rishiyag...@gmail.com <javascript:;>> > > > > >>>>>>>>>>>>>>>> wrote: > > > > >>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>> Hi Val, > > > > >>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>> The issue will occur in cluster environment, please > > > setup > > > > >>>>>> the > > > > >>>>>>>>>>>> spring > > > > >>>>>>>>>>>>>>>> boot > > > > >>>>>>>>>>>>>>>>> on 2 different host with LB (F5 OR Reverse proxy) > in > > > > >>>> front > > > > >>>>>> and > > > > >>>>>>>>> try > > > > >>>>>>>>>>>>> to > > > > >>>>>>>>>>>>>>>>> login. > > > > >>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>> In cluster environment, Spring security does not > > > > >>>> recognize > > > > >>>>>> the > > > > >>>>>>>>>>>>> session > > > > >>>>>>>>>>>>>>>> on > > > > >>>>>>>>>>>>>>>>> the host you are not logged in, as a result, spring > > > > >>>>>> security > > > > >>>>>>>>> will > > > > >>>>>>>>>>>>>>>> redirect > > > > >>>>>>>>>>>>>>>>> to login url however the correct behavior should be > > > that > > > > >>>>>> user > > > > >>>>>>>>>>>> would > > > > >>>>>>>>>>>>>> stay > > > > >>>>>>>>>>>>>>>>> logged in with session replication. > > > > >>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>> Do let me know if you need more information. > > > > >>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>> Thanks, > > > > >>>>>>>>>>>>>>>>> Rishi > > > > >>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:08 PM, Valentin > Kulichenko > > < > > > > >>>>>>>>>>>>>>>>> valentin.kuliche...@gmail.com <javascript:;>> > wrote: > > > > >>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>> Hi Rishi, > > > > >>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>> I was able to build and run the application. Can > you > > > > >>>> give > > > > >>>>>>> some > > > > >>>>>>>>>>>>>>>>> description > > > > >>>>>>>>>>>>>>>>>> on what should I test to understand the issue? > What > > > > >>>>>> exactly > > > > >>>>>>>>>>>> didn't > > > > >>>>>>>>>>>>>>>> work > > > > >>>>>>>>>>>>>>>>> for > > > > >>>>>>>>>>>>>>>>>> you? > > > > >>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>> -Val > > > > >>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 10:52 AM, Valentin > > Kulichenko > > > < > > > > >>>>>>>>>>>>>>>>>> valentin.kuliche...@gmail.com <javascript:;>> > > wrote: > > > > >>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>> Hi Rishi, > > > > >>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>> Thanks, I'll take a look. > > > > >>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>> -Val > > > > >>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik < > > > > >>>>>>>>>>>>>>>> rishiyag...@gmail.com <javascript:;>> > > > > >>>>>>>>>>>>>>>>>>> wrote: > > > > >>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> Hi Val, > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> As promised, please find attached code for > spring > > > boot > > > > >>>>>>>>>>>>>> integration > > > > >>>>>>>>>>>>>>>>> with > > > > >>>>>>>>>>>>>>>>>>>> spring security along with Ignite. > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> Some more information on project - > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> - It is a maven project ( Ignite 1.7.0, SB > 1.4.3 ) > > > > >>>>>>>>>>>>>>>>>>>> - spring security integrated with boot project > > along > > > > >>>>>> with > > > > >>>>>>>>>>>>>> ignite > > > > >>>>>>>>>>>>>>>>>>>> - HttpSessionCookieCsrfTokenRepository does not > > > > >>>> work, > > > > >>>>>>>>>>>> gives > > > > >>>>>>>>>>>>>>>>>>>> intermediate errors on single instance so used > > > > >>>>>>>>>>>>>>>>>> CookieCsrfTokenRepository > > > > >>>>>>>>>>>>>>>>>>>> for CSRF token, again I think we need a fix here > > > > >>>> from > > > > >>>>>>>>>>>>> Ignite. > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> I cant reproduce this errors while I am running > on > > > > >>>>>> single > > > > >>>>>>>>>>>>>> instance, > > > > >>>>>>>>>>>>>>>>> you > > > > >>>>>>>>>>>>>>>>>>>> need to run this app on 2 spring boot instance > > > having > > > > >>>>>> proxy > > > > >>>>>>>>>>>> in > > > > >>>>>>>>>>>>>>>> front ( > > > > >>>>>>>>>>>>>>>>>> F5, > > > > >>>>>>>>>>>>>>>>>>>> OR any proxy ) with round robin fashion ( no > > sticky > > > > >>>>>> session > > > > >>>>>>>>>>>> on > > > > >>>>>>>>>>>>> F5 > > > > >>>>>>>>>>>>>>>> OR > > > > >>>>>>>>>>>>>>>>>>>> proxies ). > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> We were thinking with round robin the user > session > > > > >>>> will > > > > >>>>>>>>>>>> active > > > > >>>>>>>>>>>>>>>> since > > > > >>>>>>>>>>>>>>>>> we > > > > >>>>>>>>>>>>>>>>>>>> used session replication on backend. > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> Do let me know if you need more information > here. > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> Thanks, > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> Rishi > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 9:57 PM, Rishi Yagnik < > > > > >>>>>>>>>>>>>>>> rishiyag...@gmail.com <javascript:;>> > > > > >>>>>>>>>>>>>>>>>>>> wrote: > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>> Val, > > > > >>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>> My SB sample project is ready however I have > > asked > > > > >>>> for > > > > >>>>>> an > > > > >>>>>>>>>>>>>>>> approval to > > > > >>>>>>>>>>>>>>>>>>>>> submit sample project to you, it would take day > > or > > > > >>>> two. > > > > >>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>> I will keep you posted. > > > > >>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>> Thanks for all your help, > > > > >>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi Yagnik < > > > > >>>>>>>>>>>>>>>> rishiyag...@gmail.com <javascript:;> > > > > >>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>> wrote: > > > > >>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>> Let me build an example app for you and send > it > > > > >>>>>> across to > > > > >>>>>>>>>>>>> you. > > > > >>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>> Thanks, > > > > >>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin > > > > >>>> Kulichenko < > > > > >>>>>>>>>>>>>>>>>>>>>> valentin.kuliche...@gmail.com <javascript:;>> > > wrote: > > > > >>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>> Rishi, > > > > >>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>> No I don't, and I think that's what we should > > > start > > > > >>>>>>> with. > > > > >>>>>>>>>>>> I > > > > >>>>>>>>>>>>>>>> want to > > > > >>>>>>>>>>>>>>>>>>>>>>> understand a use case that is currently not > > > > >>>> supported > > > > >>>>>>> (if > > > > >>>>>>>>>>>>> any) > > > > >>>>>>>>>>>>>>>> and > > > > >>>>>>>>>>>>>>>>>> then > > > > >>>>>>>>>>>>>>>>>>>>>>> find the best solution. And I would like to > > reuse > > > > >>>>>>> existing > > > > >>>>>>>>>>>>>> code > > > > >>>>>>>>>>>>>>>> as > > > > >>>>>>>>>>>>>>>>>>>>>>> much as > > > > >>>>>>>>>>>>>>>>>>>>>>> possible. > > > > >>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>> Do you have any code that reproduces the > > problem > > > > >>>> you > > > > >>>>>> had > > > > >>>>>>>>>>>> and > > > > >>>>>>>>>>>>>> how > > > > >>>>>>>>>>>>>>>>> you > > > > >>>>>>>>>>>>>>>>>>>>>>> tried > > > > >>>>>>>>>>>>>>>>>>>>>>> to utilize current web session clustering? > Can > > > you > > > > >>>>>> share > > > > >>>>>>>>>>>> it > > > > >>>>>>>>>>>>>> with > > > > >>>>>>>>>>>>>>>>> us? > > > > >>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>> -Val > > > > >>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi > Yagnik > > < > > > > >>>>>>>>>>>>>>>>>> rishiyag...@gmail.com <javascript:;>> > > > > >>>>>>>>>>>>>>>>>>>>>>> wrote: > > > > >>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Hi Val, > > > > >>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> I am working on SB platform with spring > > security > > > > >>>>>> and we > > > > >>>>>>>>>>>>>> found > > > > >>>>>>>>>>>>>>>> out > > > > >>>>>>>>>>>>>>>>>>>>>>> that the > > > > >>>>>>>>>>>>>>>>>>>>>>>> web session filter ignite provides does not > > work > > > > >>>> for > > > > >>>>>>>>>>>>> session > > > > >>>>>>>>>>>>>>>>>>>>>>> management on > > > > >>>>>>>>>>>>>>>>>>>>>>>> 2 node spring boot cluster. > > > > >>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Somehow, spring security filter kicks in > > result > > > in > > > > >>>>>> some > > > > >>>>>>>>>>>>>> weird > > > > >>>>>>>>>>>>>>>>>> errors > > > > >>>>>>>>>>>>>>>>>>>>>>> with > > > > >>>>>>>>>>>>>>>>>>>>>>>> web session filter. > > > > >>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> So making compatible with spring security > > > somehow, > > > > >>>>>> we > > > > >>>>>>>>>>>> need > > > > >>>>>>>>>>>>>> to > > > > >>>>>>>>>>>>>>>>> write > > > > >>>>>>>>>>>>>>>>>>>>>>>> implementation on spring session. > > > > >>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Do you have any test cases that says web > > session > > > > >>>>>> filter > > > > >>>>>>>>>>>>>> would > > > > >>>>>>>>>>>>>>>>> work > > > > >>>>>>>>>>>>>>>>>>>>>>> with > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring security on boot platform ? > > > > >>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Thanks, > > > > >>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 1:03 PM, Valentin > > > > >>>>>> Kulichenko < > > > > >>>>>>>>>>>>>>>>>>>>>>>> valentin.kuliche...@gmail.com > <javascript:;>> > > wrote: > > > > >>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi, > > > > >>>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Can you please take a look at web session > > > > >>>>>> clustering > > > > >>>>>>>>>>>>>> feature > > > > >>>>>>>>>>>>>>>>> [1] > > > > >>>>>>>>>>>>>>>>>>>>>>> provided > > > > >>>>>>>>>>>>>>>>>>>>>>>>> by Ignite? I'm looking at Spring Session > docs > > > and > > > > >>>>>> it > > > > >>>>>>>>>>>>> seems > > > > >>>>>>>>>>>>>>>> to > > > > >>>>>>>>>>>>>>>>> me > > > > >>>>>>>>>>>>>>>>>>>>>>> it does > > > > >>>>>>>>>>>>>>>>>>>>>>>>> exactly the same - replaces HttpSession > with > > > > >>>> custom > > > > >>>>>>>>>>>>>>>>>> implementation > > > > >>>>>>>>>>>>>>>>>>>>>>> that > > > > >>>>>>>>>>>>>>>>>>>>>>>> has > > > > >>>>>>>>>>>>>>>>>>>>>>>>> a backend storage. If it doesn't provide > any > > > > >>>>>>>>>>>> additional > > > > >>>>>>>>>>>>>> API > > > > >>>>>>>>>>>>>>>> or > > > > >>>>>>>>>>>>>>>>>>>>>>>>> functionality, I'm not sure I understand > the > > > > >>>>>> benefit > > > > >>>>>>>>>>>> of > > > > >>>>>>>>>>>>>> this > > > > >>>>>>>>>>>>>>>>>>>>>>> feature. > > > > >>>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Let me know if I'm missing something. > > > > >>>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> [1] https://apacheignite-mix. > > > > >>>>>>>>>>>>> readme.io/docs/web-session- > > > > >>>>>>>>>>>>>>>>>> clustering > > > > >>>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> -Val > > > > >>>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> On Mon, Feb 13, 2017 at 2:41 PM, Rishi > > Yagnik < > > > > >>>>>>>>>>>>>>>>>>>>>>> rishiyag...@gmail.com <javascript:;>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> wrote: > > > > >>>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> I would like to discuss session > replication > > / > > > > >>>> fail > > > > >>>>>>>>>>>>> over > > > > >>>>>>>>>>>>>>>>> design > > > > >>>>>>>>>>>>>>>>>> on > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> boot platform and wanted to find what is > the > > > > >>>> best > > > > >>>>>>>>>>>> out > > > > >>>>>>>>>>>>> to > > > > >>>>>>>>>>>>>>>> get > > > > >>>>>>>>>>>>>>>>>>>>>>> started > > > > >>>>>>>>>>>>>>>>>>>>>>>>> here ? > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> Possible approaches are as follows - > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> - Make use of Spring Session for session > > > > >>>>>>>>>>>>> replication > > > > >>>>>>>>>>>>>>>> and > > > > >>>>>>>>>>>>>>>>>> fail > > > > >>>>>>>>>>>>>>>>>>>>>>> over > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> - Extend the web session filter and make > it > > > > >>>> work > > > > >>>>>>>>>>>> on > > > > >>>>>>>>>>>>>>>> spring > > > > >>>>>>>>>>>>>>>>>>>>>>> boot > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> application > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> I am thinking that best approach would be > to > > > get > > > > >>>>>>>>>>>>> started > > > > >>>>>>>>>>>>>>>> here > > > > >>>>>>>>>>>>>>>>>>>>>>> with > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> session design however I am open for > > feedback > > > > >>>>>> here. > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> -- > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> -- > > > > >>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik > > > > >>>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>>> -- > > > > >>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik > > > > >>>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>>> -- > > > > >>>>>>>>>>>>>>>>>>>>> Rishi Yagnik > > > > >>>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>>> -- > > > > >>>>>>>>>>>>>>>>>>>> Rishi Yagnik > > > > >>>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>>> -- > > > > >>>>>>>>>>>>>>>>> Rishi Yagnik > > > > >>>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>>> -- > > > > >>>>>>>>>>>>>>> Rishi Yagnik > > > > >>>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>> > > > > >>>>>>>>>>>>>> -- > > > > >>>>>>>>>>>>>> Rishi Yagnik > > > > >>>>>>>>>>>>>> > > > > >>>>>>>>>>>>> > > > > >>>>>>>>>>>> > > > > >>>>>>>>>>>> > > > > >>>>>>>>>>>> > > > > >>>>>>>>>>>> -- > > > > >>>>>>>>>>>> Rishi Yagnik > > > > >>>>>>>>>>>> > > > > >>>>>>>>>> > > > > >>>>>>>>> > > > > >>>>>>>> > > > > >>>>>>>> > > > > >>>>>>>> > > > > >>>>>>>> -- > > > > >>>>>>>> Rishi Yagnik > > > > >>>>>>>> > > > > >>>>>>> > > > > >>>>>>> > > > > >>>>>>> > > > > >>>>>>> -- > > > > >>>>>>> Rishi Yagnik > > > > >>>>>>> > > > > >>>>>> > > > > >>>>> > > > > >>>>> > > > > >>>>> > > > > >>>>> -- > > > > >>>>> Rishi Yagnik > > > > >>>>> > > > > >>>> > > > > >>>> > > > > >>>> > > > > >>>> -- > > > > >>>> Rishi Yagnik > > > > >>>> > > > > >> > > > > > > > > > > > > > > > > > > > > -- > > > > > Rishi Yagnik > > > > > > > > > > > > > > > > > > > -- > > Rishi Yagnik > > >
