Hi folks. So I’m currently porting my old Flex-Based framework to Royale and making some progress. While at it I’m also updating my Spring-based backend to the latest changes in Spring, SpringBoot and SpringSecutiry. A lot of things have become a lot simpler and most of the obstacles I had to jump 8 years ago seem to have been solved :-)
One thing I’m currently having a little trouble with is: I create a ChannelSet in my Royale application and connect to BlazeDS without any trouble. As soon as I login on the channel set, I managed to link BlazeDS and SpringSecutiry to I correctly login in SpringSecurity. Problem is, as soon as you log in to SpringSecutiry, this creates a new http-session and invalidates the old one. Now as soon as I try to do something after logging in, I get a “DuplicateSession” error as the FlexClient is now tied to two sessions. Have you had the same problem and what was your solution to it? I don’t want to tell SpringSecurity not to create a new session as this actually makes a lot of sense from a security perspective. Chris
