Val, I build it from master s and was able to integrate with our app, but as I mentioned to you previously, I see the XSRF-Token errors in debug log,
[DEBUG] [XNIO-2 task-4] org.springframework.security.web.FilterChainProxy - /app/xxx/yyy/zz/A at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter' [DEBUG] [XNIO-2 task-4] org.springframework.security.web.FilterChainProxy - /app/xxx/yyy/zz/A at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter' [DEBUG] [XNIO-2 task-4] org.springframework.security.web.csrf.CsrfFilter - Invalid CSRF token found for http://localhost:9002/app/xxx/yyy/zz/A And, then after, CSRF filter does not like the session, redirects to /403 error. Just wondering why the XSRF Token is not being saved in the session ? More debugging is require for sure.. of course there is a work around to the problem, I can just use Cookie based Token repository to avoid this issue. .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) will let you know my findings.. As always, thanks for all your help. Thanks, Rishi On Tue, Apr 11, 2017 at 4:18 PM, Rishi Yagnik <rishiyag...@gmail.com> wrote: > Hi Val, > > I will build it from master s and let you know by tomorrow. > > Thanks, > > > On Tue, Apr 11, 2017 at 3:53 PM, Valentin Kulichenko < > valentin.kuliche...@gmail.com> wrote: > >> Hi Rishi, >> >> What was the issue with the HttpSessionCsrfTokenRepository? I didn't have >> any problems after I added code you provided. >> >> The fix for [1] is already in master. Can you try building from there and >> check if everything works fine for you? >> >> [1] https://issues.apache.org/jira/browse/IGNITE-4948 >> >> -Val >> >> On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda <dma...@gridgain.com> wrote: >> >> > Somewhere in April. This will be clarified on the dev list soon. >> > >> > On Saturday, March 18, 2017, Rishi Yagnik <rishiyag...@gmail.com> >> wrote: >> > >> > > Thanks, Val. >> > > >> > > When are we going to release Ignite 2.0 ? June ?? >> > > >> > > Thanks, >> > > >> > > On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko < >> > > valentin.kuliche...@gmail.com <javascript:;>> wrote: >> > > >> > > > Denis, >> > > > >> > > > Yes, this should be possible. I will try to finalize the fix asap. >> > > > >> > > > -Val >> > > > >> > > > On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda <dma...@apache.org >> > > <javascript:;>> wrote: >> > > > >> > > > > Val, >> > > > > >> > > > > Will it be possible to incorporate the fix into the nearest 2.0 >> > > release? >> > > > > >> > > > > — >> > > > > Denis >> > > > > >> > > > > > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik < >> rishiyag...@gmail.com >> > > <javascript:;>> >> > > > > wrote: >> > > > > > >> > > > > > Hi Val, >> > > > > > >> > > > > > Hope you are well, any update on web session clustering. >> > > > > > >> > > > > > Thanks, >> > > > > > Rishi >> > > > > > >> > > > > > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik < >> > > rishiyag...@gmail.com <javascript:;>> >> > > > > > wrote: >> > > > > > >> > > > > >> Hi Val, >> > > > > >> >> > > > > >> Thanks looking forward for the fix.. >> > > > > >> >> > > > > >> Take Care, >> > > > > >> Rishi >> > > > > >> >> > > > > >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko < >> > > > > >> valentin.kuliche...@gmail.com <javascript:;>> wrote: >> > > > > >>> >> > > > > >>> Hi Rishi, >> > > > > >>> >> > > > > >>> I want to fix the bug first. It takes a bit longer than I >> > thought, >> > > > but >> > > > > I >> > > > > >>> should finish it over the weekend. >> > > > > >>> >> > > > > >>> -Val >> > > > > >>> >> > > > > >>>> On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik < >> > > > rishiyag...@gmail.com <javascript:;>> >> > > > > >> wrote: >> > > > > >>>> >> > > > > >>>> Hi Val, >> > > > > >>>> >> > > > > >>>> Did you chance to look into session handling issue ? >> > > > > >>>> >> > > > > >>>> Thanks, >> > > > > >>>> >> > > > > >>>> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik < >> > > rishiyag...@gmail.com <javascript:;> >> > > > > >> > > > > >>>> wrote: >> > > > > >>>> >> > > > > >>>>> Hi Val, >> > > > > >>>>> >> > > > > >>>>> Do you think I can test a fix in 1.9 RC releases ? How are >> you >> > > > > planning >> > > > > >>>> to >> > > > > >>>>> release a fix ? >> > > > > >>>>> >> > > > > >>>>> Did you also look into problem where storing xsrf token in >> > Ignite >> > > > > >> returns >> > > > > >>>>> an exception and does not behave as expected ? >> > > > > >>>>> >> > > > > >>>>> In SecurityConfig.java use HttpSessionCsrfTokenRepository >> with >> > > > > >> following >> > > > > >>>>> code - >> > > > > >>>>> >> > > > > >>>>> .csrfTokenRepository(csrfTokenRepository()) >> > > > > >>>>> >> > > > > >>>>> private CsrfTokenRepository csrfTokenRepository() { >> > > > > >>>>> HttpSessionCsrfTokenRepository repository = new >> > > > > >>>> HttpSessionCsrfTokenRepository(); >> > > > > >>>>> repository.setHeaderName("X-XSRF-TOKEN"); >> > > > > >>>>> return repository; >> > > > > >>>>> } >> > > > > >>>>> >> > > > > >>>>> Thank you for all your help, >> > > > > >>>>> >> > > > > >>>>> >> > > > > >>>>> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko < >> > > > > >>>>> valentin.kuliche...@gmail.com <javascript:;>> wrote: >> > > > > >>>>> >> > > > > >>>>>> Hi Rishi, >> > > > > >>>>>> >> > > > > >>>>>> I got to the bottom of it. Basically, the session is >> replaced >> > in >> > > > > >> Spring >> > > > > >>>>>> filter, but caching happens based on the old version which >> > > doesn't >> > > > > >> have >> > > > > >>>>>> security attributes. The fix is going to be very easy, I >> will >> > do >> > > > it >> > > > > >>>>>> tomorrow. >> > > > > >>>>>> >> > > > > >>>>>> -Val >> > > > > >>>>>> >> > > > > >>>>>> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik < >> > > > rishiyag...@gmail.com <javascript:;> >> > > > > > >> > > > > >>>>>> wrote: >> > > > > >>>>>> >> > > > > >>>>>>> Val, >> > > > > >>>>>>> >> > > > > >>>>>>> Did you get chance to play around with the code ? >> > > > > >>>>>>> >> > > > > >>>>>>> Thanks, >> > > > > >>>>>>> >> > > > > >>>>>>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik < >> > > > > rishiyag...@gmail.com <javascript:;>> >> > > > > >>>>>>> wrote: >> > > > > >>>>>>> >> > > > > >>>>>>>> Val, >> > > > > >>>>>>>> >> > > > > >>>>>>>> Adding a filter before csrf filter will invoke the custom >> > > ignite >> > > > > >>>>>> filter. >> > > > > >>>>>>>> >> > > > > >>>>>>>> Declare a custom filter class extends it with websession >> > > filter >> > > > > >>>>>>>> >> > > > > >>>>>>>> public class CustomWebSessionFilter extends >> > WebSessionFilter { >> > > > > >>>>>>>> >> > > > > >>>>>>>> private static boolean igniteInitialize = false >> > > > > >>>>>>>> >> > > > > >>>>>>>> @Override public void doFilter(ServletRequest req, >> > > > ServletResponse >> > > > > >>>>>> res, >> > > > > >>>>>>>> FilterChain chain) >> > > > > >>>>>>>> throws IOException, ServletException { >> > > > > >>>>>>>> if(!igniteInitialize) { >> > > > > >>>>>>>> super.init(new FilterConfig() { >> > > > > >>>>>>>> @Override >> > > > > >>>>>>>> public String getFilterName() { >> > > > > >>>>>>>> return "CustomWebSessionFilter"; >> > > > > >>>>>>>> } >> > > > > >>>>>>>> >> > > > > >>>>>>>> @Override >> > > > > >>>>>>>> public ServletContext getServletContext() { >> > > > > >>>>>>>> return req.getServletContext(); >> > > > > >>>>>>>> } >> > > > > >>>>>>>> >> > > > > >>>>>>>> @Override >> > > > > >>>>>>>> public String getInitParameter(String >> name) { >> > > > > >>>>>>>> return null; >> > > > > >>>>>>>> } >> > > > > >>>>>>>> >> > > > > >>>>>>>> @Override >> > > > > >>>>>>>> public Enumeration<String> >> > > > getInitParameterNames() { >> > > > > >>>>>>>> return null; >> > > > > >>>>>>>> } >> > > > > >>>>>>>> }); >> > > > > >>>>>>>> igniteInitialize = true; >> > > > > >>>>>>>> } >> > > > > >>>>>>>> super.doFilter(req,res,chain); >> > > > > >>>>>>>> } >> > > > > >>>>>>>> } >> > > > > >>>>>>>> >> > > > > >>>>>>>> And in SecurityConfig.java add following line to invoke >> > filter >> > > > > >>>> before >> > > > > >>>>>>>> Ignite Web Session filter - >> > > > > >>>>>>>> >> > > > > >>>>>>>> .addFilterBefore(new ArWebSessionFilter(), >> CsrfFilter.class) >> > > > > >>>>>>>> >> > > > > >>>>>>>> Hope it helps.. >> > > > > >>>>>>>> >> > > > > >>>>>>>> Thanks, >> > > > > >>>>>>>> >> > > > > >>>>>>>> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko < >> > > > > >>>>>>>> valentin.kuliche...@gmail.com <javascript:;>> wrote: >> > > > > >>>>>>>> >> > > > > >>>>>>>>> Rishi, >> > > > > >>>>>>>>> >> > > > > >>>>>>>>> Can you please share how you forced Ignite filter to be >> > > invoked >> > > > > >>>>>> before >> > > > > >>>>>>>>> security filter? >> > > > > >>>>>>>>> >> > > > > >>>>>>>>> -Val >> > > > > >>>>>>>>> >> > > > > >>>>>>>>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik < >> > > > > >>>> rishiyag...@gmail.com <javascript:;> >> > > > > >>>>>>> >> > > > > >>>>>>>>> wrote: >> > > > > >>>>>>>>> >> > > > > >>>>>>>>>> Hi Val, >> > > > > >>>>>>>>>> >> > > > > >>>>>>>>>> Thanks for the response, we have executed ignite filter >> > > before >> > > > > >>>>>> spring >> > > > > >>>>>>>>>> security filter but somehow the ignite filter does not >> do >> > > the >> > > > > job >> > > > > >>>>>> of >> > > > > >>>>>>>>>> setting spring principle context. >> > > > > >>>>>>>>>> >> > > > > >>>>>>>>>> As a result even though we have spring principle in >> > session, >> > > > > >>>> spring >> > > > > >>>>>>>>> filter >> > > > > >>>>>>>>>> does not recognize it and sends us back to log in page. >> > > > > >>>>>>>>>> >> > > > > >>>>>>>>>> I think there s some more work needed here to change >> the >> > > > filter >> > > > > >>>> and >> > > > > >>>>>>> make >> > > > > >>>>>>>>>> it work with spring boot application. >> > > > > >>>>>>>>>> >> > > > > >>>>>>>>>> Take Care, >> > > > > >>>>>>>>>> Rishi >> > > > > >>>>>>>>>> >> > > > > >>>>>>>>>>> On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko < >> > > > > >>>>>>>>>> valentin.kuliche...@gmail.com <javascript:;>> wrote: >> > > > > >>>>>>>>>>> >> > > > > >>>>>>>>>>> Hi Rishi, >> > > > > >>>>>>>>>>> >> > > > > >>>>>>>>>>> I did some debugging. Apparently, the reason for this >> > > > behavior >> > > > > >>>> is >> > > > > >>>>>>> that >> > > > > >>>>>>>>>>> Spring Security filter resides before Ignite's filter >> in >> > > the >> > > > > >>>>>> chain >> > > > > >>>>>>>>> list. >> > > > > >>>>>>>>>> I >> > > > > >>>>>>>>>>> think that eventually this should be fixed in the >> > product, >> > > > but >> > > > > >>>> in >> > > > > >>>>>>> the >> > > > > >>>>>>>>>>> meantime there must be a way to work around the >> problem >> > by >> > > > > >>>>>>> controlling >> > > > > >>>>>>>>>> the >> > > > > >>>>>>>>>>> order. Do you know how this can be done in Spring >> Boot? >> > > > > >>>>>>>>>>> >> > > > > >>>>>>>>>>> -Val >> > > > > >>>>>>>>>>> >> > > > > >>>>>>>>>>>> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik < >> > > > > >>>>>>> rishiyag...@gmail.com <javascript:;> >> > > > > >>>>>>>>>> >> > > > > >>>>>>>>>> wrote: >> > > > > >>>>>>>>>>>> >> > > > > >>>>>>>>>>>> Hi Val, >> > > > > >>>>>>>>>>>> >> > > > > >>>>>>>>>>>> Sorry for pestering, thanks for all your help. >> > > > > >>>>>>>>>>>> >> > > > > >>>>>>>>>>>> Rishi >> > > > > >>>>>>>>>>>> >> > > > > >>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:22 PM, Valentin Kulichenko >> < >> > > > > >>>>>>>>>>>> valentin.kuliche...@gmail.com <javascript:;>> wrote: >> > > > > >>>>>>>>>>>> >> > > > > >>>>>>>>>>>>> Hi Rishi, >> > > > > >>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>> Sorry, not yet. But this on my short list of TODOs, >> > will >> > > > try >> > > > > >>>> to >> > > > > >>>>>>>>> give an >> > > > > >>>>>>>>>>>>> update as soon as possible. >> > > > > >>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>> -Val >> > > > > >>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik < >> > > > > >>>>>>>>> rishiyag...@gmail.com <javascript:;>> >> > > > > >>>>>>>>>>>>> wrote: >> > > > > >>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>> Hi Val, >> > > > > >>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>> any update on session replication issue ? >> > > > > >>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>> Thanks, >> > > > > >>>>>>>>>>>>>> Rishi >> > > > > >>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>> On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik < >> > > > > >>>>>>>>> rishiyag...@gmail.com <javascript:;>> >> > > > > >>>>>>>>>>>>>> wrote: >> > > > > >>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>> Thanks Val for looking into it. >> > > > > >>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>> On Wed, Feb 22, 2017 at 9:32 PM, Valentin >> Kulichenko >> > < >> > > > > >>>>>>>>>>>>>>> valentin.kuliche...@gmail.com <javascript:;>> >> wrote: >> > > > > >>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>> Hi Rishi, >> > > > > >>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>> Got it, I think I'm reproducing the issue. I'll >> > take a >> > > > > >>>> look >> > > > > >>>>>> and >> > > > > >>>>>>>>> let >> > > > > >>>>>>>>>>>>> you >> > > > > >>>>>>>>>>>>>>>> know my findings soon. >> > > > > >>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>> -Val >> > > > > >>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik < >> > > > > >>>>>>>>>>>> rishiyag...@gmail.com <javascript:;>> >> > > > > >>>>>>>>>>>>>>>> wrote: >> > > > > >>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>> Hi Val, >> > > > > >>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>> The issue will occur in cluster environment, >> please >> > > > setup >> > > > > >>>>>> the >> > > > > >>>>>>>>>>>> spring >> > > > > >>>>>>>>>>>>>>>> boot >> > > > > >>>>>>>>>>>>>>>>> on 2 different host with LB (F5 OR Reverse >> proxy) >> > in >> > > > > >>>> front >> > > > > >>>>>> and >> > > > > >>>>>>>>> try >> > > > > >>>>>>>>>>>>> to >> > > > > >>>>>>>>>>>>>>>>> login. >> > > > > >>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>> In cluster environment, Spring security does not >> > > > > >>>> recognize >> > > > > >>>>>> the >> > > > > >>>>>>>>>>>>> session >> > > > > >>>>>>>>>>>>>>>> on >> > > > > >>>>>>>>>>>>>>>>> the host you are not logged in, as a result, >> spring >> > > > > >>>>>> security >> > > > > >>>>>>>>> will >> > > > > >>>>>>>>>>>>>>>> redirect >> > > > > >>>>>>>>>>>>>>>>> to login url however the correct behavior >> should be >> > > > that >> > > > > >>>>>> user >> > > > > >>>>>>>>>>>> would >> > > > > >>>>>>>>>>>>>> stay >> > > > > >>>>>>>>>>>>>>>>> logged in with session replication. >> > > > > >>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>> Do let me know if you need more information. >> > > > > >>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>> Thanks, >> > > > > >>>>>>>>>>>>>>>>> Rishi >> > > > > >>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:08 PM, Valentin >> > Kulichenko >> > > < >> > > > > >>>>>>>>>>>>>>>>> valentin.kuliche...@gmail.com <javascript:;>> >> > wrote: >> > > > > >>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>> Hi Rishi, >> > > > > >>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>> I was able to build and run the application. >> Can >> > you >> > > > > >>>> give >> > > > > >>>>>>> some >> > > > > >>>>>>>>>>>>>>>>> description >> > > > > >>>>>>>>>>>>>>>>>> on what should I test to understand the issue? >> > What >> > > > > >>>>>> exactly >> > > > > >>>>>>>>>>>> didn't >> > > > > >>>>>>>>>>>>>>>> work >> > > > > >>>>>>>>>>>>>>>>> for >> > > > > >>>>>>>>>>>>>>>>>> you? >> > > > > >>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>> -Val >> > > > > >>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 10:52 AM, Valentin >> > > Kulichenko >> > > > < >> > > > > >>>>>>>>>>>>>>>>>> valentin.kuliche...@gmail.com <javascript:;>> >> > > wrote: >> > > > > >>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>> Hi Rishi, >> > > > > >>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>> Thanks, I'll take a look. >> > > > > >>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>> -Val >> > > > > >>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik >> < >> > > > > >>>>>>>>>>>>>>>> rishiyag...@gmail.com <javascript:;>> >> > > > > >>>>>>>>>>>>>>>>>>> wrote: >> > > > > >>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> Hi Val, >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> As promised, please find attached code for >> > spring >> > > > boot >> > > > > >>>>>>>>>>>>>> integration >> > > > > >>>>>>>>>>>>>>>>> with >> > > > > >>>>>>>>>>>>>>>>>>>> spring security along with Ignite. >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> Some more information on project - >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> - It is a maven project ( Ignite 1.7.0, SB >> > 1.4.3 ) >> > > > > >>>>>>>>>>>>>>>>>>>> - spring security integrated with boot >> project >> > > along >> > > > > >>>>>> with >> > > > > >>>>>>>>>>>>>> ignite >> > > > > >>>>>>>>>>>>>>>>>>>> - HttpSessionCookieCsrfTokenRepository does >> not >> > > > > >>>> work, >> > > > > >>>>>>>>>>>> gives >> > > > > >>>>>>>>>>>>>>>>>>>> intermediate errors on single instance so >> used >> > > > > >>>>>>>>>>>>>>>>>> CookieCsrfTokenRepository >> > > > > >>>>>>>>>>>>>>>>>>>> for CSRF token, again I think we need a fix >> here >> > > > > >>>> from >> > > > > >>>>>>>>>>>>> Ignite. >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> I cant reproduce this errors while I am >> running >> > on >> > > > > >>>>>> single >> > > > > >>>>>>>>>>>>>> instance, >> > > > > >>>>>>>>>>>>>>>>> you >> > > > > >>>>>>>>>>>>>>>>>>>> need to run this app on 2 spring boot >> instance >> > > > having >> > > > > >>>>>> proxy >> > > > > >>>>>>>>>>>> in >> > > > > >>>>>>>>>>>>>>>> front ( >> > > > > >>>>>>>>>>>>>>>>>> F5, >> > > > > >>>>>>>>>>>>>>>>>>>> OR any proxy ) with round robin fashion ( no >> > > sticky >> > > > > >>>>>> session >> > > > > >>>>>>>>>>>> on >> > > > > >>>>>>>>>>>>> F5 >> > > > > >>>>>>>>>>>>>>>> OR >> > > > > >>>>>>>>>>>>>>>>>>>> proxies ). >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> We were thinking with round robin the user >> > session >> > > > > >>>> will >> > > > > >>>>>>>>>>>> active >> > > > > >>>>>>>>>>>>>>>> since >> > > > > >>>>>>>>>>>>>>>>> we >> > > > > >>>>>>>>>>>>>>>>>>>> used session replication on backend. >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> Do let me know if you need more information >> > here. >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> Thanks, >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> Rishi >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 9:57 PM, Rishi >> Yagnik < >> > > > > >>>>>>>>>>>>>>>> rishiyag...@gmail.com <javascript:;>> >> > > > > >>>>>>>>>>>>>>>>>>>> wrote: >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>> Val, >> > > > > >>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>> My SB sample project is ready however I have >> > > asked >> > > > > >>>> for >> > > > > >>>>>> an >> > > > > >>>>>>>>>>>>>>>> approval to >> > > > > >>>>>>>>>>>>>>>>>>>>> submit sample project to you, it would take >> day >> > > or >> > > > > >>>> two. >> > > > > >>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>> I will keep you posted. >> > > > > >>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>> Thanks for all your help, >> > > > > >>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi >> Yagnik < >> > > > > >>>>>>>>>>>>>>>> rishiyag...@gmail.com <javascript:;> >> > > > > >>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>> wrote: >> > > > > >>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>> Let me build an example app for you and >> send >> > it >> > > > > >>>>>> across to >> > > > > >>>>>>>>>>>>> you. >> > > > > >>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>> Thanks, >> > > > > >>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin >> > > > > >>>> Kulichenko < >> > > > > >>>>>>>>>>>>>>>>>>>>>> valentin.kuliche...@gmail.com >> <javascript:;>> >> > > wrote: >> > > > > >>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> Rishi, >> > > > > >>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> No I don't, and I think that's what we >> should >> > > > start >> > > > > >>>>>>> with. >> > > > > >>>>>>>>>>>> I >> > > > > >>>>>>>>>>>>>>>> want to >> > > > > >>>>>>>>>>>>>>>>>>>>>>> understand a use case that is currently >> not >> > > > > >>>> supported >> > > > > >>>>>>> (if >> > > > > >>>>>>>>>>>>> any) >> > > > > >>>>>>>>>>>>>>>> and >> > > > > >>>>>>>>>>>>>>>>>> then >> > > > > >>>>>>>>>>>>>>>>>>>>>>> find the best solution. And I would like >> to >> > > reuse >> > > > > >>>>>>> existing >> > > > > >>>>>>>>>>>>>> code >> > > > > >>>>>>>>>>>>>>>> as >> > > > > >>>>>>>>>>>>>>>>>>>>>>> much as >> > > > > >>>>>>>>>>>>>>>>>>>>>>> possible. >> > > > > >>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> Do you have any code that reproduces the >> > > problem >> > > > > >>>> you >> > > > > >>>>>> had >> > > > > >>>>>>>>>>>> and >> > > > > >>>>>>>>>>>>>> how >> > > > > >>>>>>>>>>>>>>>>> you >> > > > > >>>>>>>>>>>>>>>>>>>>>>> tried >> > > > > >>>>>>>>>>>>>>>>>>>>>>> to utilize current web session clustering? >> > Can >> > > > you >> > > > > >>>>>> share >> > > > > >>>>>>>>>>>> it >> > > > > >>>>>>>>>>>>>> with >> > > > > >>>>>>>>>>>>>>>>> us? >> > > > > >>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> -Val >> > > > > >>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi >> > Yagnik >> > > < >> > > > > >>>>>>>>>>>>>>>>>> rishiyag...@gmail.com <javascript:;>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> wrote: >> > > > > >>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Hi Val, >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> I am working on SB platform with spring >> > > security >> > > > > >>>>>> and we >> > > > > >>>>>>>>>>>>>> found >> > > > > >>>>>>>>>>>>>>>> out >> > > > > >>>>>>>>>>>>>>>>>>>>>>> that the >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> web session filter ignite provides does >> not >> > > work >> > > > > >>>> for >> > > > > >>>>>>>>>>>>> session >> > > > > >>>>>>>>>>>>>>>>>>>>>>> management on >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> 2 node spring boot cluster. >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Somehow, spring security filter kicks in >> > > result >> > > > in >> > > > > >>>>>> some >> > > > > >>>>>>>>>>>>>> weird >> > > > > >>>>>>>>>>>>>>>>>> errors >> > > > > >>>>>>>>>>>>>>>>>>>>>>> with >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> web session filter. >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> So making compatible with spring security >> > > > somehow, >> > > > > >>>>>> we >> > > > > >>>>>>>>>>>> need >> > > > > >>>>>>>>>>>>>> to >> > > > > >>>>>>>>>>>>>>>>> write >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> implementation on spring session. >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Do you have any test cases that says web >> > > session >> > > > > >>>>>> filter >> > > > > >>>>>>>>>>>>>> would >> > > > > >>>>>>>>>>>>>>>>> work >> > > > > >>>>>>>>>>>>>>>>>>>>>>> with >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring security on boot platform ? >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Thanks, >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 1:03 PM, Valentin >> > > > > >>>>>> Kulichenko < >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> valentin.kuliche...@gmail.com >> > <javascript:;>> >> > > wrote: >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi, >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Can you please take a look at web >> session >> > > > > >>>>>> clustering >> > > > > >>>>>>>>>>>>>> feature >> > > > > >>>>>>>>>>>>>>>>> [1] >> > > > > >>>>>>>>>>>>>>>>>>>>>>> provided >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> by Ignite? I'm looking at Spring Session >> > docs >> > > > and >> > > > > >>>>>> it >> > > > > >>>>>>>>>>>>> seems >> > > > > >>>>>>>>>>>>>>>> to >> > > > > >>>>>>>>>>>>>>>>> me >> > > > > >>>>>>>>>>>>>>>>>>>>>>> it does >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> exactly the same - replaces HttpSession >> > with >> > > > > >>>> custom >> > > > > >>>>>>>>>>>>>>>>>> implementation >> > > > > >>>>>>>>>>>>>>>>>>>>>>> that >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> has >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> a backend storage. If it doesn't provide >> > any >> > > > > >>>>>>>>>>>> additional >> > > > > >>>>>>>>>>>>>> API >> > > > > >>>>>>>>>>>>>>>> or >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> functionality, I'm not sure I understand >> > the >> > > > > >>>>>> benefit >> > > > > >>>>>>>>>>>> of >> > > > > >>>>>>>>>>>>>> this >> > > > > >>>>>>>>>>>>>>>>>>>>>>> feature. >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Let me know if I'm missing something. >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> [1] https://apacheignite-mix. >> > > > > >>>>>>>>>>>>> readme.io/docs/web-session- >> > > > > >>>>>>>>>>>>>>>>>> clustering >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> -Val >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> On Mon, Feb 13, 2017 at 2:41 PM, Rishi >> > > Yagnik < >> > > > > >>>>>>>>>>>>>>>>>>>>>>> rishiyag...@gmail.com <javascript:;>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> wrote: >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> I would like to discuss session >> > replication >> > > / >> > > > > >>>> fail >> > > > > >>>>>>>>>>>>> over >> > > > > >>>>>>>>>>>>>>>>> design >> > > > > >>>>>>>>>>>>>>>>>> on >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> boot platform and wanted to find what >> is >> > the >> > > > > >>>> best >> > > > > >>>>>>>>>>>> out >> > > > > >>>>>>>>>>>>> to >> > > > > >>>>>>>>>>>>>>>> get >> > > > > >>>>>>>>>>>>>>>>>>>>>>> started >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> here ? >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> Possible approaches are as follows - >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> - Make use of Spring Session for >> session >> > > > > >>>>>>>>>>>>> replication >> > > > > >>>>>>>>>>>>>>>> and >> > > > > >>>>>>>>>>>>>>>>>> fail >> > > > > >>>>>>>>>>>>>>>>>>>>>>> over >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> - Extend the web session filter and >> make >> > it >> > > > > >>>> work >> > > > > >>>>>>>>>>>> on >> > > > > >>>>>>>>>>>>>>>> spring >> > > > > >>>>>>>>>>>>>>>>>>>>>>> boot >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> application >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> I am thinking that best approach would >> be >> > to >> > > > get >> > > > > >>>>>>>>>>>>> started >> > > > > >>>>>>>>>>>>>>>> here >> > > > > >>>>>>>>>>>>>>>>>>>>>>> with >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> session design however I am open for >> > > feedback >> > > > > >>>>>> here. >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> -- >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> -- >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>>> -- >> > > > > >>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik >> > > > > >>>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>>> -- >> > > > > >>>>>>>>>>>>>>>>>>>>> Rishi Yagnik >> > > > > >>>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>>> -- >> > > > > >>>>>>>>>>>>>>>>>>>> Rishi Yagnik >> > > > > >>>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>>> -- >> > > > > >>>>>>>>>>>>>>>>> Rishi Yagnik >> > > > > >>>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>>> -- >> > > > > >>>>>>>>>>>>>>> Rishi Yagnik >> > > > > >>>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>>> -- >> > > > > >>>>>>>>>>>>>> Rishi Yagnik >> > > > > >>>>>>>>>>>>>> >> > > > > >>>>>>>>>>>>> >> > > > > >>>>>>>>>>>> >> > > > > >>>>>>>>>>>> >> > > > > >>>>>>>>>>>> >> > > > > >>>>>>>>>>>> -- >> > > > > >>>>>>>>>>>> Rishi Yagnik >> > > > > >>>>>>>>>>>> >> > > > > >>>>>>>>>> >> > > > > >>>>>>>>> >> > > > > >>>>>>>> >> > > > > >>>>>>>> >> > > > > >>>>>>>> >> > > > > >>>>>>>> -- >> > > > > >>>>>>>> Rishi Yagnik >> > > > > >>>>>>>> >> > > > > >>>>>>> >> > > > > >>>>>>> >> > > > > >>>>>>> >> > > > > >>>>>>> -- >> > > > > >>>>>>> Rishi Yagnik >> > > > > >>>>>>> >> > > > > >>>>>> >> > > > > >>>>> >> > > > > >>>>> >> > > > > >>>>> >> > > > > >>>>> -- >> > > > > >>>>> Rishi Yagnik >> > > > > >>>>> >> > > > > >>>> >> > > > > >>>> >> > > > > >>>> >> > > > > >>>> -- >> > > > > >>>> Rishi Yagnik >> > > > > >>>> >> > > > > >> >> > > > > > >> > > > > > >> > > > > > >> > > > > > -- >> > > > > > Rishi Yagnik >> > > > > >> > > > > >> > > > >> > > >> > > >> > > >> > > -- >> > > Rishi Yagnik >> > > >> > >> > > > > -- > Rishi Yagnik > -- Rishi Yagnik
