Re: IGNITE-2741 - spring session design

2017-04-13 Thread Valentin Kulichenko 
Hi Rishi,

Good news :) Thanks for letting me know.

-Val

On Thu, Apr 13, 2017 at 9:29 PM, Rishi Yagnik  wrote:

> Hello Val,
>
> I debug further and found out that issue exist with SPA ( Angular APP ) and
> it needs a fix on their end so don't worry about it.
>
> Next week, I will deploy it in a cluster and let you know if that fixes
> session replication issue on cluster.
>
> Thanks,
> Rishi
>
>
> On Thu, Apr 13, 2017 at 7:55 AM, Rishi Yagnik 
> wrote:
>
> > Val,
> >
> > Yes I would provide you the exact steps today and I will also test it in
> > cluster environment.
> >
> > The local environment is working as expected with the fix.
> >
> > Take Care,
> > Rishi
> >
> > > On Apr 13, 2017, at 2:18 AM, Valentin Kulichenko <
> > valentin.kuliche...@gmail.com> wrote:
> > >
> > > Rishi,
> > >
> > > Can you tell exact steps to reproduce? It's working for me in my
> > > environment.
> > >
> > > Do I understand correctly that apart from the token issue, it works
> fine
> > > with new version?
> > >
> > > -Val
> > >
> > > On Wed, Apr 12, 2017 at 10:00 PM, Rishi Yagnik 
> > > wrote:
> > >
> > >> Val,
> > >>
> > >> I build it from master s and was able to integrate with our app, but
> as
> > I
> > >> mentioned to you previously, I see the XSRF-Token errors in debug log,
> > >>
> > >> [DEBUG] [XNIO-2 task-4] org.springframework.security.
> > web.FilterChainProxy
> > >> -
> > >> /app/xxx/yyy/zz/A at position 3 of 13 in additional filter chain;
> firing
> > >> Filter: 'HeaderWriterFilter'
> > >> [DEBUG] [XNIO-2 task-4] org.springframework.security.
> > web.FilterChainProxy
> > >> -
> > >> /app/xxx/yyy/zz/A at position 4 of 13 in additional filter chain;
> firing
> > >> Filter: 'CsrfFilter'
> > >>
> > >> [DEBUG] [XNIO-2 task-4] org.springframework.security.
> web.csrf.CsrfFilter
> > -
> > >> Invalid CSRF token found for http://localhost:9002/app/xxx/yyy/zz/A
> > >>
> > >> And, then after, CSRF filter does not like the session, redirects to
> > /403
> > >> error.
> > >>
> > >> Just wondering why the XSRF Token is not being saved in the session  ?
> > >>
> > >> More debugging is require for sure..
> > >>
> > >> of course there is a work around to the problem, I can just use Cookie
> > >> based Token repository to avoid this issue.
> > >>
> > >> .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
> > >>
> > >>
> > >> will let you know my findings..
> > >>
> > >> As always, thanks for all your help.
> > >>
> > >> Thanks,
> > >> Rishi
> > >>
> > >>
> > >> On Tue, Apr 11, 2017 at 4:18 PM, Rishi Yagnik 
> > >> wrote:
> > >>
> > >>> Hi Val,
> > >>>
> > >>> I will build it from master s and let you know by tomorrow.
> > >>>
> > >>> Thanks,
> > >>>
> > >>>
> > >>> On Tue, Apr 11, 2017 at 3:53 PM, Valentin Kulichenko <
> > >>> valentin.kuliche...@gmail.com> wrote:
> > >>>
> >  Hi Rishi,
> > 
> >  What was the issue with the HttpSessionCsrfTokenRepository? I
> didn't
> > >> have
> >  any problems after I added code you provided.
> > 
> >  The fix for [1] is already in master. Can you try building from
> there
> > >> and
> >  check if everything works fine for you?
> > 
> >  [1] https://issues.apache.org/jira/browse/IGNITE-4948
> > 
> >  -Val
> > 
> >  On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda 
> > >> wrote:
> > 
> > > Somewhere in April. This will be clarified on the dev list soon.
> > >
> > > On Saturday, March 18, 2017, Rishi Yagnik 
> >  wrote:
> > >
> > >> Thanks, Val.
> > >>
> > >> When are we going to release Ignite 2.0 ? June ??
> > >>
> > >> Thanks,
> > >>
> > >> On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
> > >> valentin.kuliche...@gmail.com > wrote:
> > >>
> > >>> Denis,
> > >>>
> > >>> Yes, this should be possible. I will try to finalize the fix
> asap.
> > >>>
> > >>> -Val
> > >>>
> > >>> On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda  > >> > wrote:
> > >>>
> >  Val,
> > 
> >  Will it be possible to incorporate the fix into the nearest 2.0
> > >> release?
> > 
> >  —
> >  Denis
> > 
> > > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <
> >  rishiyag...@gmail.com
> > >> >
> >  wrote:
> > >
> > > Hi Val,
> > >
> > > Hope you are well, any update on web session clustering.
> > >
> > > Thanks,
> > > Rishi
> > >
> > > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
> > >> rishiyag...@gmail.com >
> > > wrote:
> > >
> > >> Hi Val,
> > >>
> > >> Thanks looking forward for the fix..
> > >>
> > >> Take Care,
> > >> Rishi
> >

Re: IGNITE-2741 - spring session design

2017-04-13 Thread Rishi Yagnik 
Hello Val,

I debug further and found out that issue exist with SPA ( Angular APP ) and
it needs a fix on their end so don't worry about it.

Next week, I will deploy it in a cluster and let you know if that fixes
session replication issue on cluster.

Thanks,
Rishi


On Thu, Apr 13, 2017 at 7:55 AM, Rishi Yagnik  wrote:

> Val,
>
> Yes I would provide you the exact steps today and I will also test it in
> cluster environment.
>
> The local environment is working as expected with the fix.
>
> Take Care,
> Rishi
>
> > On Apr 13, 2017, at 2:18 AM, Valentin Kulichenko <
> valentin.kuliche...@gmail.com> wrote:
> >
> > Rishi,
> >
> > Can you tell exact steps to reproduce? It's working for me in my
> > environment.
> >
> > Do I understand correctly that apart from the token issue, it works fine
> > with new version?
> >
> > -Val
> >
> > On Wed, Apr 12, 2017 at 10:00 PM, Rishi Yagnik 
> > wrote:
> >
> >> Val,
> >>
> >> I build it from master s and was able to integrate with our app, but as
> I
> >> mentioned to you previously, I see the XSRF-Token errors in debug log,
> >>
> >> [DEBUG] [XNIO-2 task-4] org.springframework.security.
> web.FilterChainProxy
> >> -
> >> /app/xxx/yyy/zz/A at position 3 of 13 in additional filter chain; firing
> >> Filter: 'HeaderWriterFilter'
> >> [DEBUG] [XNIO-2 task-4] org.springframework.security.
> web.FilterChainProxy
> >> -
> >> /app/xxx/yyy/zz/A at position 4 of 13 in additional filter chain; firing
> >> Filter: 'CsrfFilter'
> >>
> >> [DEBUG] [XNIO-2 task-4] org.springframework.security.web.csrf.CsrfFilter
> -
> >> Invalid CSRF token found for http://localhost:9002/app/xxx/yyy/zz/A
> >>
> >> And, then after, CSRF filter does not like the session, redirects to
> /403
> >> error.
> >>
> >> Just wondering why the XSRF Token is not being saved in the session  ?
> >>
> >> More debugging is require for sure..
> >>
> >> of course there is a work around to the problem, I can just use Cookie
> >> based Token repository to avoid this issue.
> >>
> >> .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
> >>
> >>
> >> will let you know my findings..
> >>
> >> As always, thanks for all your help.
> >>
> >> Thanks,
> >> Rishi
> >>
> >>
> >> On Tue, Apr 11, 2017 at 4:18 PM, Rishi Yagnik 
> >> wrote:
> >>
> >>> Hi Val,
> >>>
> >>> I will build it from master s and let you know by tomorrow.
> >>>
> >>> Thanks,
> >>>
> >>>
> >>> On Tue, Apr 11, 2017 at 3:53 PM, Valentin Kulichenko <
> >>> valentin.kuliche...@gmail.com> wrote:
> >>>
>  Hi Rishi,
> 
>  What was the issue with the HttpSessionCsrfTokenRepository? I didn't
> >> have
>  any problems after I added code you provided.
> 
>  The fix for [1] is already in master. Can you try building from there
> >> and
>  check if everything works fine for you?
> 
>  [1] https://issues.apache.org/jira/browse/IGNITE-4948
> 
>  -Val
> 
>  On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda 
> >> wrote:
> 
> > Somewhere in April. This will be clarified on the dev list soon.
> >
> > On Saturday, March 18, 2017, Rishi Yagnik 
>  wrote:
> >
> >> Thanks, Val.
> >>
> >> When are we going to release Ignite 2.0 ? June ??
> >>
> >> Thanks,
> >>
> >> On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
> >> valentin.kuliche...@gmail.com > wrote:
> >>
> >>> Denis,
> >>>
> >>> Yes, this should be possible. I will try to finalize the fix asap.
> >>>
> >>> -Val
> >>>
> >>> On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda  >> > wrote:
> >>>
>  Val,
> 
>  Will it be possible to incorporate the fix into the nearest 2.0
> >> release?
> 
>  —
>  Denis
> 
> > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <
>  rishiyag...@gmail.com
> >> >
>  wrote:
> >
> > Hi Val,
> >
> > Hope you are well, any update on web session clustering.
> >
> > Thanks,
> > Rishi
> >
> > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
> >> rishiyag...@gmail.com >
> > wrote:
> >
> >> Hi Val,
> >>
> >> Thanks looking forward for the fix..
> >>
> >> Take Care,
> >> Rishi
> >>
> >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> >> valentin.kuliche...@gmail.com > wrote:
> >>>
> >>> Hi Rishi,
> >>>
> >>> I want to fix the bug first. It takes a bit longer than I
> > thought,
> >>> but
>  I
> >>> should finish it over the weekend.
> >>>
> >>> -Val
> >>>
>  On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
> >>>

Re: IGNITE-2741 - spring session design

2017-04-13 Thread Rishi Yagnik 
Val,

Yes I would provide you the exact steps today and I will also test it in 
cluster environment.

The local environment is working as expected with the fix.

Take Care,
Rishi

> On Apr 13, 2017, at 2:18 AM, Valentin Kulichenko 
>  wrote:
> 
> Rishi,
> 
> Can you tell exact steps to reproduce? It's working for me in my
> environment.
> 
> Do I understand correctly that apart from the token issue, it works fine
> with new version?
> 
> -Val
> 
> On Wed, Apr 12, 2017 at 10:00 PM, Rishi Yagnik 
> wrote:
> 
>> Val,
>> 
>> I build it from master s and was able to integrate with our app, but as I
>> mentioned to you previously, I see the XSRF-Token errors in debug log,
>> 
>> [DEBUG] [XNIO-2 task-4] org.springframework.security.web.FilterChainProxy
>> -
>> /app/xxx/yyy/zz/A at position 3 of 13 in additional filter chain; firing
>> Filter: 'HeaderWriterFilter'
>> [DEBUG] [XNIO-2 task-4] org.springframework.security.web.FilterChainProxy
>> -
>> /app/xxx/yyy/zz/A at position 4 of 13 in additional filter chain; firing
>> Filter: 'CsrfFilter'
>> 
>> [DEBUG] [XNIO-2 task-4] org.springframework.security.web.csrf.CsrfFilter -
>> Invalid CSRF token found for http://localhost:9002/app/xxx/yyy/zz/A
>> 
>> And, then after, CSRF filter does not like the session, redirects to /403
>> error.
>> 
>> Just wondering why the XSRF Token is not being saved in the session  ?
>> 
>> More debugging is require for sure..
>> 
>> of course there is a work around to the problem, I can just use Cookie
>> based Token repository to avoid this issue.
>> 
>> .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
>> 
>> 
>> will let you know my findings..
>> 
>> As always, thanks for all your help.
>> 
>> Thanks,
>> Rishi
>> 
>> 
>> On Tue, Apr 11, 2017 at 4:18 PM, Rishi Yagnik 
>> wrote:
>> 
>>> Hi Val,
>>> 
>>> I will build it from master s and let you know by tomorrow.
>>> 
>>> Thanks,
>>> 
>>> 
>>> On Tue, Apr 11, 2017 at 3:53 PM, Valentin Kulichenko <
>>> valentin.kuliche...@gmail.com> wrote:
>>> 
 Hi Rishi,
 
 What was the issue with the HttpSessionCsrfTokenRepository? I didn't
>> have
 any problems after I added code you provided.
 
 The fix for [1] is already in master. Can you try building from there
>> and
 check if everything works fine for you?
 
 [1] https://issues.apache.org/jira/browse/IGNITE-4948
 
 -Val
 
 On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda 
>> wrote:
 
> Somewhere in April. This will be clarified on the dev list soon.
> 
> On Saturday, March 18, 2017, Rishi Yagnik 
 wrote:
> 
>> Thanks, Val.
>> 
>> When are we going to release Ignite 2.0 ? June ??
>> 
>> Thanks,
>> 
>> On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
>> valentin.kuliche...@gmail.com > wrote:
>> 
>>> Denis,
>>> 
>>> Yes, this should be possible. I will try to finalize the fix asap.
>>> 
>>> -Val
>>> 
>>> On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda > > wrote:
>>> 
 Val,
 
 Will it be possible to incorporate the fix into the nearest 2.0
>> release?
 
 —
 Denis
 
> On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <
 rishiyag...@gmail.com
>> >
 wrote:
> 
> Hi Val,
> 
> Hope you are well, any update on web session clustering.
> 
> Thanks,
> Rishi
> 
> On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
>> rishiyag...@gmail.com >
> wrote:
> 
>> Hi Val,
>> 
>> Thanks looking forward for the fix..
>> 
>> Take Care,
>> Rishi
>> 
>>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
>> valentin.kuliche...@gmail.com > wrote:
>>> 
>>> Hi Rishi,
>>> 
>>> I want to fix the bug first. It takes a bit longer than I
> thought,
>>> but
 I
>>> should finish it over the weekend.
>>> 
>>> -Val
>>> 
 On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
>>> rishiyag...@gmail.com >
>> wrote:
 
 Hi Val,
 
 Did you chance to look into session handling issue ?
 
 Thanks,
 
 On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <
>> rishiyag...@gmail.com 
 
 wrote:
 
> Hi Val,
> 
> Do you think I can test a fix in 1.9 RC releases ? How are
 you
 planning
 to
> release a fix ?
> 
> Did you also look into problem where storing xsrf

Re: IGNITE-2741 - spring session design

2017-04-13 Thread Valentin Kulichenko 
Rishi,

Can you tell exact steps to reproduce? It's working for me in my
environment.

Do I understand correctly that apart from the token issue, it works fine
with new version?

-Val

On Wed, Apr 12, 2017 at 10:00 PM, Rishi Yagnik 
wrote:

> Val,
>
> I build it from master s and was able to integrate with our app, but as I
> mentioned to you previously, I see the XSRF-Token errors in debug log,
>
> [DEBUG] [XNIO-2 task-4] org.springframework.security.web.FilterChainProxy
> -
> /app/xxx/yyy/zz/A at position 3 of 13 in additional filter chain; firing
> Filter: 'HeaderWriterFilter'
> [DEBUG] [XNIO-2 task-4] org.springframework.security.web.FilterChainProxy
> -
> /app/xxx/yyy/zz/A at position 4 of 13 in additional filter chain; firing
> Filter: 'CsrfFilter'
>
> [DEBUG] [XNIO-2 task-4] org.springframework.security.web.csrf.CsrfFilter -
> Invalid CSRF token found for http://localhost:9002/app/xxx/yyy/zz/A
>
> And, then after, CSRF filter does not like the session, redirects to /403
> error.
>
> Just wondering why the XSRF Token is not being saved in the session  ?
>
> More debugging is require for sure..
>
> of course there is a work around to the problem, I can just use Cookie
> based Token repository to avoid this issue.
>
> .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
>
>
> will let you know my findings..
>
> As always, thanks for all your help.
>
> Thanks,
> Rishi
>
>
> On Tue, Apr 11, 2017 at 4:18 PM, Rishi Yagnik 
> wrote:
>
> > Hi Val,
> >
> > I will build it from master s and let you know by tomorrow.
> >
> > Thanks,
> >
> >
> > On Tue, Apr 11, 2017 at 3:53 PM, Valentin Kulichenko <
> > valentin.kuliche...@gmail.com> wrote:
> >
> >> Hi Rishi,
> >>
> >> What was the issue with the HttpSessionCsrfTokenRepository? I didn't
> have
> >> any problems after I added code you provided.
> >>
> >> The fix for [1] is already in master. Can you try building from there
> and
> >> check if everything works fine for you?
> >>
> >> [1] https://issues.apache.org/jira/browse/IGNITE-4948
> >>
> >> -Val
> >>
> >> On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda 
> wrote:
> >>
> >> > Somewhere in April. This will be clarified on the dev list soon.
> >> >
> >> > On Saturday, March 18, 2017, Rishi Yagnik 
> >> wrote:
> >> >
> >> > > Thanks, Val.
> >> > >
> >> > > When are we going to release Ignite 2.0 ? June ??
> >> > >
> >> > > Thanks,
> >> > >
> >> > > On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
> >> > > valentin.kuliche...@gmail.com > wrote:
> >> > >
> >> > > > Denis,
> >> > > >
> >> > > > Yes, this should be possible. I will try to finalize the fix asap.
> >> > > >
> >> > > > -Val
> >> > > >
> >> > > > On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda  >> > > > wrote:
> >> > > >
> >> > > > > Val,
> >> > > > >
> >> > > > > Will it be possible to incorporate the fix into the nearest 2.0
> >> > > release?
> >> > > > >
> >> > > > > —
> >> > > > > Denis
> >> > > > >
> >> > > > > > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <
> >> rishiyag...@gmail.com
> >> > > >
> >> > > > > wrote:
> >> > > > > >
> >> > > > > > Hi Val,
> >> > > > > >
> >> > > > > > Hope you are well, any update on web session clustering.
> >> > > > > >
> >> > > > > > Thanks,
> >> > > > > > Rishi
> >> > > > > >
> >> > > > > > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
> >> > > rishiyag...@gmail.com >
> >> > > > > > wrote:
> >> > > > > >
> >> > > > > >> Hi Val,
> >> > > > > >>
> >> > > > > >> Thanks looking forward for the fix..
> >> > > > > >>
> >> > > > > >> Take Care,
> >> > > > > >> Rishi
> >> > > > > >>
> >> > > > > >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> >> > > > > >> valentin.kuliche...@gmail.com > wrote:
> >> > > > > >>>
> >> > > > > >>> Hi Rishi,
> >> > > > > >>>
> >> > > > > >>> I want to fix the bug first. It takes a bit longer than I
> >> > thought,
> >> > > > but
> >> > > > > I
> >> > > > > >>> should finish it over the weekend.
> >> > > > > >>>
> >> > > > > >>> -Val
> >> > > > > >>>
> >> > > > >  On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
> >> > > > rishiyag...@gmail.com >
> >> > > > > >> wrote:
> >> > > > > 
> >> > > > >  Hi Val,
> >> > > > > 
> >> > > > >  Did you chance to look into session handling issue ?
> >> > > > > 
> >> > > > >  Thanks,
> >> > > > > 
> >> > > > >  On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <
> >> > > rishiyag...@gmail.com 
> >> > > > >
> >> > > > >  wrote:
> >> > > > > 
> >> > > > > > Hi Val,
> >> > > > > >
> >> > > > > > Do you think I can test a fix in 1.9 RC releases ? How are
> >> you
> >> > > > > planning
> >> > > > >  to
> >> > > > > > release a fix ?
> >> > > > > >
> >> > > > > > Did you also look into problem where storing xsrf token in
> >> > Ignite
> >> > > > > >> returns
> >> > > >

Re: IGNITE-2741 - spring session design

2017-04-11 Thread Rishi Yagnik 
Hi Val,

I will build it from master s and let you know by tomorrow.

Thanks,


On Tue, Apr 11, 2017 at 3:53 PM, Valentin Kulichenko <
valentin.kuliche...@gmail.com> wrote:

> Hi Rishi,
>
> What was the issue with the HttpSessionCsrfTokenRepository? I didn't have
> any problems after I added code you provided.
>
> The fix for [1] is already in master. Can you try building from there and
> check if everything works fine for you?
>
> [1] https://issues.apache.org/jira/browse/IGNITE-4948
>
> -Val
>
> On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda  wrote:
>
> > Somewhere in April. This will be clarified on the dev list soon.
> >
> > On Saturday, March 18, 2017, Rishi Yagnik  wrote:
> >
> > > Thanks, Val.
> > >
> > > When are we going to release Ignite 2.0 ? June ??
> > >
> > > Thanks,
> > >
> > > On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
> > > valentin.kuliche...@gmail.com > wrote:
> > >
> > > > Denis,
> > > >
> > > > Yes, this should be possible. I will try to finalize the fix asap.
> > > >
> > > > -Val
> > > >
> > > > On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda  > > > wrote:
> > > >
> > > > > Val,
> > > > >
> > > > > Will it be possible to incorporate the fix into the nearest 2.0
> > > release?
> > > > >
> > > > > —
> > > > > Denis
> > > > >
> > > > > > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <
> rishiyag...@gmail.com
> > > >
> > > > > wrote:
> > > > > >
> > > > > > Hi Val,
> > > > > >
> > > > > > Hope you are well, any update on web session clustering.
> > > > > >
> > > > > > Thanks,
> > > > > > Rishi
> > > > > >
> > > > > > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
> > > rishiyag...@gmail.com >
> > > > > > wrote:
> > > > > >
> > > > > >> Hi Val,
> > > > > >>
> > > > > >> Thanks looking forward for the fix..
> > > > > >>
> > > > > >> Take Care,
> > > > > >> Rishi
> > > > > >>
> > > > > >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> > > > > >> valentin.kuliche...@gmail.com > wrote:
> > > > > >>>
> > > > > >>> Hi Rishi,
> > > > > >>>
> > > > > >>> I want to fix the bug first. It takes a bit longer than I
> > thought,
> > > > but
> > > > > I
> > > > > >>> should finish it over the weekend.
> > > > > >>>
> > > > > >>> -Val
> > > > > >>>
> > > > >  On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
> > > > rishiyag...@gmail.com >
> > > > > >> wrote:
> > > > > 
> > > > >  Hi Val,
> > > > > 
> > > > >  Did you chance to look into session handling issue ?
> > > > > 
> > > > >  Thanks,
> > > > > 
> > > > >  On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <
> > > rishiyag...@gmail.com 
> > > > >
> > > > >  wrote:
> > > > > 
> > > > > > Hi Val,
> > > > > >
> > > > > > Do you think I can test a fix in 1.9 RC releases ? How are
> you
> > > > > planning
> > > > >  to
> > > > > > release a fix ?
> > > > > >
> > > > > > Did you also look into problem where storing xsrf token in
> > Ignite
> > > > > >> returns
> > > > > > an exception and does not behave as expected ?
> > > > > >
> > > > > > In SecurityConfig.java use HttpSessionCsrfTokenRepository
> with
> > > > > >> following
> > > > > > code -
> > > > > >
> > > > > > .csrfTokenRepository(csrfTokenRepository())
> > > > > >
> > > > > > private CsrfTokenRepository csrfTokenRepository() {
> > > > > >   HttpSessionCsrfTokenRepository repository = new
> > > > >  HttpSessionCsrfTokenRepository();
> > > > > >   repository.setHeaderName("X-XSRF-TOKEN");
> > > > > >   return repository;
> > > > > > }
> > > > > >
> > > > > > Thank you for all your help,
> > > > > >
> > > > > >
> > > > > > On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> > > > > > valentin.kuliche...@gmail.com > wrote:
> > > > > >
> > > > > >> Hi Rishi,
> > > > > >>
> > > > > >> I got to the bottom of it. Basically, the session is
> replaced
> > in
> > > > > >> Spring
> > > > > >> filter, but caching happens based on the old version which
> > > doesn't
> > > > > >> have
> > > > > >> security attributes. The fix is going to be very easy, I
> will
> > do
> > > > it
> > > > > >> tomorrow.
> > > > > >>
> > > > > >> -Val
> > > > > >>
> > > > > >> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik <
> > > > rishiyag...@gmail.com 
> > > > > >
> > > > > >> wrote:
> > > > > >>
> > > > > >>> Val,
> > > > > >>>
> > > > > >>> Did you get chance to play around with the code ?
> > > > > >>>
> > > > > >>> Thanks,
> > > > > >>>
> > > > > >>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
> > > > > rishiyag...@gmail.com >
> > > > > >>> wrote:
> > > > > >>>
> > > > >  Val,
> > > > > 
> > > > >  Adding a filter before csrf filter will invoke the

Re: IGNITE-2741 - spring session design

2017-04-11 Thread Valentin Kulichenko 
Hi Rishi,

What was the issue with the HttpSessionCsrfTokenRepository? I didn't have
any problems after I added code you provided.

The fix for [1] is already in master. Can you try building from there and
check if everything works fine for you?

[1] https://issues.apache.org/jira/browse/IGNITE-4948

-Val

On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda  wrote:

> Somewhere in April. This will be clarified on the dev list soon.
>
> On Saturday, March 18, 2017, Rishi Yagnik  wrote:
>
> > Thanks, Val.
> >
> > When are we going to release Ignite 2.0 ? June ??
> >
> > Thanks,
> >
> > On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
> > valentin.kuliche...@gmail.com > wrote:
> >
> > > Denis,
> > >
> > > Yes, this should be possible. I will try to finalize the fix asap.
> > >
> > > -Val
> > >
> > > On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda  > > wrote:
> > >
> > > > Val,
> > > >
> > > > Will it be possible to incorporate the fix into the nearest 2.0
> > release?
> > > >
> > > > —
> > > > Denis
> > > >
> > > > > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik  > >
> > > > wrote:
> > > > >
> > > > > Hi Val,
> > > > >
> > > > > Hope you are well, any update on web session clustering.
> > > > >
> > > > > Thanks,
> > > > > Rishi
> > > > >
> > > > > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
> > rishiyag...@gmail.com >
> > > > > wrote:
> > > > >
> > > > >> Hi Val,
> > > > >>
> > > > >> Thanks looking forward for the fix..
> > > > >>
> > > > >> Take Care,
> > > > >> Rishi
> > > > >>
> > > > >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> > > > >> valentin.kuliche...@gmail.com > wrote:
> > > > >>>
> > > > >>> Hi Rishi,
> > > > >>>
> > > > >>> I want to fix the bug first. It takes a bit longer than I
> thought,
> > > but
> > > > I
> > > > >>> should finish it over the weekend.
> > > > >>>
> > > > >>> -Val
> > > > >>>
> > > >  On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
> > > rishiyag...@gmail.com >
> > > > >> wrote:
> > > > 
> > > >  Hi Val,
> > > > 
> > > >  Did you chance to look into session handling issue ?
> > > > 
> > > >  Thanks,
> > > > 
> > > >  On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <
> > rishiyag...@gmail.com 
> > > >
> > > >  wrote:
> > > > 
> > > > > Hi Val,
> > > > >
> > > > > Do you think I can test a fix in 1.9 RC releases ? How are you
> > > > planning
> > > >  to
> > > > > release a fix ?
> > > > >
> > > > > Did you also look into problem where storing xsrf token in
> Ignite
> > > > >> returns
> > > > > an exception and does not behave as expected ?
> > > > >
> > > > > In SecurityConfig.java use HttpSessionCsrfTokenRepository with
> > > > >> following
> > > > > code -
> > > > >
> > > > > .csrfTokenRepository(csrfTokenRepository())
> > > > >
> > > > > private CsrfTokenRepository csrfTokenRepository() {
> > > > >   HttpSessionCsrfTokenRepository repository = new
> > > >  HttpSessionCsrfTokenRepository();
> > > > >   repository.setHeaderName("X-XSRF-TOKEN");
> > > > >   return repository;
> > > > > }
> > > > >
> > > > > Thank you for all your help,
> > > > >
> > > > >
> > > > > On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> > > > > valentin.kuliche...@gmail.com > wrote:
> > > > >
> > > > >> Hi Rishi,
> > > > >>
> > > > >> I got to the bottom of it. Basically, the session is replaced
> in
> > > > >> Spring
> > > > >> filter, but caching happens based on the old version which
> > doesn't
> > > > >> have
> > > > >> security attributes. The fix is going to be very easy, I will
> do
> > > it
> > > > >> tomorrow.
> > > > >>
> > > > >> -Val
> > > > >>
> > > > >> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik <
> > > rishiyag...@gmail.com 
> > > > >
> > > > >> wrote:
> > > > >>
> > > > >>> Val,
> > > > >>>
> > > > >>> Did you get chance to play around with the code ?
> > > > >>>
> > > > >>> Thanks,
> > > > >>>
> > > > >>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
> > > > rishiyag...@gmail.com >
> > > > >>> wrote:
> > > > >>>
> > > >  Val,
> > > > 
> > > >  Adding a filter before csrf filter will invoke the custom
> > ignite
> > > > >> filter.
> > > > 
> > > >  Declare a custom filter class extends it with websession
> > filter
> > > > 
> > > >  public class CustomWebSessionFilter extends
> WebSessionFilter {
> > > > 
> > > > private static boolean igniteInitialize = false
> > > > 
> > > >  @Override public void doFilter(ServletRequest req,
> > > ServletResponse
> > > > >> res,
> > > >  FilterChain chain)
> > >

Re: IGNITE-2741 - spring session design

2017-03-18 Thread Denis Magda 
Somewhere in April. This will be clarified on the dev list soon.

On Saturday, March 18, 2017, Rishi Yagnik  wrote:

> Thanks, Val.
>
> When are we going to release Ignite 2.0 ? June ??
>
> Thanks,
>
> On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
> valentin.kuliche...@gmail.com > wrote:
>
> > Denis,
> >
> > Yes, this should be possible. I will try to finalize the fix asap.
> >
> > -Val
> >
> > On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda  > wrote:
> >
> > > Val,
> > >
> > > Will it be possible to incorporate the fix into the nearest 2.0
> release?
> > >
> > > —
> > > Denis
> > >
> > > > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik  >
> > > wrote:
> > > >
> > > > Hi Val,
> > > >
> > > > Hope you are well, any update on web session clustering.
> > > >
> > > > Thanks,
> > > > Rishi
> > > >
> > > > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
> rishiyag...@gmail.com >
> > > > wrote:
> > > >
> > > >> Hi Val,
> > > >>
> > > >> Thanks looking forward for the fix..
> > > >>
> > > >> Take Care,
> > > >> Rishi
> > > >>
> > > >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> > > >> valentin.kuliche...@gmail.com > wrote:
> > > >>>
> > > >>> Hi Rishi,
> > > >>>
> > > >>> I want to fix the bug first. It takes a bit longer than I thought,
> > but
> > > I
> > > >>> should finish it over the weekend.
> > > >>>
> > > >>> -Val
> > > >>>
> > >  On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
> > rishiyag...@gmail.com >
> > > >> wrote:
> > > 
> > >  Hi Val,
> > > 
> > >  Did you chance to look into session handling issue ?
> > > 
> > >  Thanks,
> > > 
> > >  On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <
> rishiyag...@gmail.com 
> > >
> > >  wrote:
> > > 
> > > > Hi Val,
> > > >
> > > > Do you think I can test a fix in 1.9 RC releases ? How are you
> > > planning
> > >  to
> > > > release a fix ?
> > > >
> > > > Did you also look into problem where storing xsrf token in Ignite
> > > >> returns
> > > > an exception and does not behave as expected ?
> > > >
> > > > In SecurityConfig.java use HttpSessionCsrfTokenRepository with
> > > >> following
> > > > code -
> > > >
> > > > .csrfTokenRepository(csrfTokenRepository())
> > > >
> > > > private CsrfTokenRepository csrfTokenRepository() {
> > > >   HttpSessionCsrfTokenRepository repository = new
> > >  HttpSessionCsrfTokenRepository();
> > > >   repository.setHeaderName("X-XSRF-TOKEN");
> > > >   return repository;
> > > > }
> > > >
> > > > Thank you for all your help,
> > > >
> > > >
> > > > On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> > > > valentin.kuliche...@gmail.com > wrote:
> > > >
> > > >> Hi Rishi,
> > > >>
> > > >> I got to the bottom of it. Basically, the session is replaced in
> > > >> Spring
> > > >> filter, but caching happens based on the old version which
> doesn't
> > > >> have
> > > >> security attributes. The fix is going to be very easy, I will do
> > it
> > > >> tomorrow.
> > > >>
> > > >> -Val
> > > >>
> > > >> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik <
> > rishiyag...@gmail.com 
> > > >
> > > >> wrote:
> > > >>
> > > >>> Val,
> > > >>>
> > > >>> Did you get chance to play around with the code ?
> > > >>>
> > > >>> Thanks,
> > > >>>
> > > >>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
> > > rishiyag...@gmail.com >
> > > >>> wrote:
> > > >>>
> > >  Val,
> > > 
> > >  Adding a filter before csrf filter will invoke the custom
> ignite
> > > >> filter.
> > > 
> > >  Declare a custom filter class extends it with websession
> filter
> > > 
> > >  public class CustomWebSessionFilter extends WebSessionFilter {
> > > 
> > > private static boolean igniteInitialize = false
> > > 
> > >  @Override public void doFilter(ServletRequest req,
> > ServletResponse
> > > >> res,
> > >  FilterChain chain)
> > >    throws IOException, ServletException {
> > >    if(!igniteInitialize) {
> > >    super.init(new FilterConfig() {
> > >    @Override
> > >    public String getFilterName() {
> > >    return "CustomWebSessionFilter";
> > >    }
> > > 
> > >    @Override
> > >    public ServletContext getServletContext() {
> > >    return req.getServletContext();
> > >    }
> > > 
> > >    @Override
> > >    public String

Re: IGNITE-2741 - spring session design

2017-03-18 Thread Rishi Yagnik 
Thanks, Val.

When are we going to release Ignite 2.0 ? June ??

Thanks,

On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
valentin.kuliche...@gmail.com> wrote:

> Denis,
>
> Yes, this should be possible. I will try to finalize the fix asap.
>
> -Val
>
> On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda  wrote:
>
> > Val,
> >
> > Will it be possible to incorporate the fix into the nearest 2.0 release?
> >
> > —
> > Denis
> >
> > > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik 
> > wrote:
> > >
> > > Hi Val,
> > >
> > > Hope you are well, any update on web session clustering.
> > >
> > > Thanks,
> > > Rishi
> > >
> > > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik 
> > > wrote:
> > >
> > >> Hi Val,
> > >>
> > >> Thanks looking forward for the fix..
> > >>
> > >> Take Care,
> > >> Rishi
> > >>
> > >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> > >> valentin.kuliche...@gmail.com> wrote:
> > >>>
> > >>> Hi Rishi,
> > >>>
> > >>> I want to fix the bug first. It takes a bit longer than I thought,
> but
> > I
> > >>> should finish it over the weekend.
> > >>>
> > >>> -Val
> > >>>
> >  On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
> rishiyag...@gmail.com>
> > >> wrote:
> > 
> >  Hi Val,
> > 
> >  Did you chance to look into session handling issue ?
> > 
> >  Thanks,
> > 
> >  On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik  >
> >  wrote:
> > 
> > > Hi Val,
> > >
> > > Do you think I can test a fix in 1.9 RC releases ? How are you
> > planning
> >  to
> > > release a fix ?
> > >
> > > Did you also look into problem where storing xsrf token in Ignite
> > >> returns
> > > an exception and does not behave as expected ?
> > >
> > > In SecurityConfig.java use HttpSessionCsrfTokenRepository with
> > >> following
> > > code -
> > >
> > > .csrfTokenRepository(csrfTokenRepository())
> > >
> > > private CsrfTokenRepository csrfTokenRepository() {
> > >   HttpSessionCsrfTokenRepository repository = new
> >  HttpSessionCsrfTokenRepository();
> > >   repository.setHeaderName("X-XSRF-TOKEN");
> > >   return repository;
> > > }
> > >
> > > Thank you for all your help,
> > >
> > >
> > > On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> > > valentin.kuliche...@gmail.com> wrote:
> > >
> > >> Hi Rishi,
> > >>
> > >> I got to the bottom of it. Basically, the session is replaced in
> > >> Spring
> > >> filter, but caching happens based on the old version which doesn't
> > >> have
> > >> security attributes. The fix is going to be very easy, I will do
> it
> > >> tomorrow.
> > >>
> > >> -Val
> > >>
> > >> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik <
> rishiyag...@gmail.com
> > >
> > >> wrote:
> > >>
> > >>> Val,
> > >>>
> > >>> Did you get chance to play around with the code ?
> > >>>
> > >>> Thanks,
> > >>>
> > >>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
> > rishiyag...@gmail.com>
> > >>> wrote:
> > >>>
> >  Val,
> > 
> >  Adding a filter before csrf filter will invoke the custom ignite
> > >> filter.
> > 
> >  Declare a custom filter class extends it with websession filter
> > 
> >  public class CustomWebSessionFilter extends WebSessionFilter {
> > 
> > private static boolean igniteInitialize = false
> > 
> >  @Override public void doFilter(ServletRequest req,
> ServletResponse
> > >> res,
> >  FilterChain chain)
> >    throws IOException, ServletException {
> >    if(!igniteInitialize) {
> >    super.init(new FilterConfig() {
> >    @Override
> >    public String getFilterName() {
> >    return "CustomWebSessionFilter";
> >    }
> > 
> >    @Override
> >    public ServletContext getServletContext() {
> >    return req.getServletContext();
> >    }
> > 
> >    @Override
> >    public String getInitParameter(String name) {
> >    return null;
> >    }
> > 
> >    @Override
> >    public Enumeration
> getInitParameterNames() {
> >    return null;
> >    }
> >    });
> >    igniteInitialize = true;
> >    }
> >    super.doFilter(req,res,chain);
> >    }
> >  }
> > 
> >  And in SecurityConfig.java add following line to invoke filter
> >  before
> >  Ignite Web Session filter -
> > 
>

Re: IGNITE-2741 - spring session design

2017-03-18 Thread Valentin Kulichenko 
Denis,

Yes, this should be possible. I will try to finalize the fix asap.

-Val

On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda  wrote:

> Val,
>
> Will it be possible to incorporate the fix into the nearest 2.0 release?
>
> —
> Denis
>
> > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik 
> wrote:
> >
> > Hi Val,
> >
> > Hope you are well, any update on web session clustering.
> >
> > Thanks,
> > Rishi
> >
> > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik 
> > wrote:
> >
> >> Hi Val,
> >>
> >> Thanks looking forward for the fix..
> >>
> >> Take Care,
> >> Rishi
> >>
> >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> >> valentin.kuliche...@gmail.com> wrote:
> >>>
> >>> Hi Rishi,
> >>>
> >>> I want to fix the bug first. It takes a bit longer than I thought, but
> I
> >>> should finish it over the weekend.
> >>>
> >>> -Val
> >>>
>  On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik 
> >> wrote:
> 
>  Hi Val,
> 
>  Did you chance to look into session handling issue ?
> 
>  Thanks,
> 
>  On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik 
>  wrote:
> 
> > Hi Val,
> >
> > Do you think I can test a fix in 1.9 RC releases ? How are you
> planning
>  to
> > release a fix ?
> >
> > Did you also look into problem where storing xsrf token in Ignite
> >> returns
> > an exception and does not behave as expected ?
> >
> > In SecurityConfig.java use HttpSessionCsrfTokenRepository with
> >> following
> > code -
> >
> > .csrfTokenRepository(csrfTokenRepository())
> >
> > private CsrfTokenRepository csrfTokenRepository() {
> >   HttpSessionCsrfTokenRepository repository = new
>  HttpSessionCsrfTokenRepository();
> >   repository.setHeaderName("X-XSRF-TOKEN");
> >   return repository;
> > }
> >
> > Thank you for all your help,
> >
> >
> > On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> > valentin.kuliche...@gmail.com> wrote:
> >
> >> Hi Rishi,
> >>
> >> I got to the bottom of it. Basically, the session is replaced in
> >> Spring
> >> filter, but caching happens based on the old version which doesn't
> >> have
> >> security attributes. The fix is going to be very easy, I will do it
> >> tomorrow.
> >>
> >> -Val
> >>
> >> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik  >
> >> wrote:
> >>
> >>> Val,
> >>>
> >>> Did you get chance to play around with the code ?
> >>>
> >>> Thanks,
> >>>
> >>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
> rishiyag...@gmail.com>
> >>> wrote:
> >>>
>  Val,
> 
>  Adding a filter before csrf filter will invoke the custom ignite
> >> filter.
> 
>  Declare a custom filter class extends it with websession filter
> 
>  public class CustomWebSessionFilter extends WebSessionFilter {
> 
> private static boolean igniteInitialize = false
> 
>  @Override public void doFilter(ServletRequest req, ServletResponse
> >> res,
>  FilterChain chain)
>    throws IOException, ServletException {
>    if(!igniteInitialize) {
>    super.init(new FilterConfig() {
>    @Override
>    public String getFilterName() {
>    return "CustomWebSessionFilter";
>    }
> 
>    @Override
>    public ServletContext getServletContext() {
>    return req.getServletContext();
>    }
> 
>    @Override
>    public String getInitParameter(String name) {
>    return null;
>    }
> 
>    @Override
>    public Enumeration getInitParameterNames() {
>    return null;
>    }
>    });
>    igniteInitialize = true;
>    }
>    super.doFilter(req,res,chain);
>    }
>  }
> 
>  And in SecurityConfig.java add following line to invoke filter
>  before
>  Ignite Web Session filter -
> 
>  .addFilterBefore(new ArWebSessionFilter(), CsrfFilter.class)
> 
>  Hope it helps..
> 
>  Thanks,
> 
>  On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
>  valentin.kuliche...@gmail.com> wrote:
> 
> > Rishi,
> >
> > Can you please share how you forced Ignite filter to be invoked
> >> before
> > security filter?
> >
> > -Val
> >
> > On Sun, Mar 5, 2017

Re: IGNITE-2741 - spring session design

2017-03-17 Thread Denis Magda 
Val, 

Will it be possible to incorporate the fix into the nearest 2.0 release?

—
Denis

> On Mar 17, 2017, at 11:43 AM, Rishi Yagnik  wrote:
> 
> Hi Val,
> 
> Hope you are well, any update on web session clustering.
> 
> Thanks,
> Rishi
> 
> On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik 
> wrote:
> 
>> Hi Val,
>> 
>> Thanks looking forward for the fix..
>> 
>> Take Care,
>> Rishi
>> 
>>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
>> valentin.kuliche...@gmail.com> wrote:
>>> 
>>> Hi Rishi,
>>> 
>>> I want to fix the bug first. It takes a bit longer than I thought, but I
>>> should finish it over the weekend.
>>> 
>>> -Val
>>> 
 On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik 
>> wrote:
 
 Hi Val,
 
 Did you chance to look into session handling issue ?
 
 Thanks,
 
 On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik 
 wrote:
 
> Hi Val,
> 
> Do you think I can test a fix in 1.9 RC releases ? How are you planning
 to
> release a fix ?
> 
> Did you also look into problem where storing xsrf token in Ignite
>> returns
> an exception and does not behave as expected ?
> 
> In SecurityConfig.java use HttpSessionCsrfTokenRepository with
>> following
> code -
> 
> .csrfTokenRepository(csrfTokenRepository())
> 
> private CsrfTokenRepository csrfTokenRepository() {
>   HttpSessionCsrfTokenRepository repository = new
 HttpSessionCsrfTokenRepository();
>   repository.setHeaderName("X-XSRF-TOKEN");
>   return repository;
> }
> 
> Thank you for all your help,
> 
> 
> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> valentin.kuliche...@gmail.com> wrote:
> 
>> Hi Rishi,
>> 
>> I got to the bottom of it. Basically, the session is replaced in
>> Spring
>> filter, but caching happens based on the old version which doesn't
>> have
>> security attributes. The fix is going to be very easy, I will do it
>> tomorrow.
>> 
>> -Val
>> 
>> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik 
>> wrote:
>> 
>>> Val,
>>> 
>>> Did you get chance to play around with the code ?
>>> 
>>> Thanks,
>>> 
>>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik 
>>> wrote:
>>> 
 Val,
 
 Adding a filter before csrf filter will invoke the custom ignite
>> filter.
 
 Declare a custom filter class extends it with websession filter
 
 public class CustomWebSessionFilter extends WebSessionFilter {
 
private static boolean igniteInitialize = false
 
 @Override public void doFilter(ServletRequest req, ServletResponse
>> res,
 FilterChain chain)
   throws IOException, ServletException {
   if(!igniteInitialize) {
   super.init(new FilterConfig() {
   @Override
   public String getFilterName() {
   return "CustomWebSessionFilter";
   }
 
   @Override
   public ServletContext getServletContext() {
   return req.getServletContext();
   }
 
   @Override
   public String getInitParameter(String name) {
   return null;
   }
 
   @Override
   public Enumeration getInitParameterNames() {
   return null;
   }
   });
   igniteInitialize = true;
   }
   super.doFilter(req,res,chain);
   }
 }
 
 And in SecurityConfig.java add following line to invoke filter
 before
 Ignite Web Session filter -
 
 .addFilterBefore(new ArWebSessionFilter(), CsrfFilter.class)
 
 Hope it helps..
 
 Thanks,
 
 On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
 valentin.kuliche...@gmail.com> wrote:
 
> Rishi,
> 
> Can you please share how you forced Ignite filter to be invoked
>> before
> security filter?
> 
> -Val
> 
> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik <
 rishiyag...@gmail.com
>>> 
> wrote:
> 
>> Hi Val,
>> 
>> Thanks for the response, we have executed ignite filter before
>> spring
>> security filter but somehow the ignite filter does not do the job
>> of
>> setting spring principle context.
>> 
>> As a result even though we have spring principle in session,
 spring

Re: IGNITE-2741 - spring session design

2017-03-17 Thread Rishi Yagnik 
Hi Val,

Hope you are well, any update on web session clustering.

Thanks,
Rishi

On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik 
wrote:

> Hi Val,
>
> Thanks looking forward for the fix..
>
> Take Care,
> Rishi
>
> > On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> valentin.kuliche...@gmail.com> wrote:
> >
> > Hi Rishi,
> >
> > I want to fix the bug first. It takes a bit longer than I thought, but I
> > should finish it over the weekend.
> >
> > -Val
> >
> >> On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik 
> wrote:
> >>
> >> Hi Val,
> >>
> >> Did you chance to look into session handling issue ?
> >>
> >> Thanks,
> >>
> >> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik 
> >> wrote:
> >>
> >>> Hi Val,
> >>>
> >>> Do you think I can test a fix in 1.9 RC releases ? How are you planning
> >> to
> >>> release a fix ?
> >>>
> >>> Did you also look into problem where storing xsrf token in Ignite
> returns
> >>> an exception and does not behave as expected ?
> >>>
> >>> In SecurityConfig.java use HttpSessionCsrfTokenRepository with
> following
> >>> code -
> >>>
> >>> .csrfTokenRepository(csrfTokenRepository())
> >>>
> >>> private CsrfTokenRepository csrfTokenRepository() {
> >>>HttpSessionCsrfTokenRepository repository = new
> >> HttpSessionCsrfTokenRepository();
> >>>repository.setHeaderName("X-XSRF-TOKEN");
> >>>return repository;
> >>> }
> >>>
> >>> Thank you for all your help,
> >>>
> >>>
> >>> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> >>> valentin.kuliche...@gmail.com> wrote:
> >>>
>  Hi Rishi,
> 
>  I got to the bottom of it. Basically, the session is replaced in
> Spring
>  filter, but caching happens based on the old version which doesn't
> have
>  security attributes. The fix is going to be very easy, I will do it
>  tomorrow.
> 
>  -Val
> 
>  On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik 
>  wrote:
> 
> > Val,
> >
> > Did you get chance to play around with the code ?
> >
> > Thanks,
> >
> > On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik 
> > wrote:
> >
> >> Val,
> >>
> >> Adding a filter before csrf filter will invoke the custom ignite
>  filter.
> >>
> >> Declare a custom filter class extends it with websession filter
> >>
> >> public class CustomWebSessionFilter extends WebSessionFilter {
> >>
> >> private static boolean igniteInitialize = false
> >>
> >> @Override public void doFilter(ServletRequest req, ServletResponse
>  res,
> >> FilterChain chain)
> >>throws IOException, ServletException {
> >>if(!igniteInitialize) {
> >>super.init(new FilterConfig() {
> >>@Override
> >>public String getFilterName() {
> >>return "CustomWebSessionFilter";
> >>}
> >>
> >>@Override
> >>public ServletContext getServletContext() {
> >>return req.getServletContext();
> >>}
> >>
> >>@Override
> >>public String getInitParameter(String name) {
> >>return null;
> >>}
> >>
> >>@Override
> >>public Enumeration getInitParameterNames() {
> >>return null;
> >>}
> >>});
> >>igniteInitialize = true;
> >>}
> >>super.doFilter(req,res,chain);
> >>}
> >> }
> >>
> >> And in SecurityConfig.java add following line to invoke filter
> >> before
> >> Ignite Web Session filter -
> >>
> >> .addFilterBefore(new ArWebSessionFilter(), CsrfFilter.class)
> >>
> >> Hope it helps..
> >>
> >> Thanks,
> >>
> >> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
> >> valentin.kuliche...@gmail.com> wrote:
> >>
> >>> Rishi,
> >>>
> >>> Can you please share how you forced Ignite filter to be invoked
>  before
> >>> security filter?
> >>>
> >>> -Val
> >>>
> >>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik <
> >> rishiyag...@gmail.com
> >
> >>> wrote:
> >>>
>  Hi Val,
> 
>  Thanks for the response, we have executed ignite filter before
>  spring
>  security filter but somehow the ignite filter does not do the job
>  of
>  setting spring principle context.
> 
>  As a result even though we have spring principle in session,
> >> spring
> >>> filter
>  does not recognize it and sends us back to log in page.
> 
>  I think there s some more work needed here to change the filter
> >> and
> > make
>  it work with spring boot

Re: IGNITE-2741 - spring session design

2017-03-11 Thread Rishi Yagnik 
Hi Val, 

Thanks looking forward for the fix..

Take Care,
Rishi

> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko 
>  wrote:
> 
> Hi Rishi,
> 
> I want to fix the bug first. It takes a bit longer than I thought, but I
> should finish it over the weekend.
> 
> -Val
> 
>> On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik  wrote:
>> 
>> Hi Val,
>> 
>> Did you chance to look into session handling issue ?
>> 
>> Thanks,
>> 
>> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik 
>> wrote:
>> 
>>> Hi Val,
>>> 
>>> Do you think I can test a fix in 1.9 RC releases ? How are you planning
>> to
>>> release a fix ?
>>> 
>>> Did you also look into problem where storing xsrf token in Ignite returns
>>> an exception and does not behave as expected ?
>>> 
>>> In SecurityConfig.java use HttpSessionCsrfTokenRepository with following
>>> code -
>>> 
>>> .csrfTokenRepository(csrfTokenRepository())
>>> 
>>> private CsrfTokenRepository csrfTokenRepository() {
>>>HttpSessionCsrfTokenRepository repository = new
>> HttpSessionCsrfTokenRepository();
>>>repository.setHeaderName("X-XSRF-TOKEN");
>>>return repository;
>>> }
>>> 
>>> Thank you for all your help,
>>> 
>>> 
>>> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
>>> valentin.kuliche...@gmail.com> wrote:
>>> 
 Hi Rishi,
 
 I got to the bottom of it. Basically, the session is replaced in Spring
 filter, but caching happens based on the old version which doesn't have
 security attributes. The fix is going to be very easy, I will do it
 tomorrow.
 
 -Val
 
 On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik 
 wrote:
 
> Val,
> 
> Did you get chance to play around with the code ?
> 
> Thanks,
> 
> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik 
> wrote:
> 
>> Val,
>> 
>> Adding a filter before csrf filter will invoke the custom ignite
 filter.
>> 
>> Declare a custom filter class extends it with websession filter
>> 
>> public class CustomWebSessionFilter extends WebSessionFilter {
>> 
>> private static boolean igniteInitialize = false
>> 
>> @Override public void doFilter(ServletRequest req, ServletResponse
 res,
>> FilterChain chain)
>>throws IOException, ServletException {
>>if(!igniteInitialize) {
>>super.init(new FilterConfig() {
>>@Override
>>public String getFilterName() {
>>return "CustomWebSessionFilter";
>>}
>> 
>>@Override
>>public ServletContext getServletContext() {
>>return req.getServletContext();
>>}
>> 
>>@Override
>>public String getInitParameter(String name) {
>>return null;
>>}
>> 
>>@Override
>>public Enumeration getInitParameterNames() {
>>return null;
>>}
>>});
>>igniteInitialize = true;
>>}
>>super.doFilter(req,res,chain);
>>}
>> }
>> 
>> And in SecurityConfig.java add following line to invoke filter
>> before
>> Ignite Web Session filter -
>> 
>> .addFilterBefore(new ArWebSessionFilter(), CsrfFilter.class)
>> 
>> Hope it helps..
>> 
>> Thanks,
>> 
>> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
>> valentin.kuliche...@gmail.com> wrote:
>> 
>>> Rishi,
>>> 
>>> Can you please share how you forced Ignite filter to be invoked
 before
>>> security filter?
>>> 
>>> -Val
>>> 
>>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik <
>> rishiyag...@gmail.com
> 
>>> wrote:
>>> 
 Hi Val,
 
 Thanks for the response, we have executed ignite filter before
 spring
 security filter but somehow the ignite filter does not do the job
 of
 setting spring principle context.
 
 As a result even though we have spring principle in session,
>> spring
>>> filter
 does not recognize it and sends us back to log in page.
 
 I think there s some more work needed here to change the filter
>> and
> make
 it work with spring boot application.
 
 Take Care,
 Rishi
 
> On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
 valentin.kuliche...@gmail.com> wrote:
> 
> Hi Rishi,
> 
> I did some debugging. Apparently, the reason for this behavior
>> is
> that
> Spring Security filter resides before Ignite's filter in the
 chain
>>> list.
 I
> think that

Re: IGNITE-2741 - spring session design

2017-03-11 Thread Valentin Kulichenko 
Hi Rishi,

I want to fix the bug first. It takes a bit longer than I thought, but I
should finish it over the weekend.

-Val

On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik  wrote:

> Hi Val,
>
> Did you chance to look into session handling issue ?
>
> Thanks,
>
> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik 
> wrote:
>
> > Hi Val,
> >
> > Do you think I can test a fix in 1.9 RC releases ? How are you planning
> to
> > release a fix ?
> >
> > Did you also look into problem where storing xsrf token in Ignite returns
> > an exception and does not behave as expected ?
> >
> > In SecurityConfig.java use HttpSessionCsrfTokenRepository with following
> > code -
> >
> > .csrfTokenRepository(csrfTokenRepository())
> >
> > private CsrfTokenRepository csrfTokenRepository() {
> > HttpSessionCsrfTokenRepository repository = new
> HttpSessionCsrfTokenRepository();
> > repository.setHeaderName("X-XSRF-TOKEN");
> > return repository;
> > }
> >
> > Thank you for all your help,
> >
> >
> > On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> > valentin.kuliche...@gmail.com> wrote:
> >
> >> Hi Rishi,
> >>
> >> I got to the bottom of it. Basically, the session is replaced in Spring
> >> filter, but caching happens based on the old version which doesn't have
> >> security attributes. The fix is going to be very easy, I will do it
> >> tomorrow.
> >>
> >> -Val
> >>
> >> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik 
> >> wrote:
> >>
> >> > Val,
> >> >
> >> > Did you get chance to play around with the code ?
> >> >
> >> > Thanks,
> >> >
> >> > On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik 
> >> > wrote:
> >> >
> >> > > Val,
> >> > >
> >> > > Adding a filter before csrf filter will invoke the custom ignite
> >> filter.
> >> > >
> >> > > Declare a custom filter class extends it with websession filter
> >> > >
> >> > > public class CustomWebSessionFilter extends WebSessionFilter {
> >> > >
> >> > >  private static boolean igniteInitialize = false
> >> > >
> >> > > @Override public void doFilter(ServletRequest req, ServletResponse
> >> res,
> >> > > FilterChain chain)
> >> > > throws IOException, ServletException {
> >> > > if(!igniteInitialize) {
> >> > > super.init(new FilterConfig() {
> >> > > @Override
> >> > > public String getFilterName() {
> >> > > return "CustomWebSessionFilter";
> >> > > }
> >> > >
> >> > > @Override
> >> > > public ServletContext getServletContext() {
> >> > > return req.getServletContext();
> >> > > }
> >> > >
> >> > > @Override
> >> > > public String getInitParameter(String name) {
> >> > > return null;
> >> > > }
> >> > >
> >> > > @Override
> >> > > public Enumeration getInitParameterNames() {
> >> > > return null;
> >> > > }
> >> > > });
> >> > > igniteInitialize = true;
> >> > > }
> >> > > super.doFilter(req,res,chain);
> >> > > }
> >> > > }
> >> > >
> >> > > And in SecurityConfig.java add following line to invoke filter
> before
> >> > > Ignite Web Session filter -
> >> > >
> >> > >  .addFilterBefore(new ArWebSessionFilter(), CsrfFilter.class)
> >> > >
> >> > > Hope it helps..
> >> > >
> >> > > Thanks,
> >> > >
> >> > > On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
> >> > > valentin.kuliche...@gmail.com> wrote:
> >> > >
> >> > >> Rishi,
> >> > >>
> >> > >> Can you please share how you forced Ignite filter to be invoked
> >> before
> >> > >> security filter?
> >> > >>
> >> > >> -Val
> >> > >>
> >> > >> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik <
> rishiyag...@gmail.com
> >> >
> >> > >> wrote:
> >> > >>
> >> > >> > Hi Val,
> >> > >> >
> >> > >> > Thanks for the response, we have executed ignite filter before
> >> spring
> >> > >> > security filter but somehow the ignite filter does not do the job
> >> of
> >> > >> > setting spring principle context.
> >> > >> >
> >> > >> > As a result even though we have spring principle in session,
> spring
> >> > >> filter
> >> > >> > does not recognize it and sends us back to log in page.
> >> > >> >
> >> > >> > I think there s some more work needed here to change the filter
> and
> >> > make
> >> > >> > it work with spring boot application.
> >> > >> >
> >> > >> > Take Care,
> >> > >> > Rishi
> >> > >> >
> >> > >> > > On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
> >> > >> > valentin.kuliche...@gmail.com> wrote:
> >> > >> > >
> >> > >> > > Hi Rishi,
> >> > >> > >
> >> > >> > > I did some debugging. Apparently, the reason for this behavior
> is
> >> > that
> >> > >> > > Spring Security filter resides before Ignite's filter in the
> >> chain
> >> > >> list.
> >> > >> > I
> >> > >> > > think that

Re: IGNITE-2741 - spring session design

2017-03-06 Thread Rishi Yagnik 
Hi Val,

Do you think I can test a fix in 1.9 RC releases ? How are you planning to
release a fix ?

Did you also look into problem where storing xsrf token in Ignite returns
an exception and does not behave as expected ?

In SecurityConfig.java use HttpSessionCsrfTokenRepository with following
code -

.csrfTokenRepository(csrfTokenRepository())

private CsrfTokenRepository csrfTokenRepository() {
HttpSessionCsrfTokenRepository repository = new
HttpSessionCsrfTokenRepository();
repository.setHeaderName("X-XSRF-TOKEN");
return repository;
}

Thank you for all your help,


On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
valentin.kuliche...@gmail.com> wrote:

> Hi Rishi,
>
> I got to the bottom of it. Basically, the session is replaced in Spring
> filter, but caching happens based on the old version which doesn't have
> security attributes. The fix is going to be very easy, I will do it
> tomorrow.
>
> -Val
>
> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik 
> wrote:
>
> > Val,
> >
> > Did you get chance to play around with the code ?
> >
> > Thanks,
> >
> > On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik 
> > wrote:
> >
> > > Val,
> > >
> > > Adding a filter before csrf filter will invoke the custom ignite
> filter.
> > >
> > > Declare a custom filter class extends it with websession filter
> > >
> > > public class CustomWebSessionFilter extends WebSessionFilter {
> > >
> > >  private static boolean igniteInitialize = false
> > >
> > > @Override public void doFilter(ServletRequest req, ServletResponse res,
> > > FilterChain chain)
> > > throws IOException, ServletException {
> > > if(!igniteInitialize) {
> > > super.init(new FilterConfig() {
> > > @Override
> > > public String getFilterName() {
> > > return "CustomWebSessionFilter";
> > > }
> > >
> > > @Override
> > > public ServletContext getServletContext() {
> > > return req.getServletContext();
> > > }
> > >
> > > @Override
> > > public String getInitParameter(String name) {
> > > return null;
> > > }
> > >
> > > @Override
> > > public Enumeration getInitParameterNames() {
> > > return null;
> > > }
> > > });
> > > igniteInitialize = true;
> > > }
> > > super.doFilter(req,res,chain);
> > > }
> > > }
> > >
> > > And in SecurityConfig.java add following line to invoke filter before
> > > Ignite Web Session filter -
> > >
> > >  .addFilterBefore(new ArWebSessionFilter(), CsrfFilter.class)
> > >
> > > Hope it helps..
> > >
> > > Thanks,
> > >
> > > On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
> > > valentin.kuliche...@gmail.com> wrote:
> > >
> > >> Rishi,
> > >>
> > >> Can you please share how you forced Ignite filter to be invoked before
> > >> security filter?
> > >>
> > >> -Val
> > >>
> > >> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik 
> > >> wrote:
> > >>
> > >> > Hi Val,
> > >> >
> > >> > Thanks for the response, we have executed ignite filter before
> spring
> > >> > security filter but somehow the ignite filter does not do the job of
> > >> > setting spring principle context.
> > >> >
> > >> > As a result even though we have spring principle in session, spring
> > >> filter
> > >> > does not recognize it and sends us back to log in page.
> > >> >
> > >> > I think there s some more work needed here to change the filter and
> > make
> > >> > it work with spring boot application.
> > >> >
> > >> > Take Care,
> > >> > Rishi
> > >> >
> > >> > > On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
> > >> > valentin.kuliche...@gmail.com> wrote:
> > >> > >
> > >> > > Hi Rishi,
> > >> > >
> > >> > > I did some debugging. Apparently, the reason for this behavior is
> > that
> > >> > > Spring Security filter resides before Ignite's filter in the chain
> > >> list.
> > >> > I
> > >> > > think that eventually this should be fixed in the product, but in
> > the
> > >> > > meantime there must be a way to work around the problem by
> > controlling
> > >> > the
> > >> > > order. Do you know how this can be done in Spring Boot?
> > >> > >
> > >> > > -Val
> > >> > >
> > >> > >> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik <
> > rishiyag...@gmail.com
> > >> >
> > >> > wrote:
> > >> > >>
> > >> > >> Hi Val,
> > >> > >>
> > >> > >> Sorry for pestering, thanks for all your help.
> > >> > >>
> > >> > >> Rishi
> > >> > >>
> > >> > >> On Mon, Feb 27, 2017 at 7:22 PM, Valentin Kulichenko <
> > >> > >> valentin.kuliche...@gmail.com> wrote:
> > >> > >>
> > >> > >>> Hi Rishi,
> > >> > >>>
> > >> > >>> Sorry, not yet. But this on my short list of TODOs, will try to
> > >> give an
> > >> > >>> update as soon as possible.
> > >> > >>>
> > >> >

Re: IGNITE-2741 - spring session design

2017-03-06 Thread Valentin Kulichenko 
Hi Rishi,

I got to the bottom of it. Basically, the session is replaced in Spring
filter, but caching happens based on the old version which doesn't have
security attributes. The fix is going to be very easy, I will do it
tomorrow.

-Val

On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik  wrote:

> Val,
>
> Did you get chance to play around with the code ?
>
> Thanks,
>
> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik 
> wrote:
>
> > Val,
> >
> > Adding a filter before csrf filter will invoke the custom ignite filter.
> >
> > Declare a custom filter class extends it with websession filter
> >
> > public class CustomWebSessionFilter extends WebSessionFilter {
> >
> >  private static boolean igniteInitialize = false
> >
> > @Override public void doFilter(ServletRequest req, ServletResponse res,
> > FilterChain chain)
> > throws IOException, ServletException {
> > if(!igniteInitialize) {
> > super.init(new FilterConfig() {
> > @Override
> > public String getFilterName() {
> > return "CustomWebSessionFilter";
> > }
> >
> > @Override
> > public ServletContext getServletContext() {
> > return req.getServletContext();
> > }
> >
> > @Override
> > public String getInitParameter(String name) {
> > return null;
> > }
> >
> > @Override
> > public Enumeration getInitParameterNames() {
> > return null;
> > }
> > });
> > igniteInitialize = true;
> > }
> > super.doFilter(req,res,chain);
> > }
> > }
> >
> > And in SecurityConfig.java add following line to invoke filter before
> > Ignite Web Session filter -
> >
> >  .addFilterBefore(new ArWebSessionFilter(), CsrfFilter.class)
> >
> > Hope it helps..
> >
> > Thanks,
> >
> > On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
> > valentin.kuliche...@gmail.com> wrote:
> >
> >> Rishi,
> >>
> >> Can you please share how you forced Ignite filter to be invoked before
> >> security filter?
> >>
> >> -Val
> >>
> >> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik 
> >> wrote:
> >>
> >> > Hi Val,
> >> >
> >> > Thanks for the response, we have executed ignite filter before spring
> >> > security filter but somehow the ignite filter does not do the job of
> >> > setting spring principle context.
> >> >
> >> > As a result even though we have spring principle in session, spring
> >> filter
> >> > does not recognize it and sends us back to log in page.
> >> >
> >> > I think there s some more work needed here to change the filter and
> make
> >> > it work with spring boot application.
> >> >
> >> > Take Care,
> >> > Rishi
> >> >
> >> > > On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
> >> > valentin.kuliche...@gmail.com> wrote:
> >> > >
> >> > > Hi Rishi,
> >> > >
> >> > > I did some debugging. Apparently, the reason for this behavior is
> that
> >> > > Spring Security filter resides before Ignite's filter in the chain
> >> list.
> >> > I
> >> > > think that eventually this should be fixed in the product, but in
> the
> >> > > meantime there must be a way to work around the problem by
> controlling
> >> > the
> >> > > order. Do you know how this can be done in Spring Boot?
> >> > >
> >> > > -Val
> >> > >
> >> > >> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik <
> rishiyag...@gmail.com
> >> >
> >> > wrote:
> >> > >>
> >> > >> Hi Val,
> >> > >>
> >> > >> Sorry for pestering, thanks for all your help.
> >> > >>
> >> > >> Rishi
> >> > >>
> >> > >> On Mon, Feb 27, 2017 at 7:22 PM, Valentin Kulichenko <
> >> > >> valentin.kuliche...@gmail.com> wrote:
> >> > >>
> >> > >>> Hi Rishi,
> >> > >>>
> >> > >>> Sorry, not yet. But this on my short list of TODOs, will try to
> >> give an
> >> > >>> update as soon as possible.
> >> > >>>
> >> > >>> -Val
> >> > >>>
> >> > >>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik <
> >> rishiyag...@gmail.com>
> >> > >>> wrote:
> >> > >>>
> >> >  Hi Val,
> >> > 
> >> >  any update on session replication issue ?
> >> > 
> >> >  Thanks,
> >> >  Rishi
> >> > 
> >> >  On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik <
> >> rishiyag...@gmail.com>
> >> >  wrote:
> >> > 
> >> > > Thanks Val for looking into it.
> >> > >
> >> > > On Wed, Feb 22, 2017 at 9:32 PM, Valentin Kulichenko <
> >> > > valentin.kuliche...@gmail.com> wrote:
> >> > >
> >> > >> Hi Rishi,
> >> > >>
> >> > >> Got it, I think I'm reproducing the issue. I'll take a look and
> >> let
> >> > >>> you
> >> > >> know my findings soon.
> >> > >>
> >> > >> -Val
> >> > >>
> >> > >> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <
> >> > >> rishiyag...@gmail.com>
> >> > >> wrote:
> >> > >>
> >> > >>> Hi

Re: IGNITE-2741 - spring session design

2017-03-06 Thread Rishi Yagnik 
Val,

Did you get chance to play around with the code ?

Thanks,

On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik  wrote:

> Val,
>
> Adding a filter before csrf filter will invoke the custom ignite filter.
>
> Declare a custom filter class extends it with websession filter
>
> public class CustomWebSessionFilter extends WebSessionFilter {
>
>  private static boolean igniteInitialize = false
>
> @Override public void doFilter(ServletRequest req, ServletResponse res,
> FilterChain chain)
> throws IOException, ServletException {
> if(!igniteInitialize) {
> super.init(new FilterConfig() {
> @Override
> public String getFilterName() {
> return "CustomWebSessionFilter";
> }
>
> @Override
> public ServletContext getServletContext() {
> return req.getServletContext();
> }
>
> @Override
> public String getInitParameter(String name) {
> return null;
> }
>
> @Override
> public Enumeration getInitParameterNames() {
> return null;
> }
> });
> igniteInitialize = true;
> }
> super.doFilter(req,res,chain);
> }
> }
>
> And in SecurityConfig.java add following line to invoke filter before
> Ignite Web Session filter -
>
>  .addFilterBefore(new ArWebSessionFilter(), CsrfFilter.class)
>
> Hope it helps..
>
> Thanks,
>
> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
> valentin.kuliche...@gmail.com> wrote:
>
>> Rishi,
>>
>> Can you please share how you forced Ignite filter to be invoked before
>> security filter?
>>
>> -Val
>>
>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik 
>> wrote:
>>
>> > Hi Val,
>> >
>> > Thanks for the response, we have executed ignite filter before spring
>> > security filter but somehow the ignite filter does not do the job of
>> > setting spring principle context.
>> >
>> > As a result even though we have spring principle in session, spring
>> filter
>> > does not recognize it and sends us back to log in page.
>> >
>> > I think there s some more work needed here to change the filter and make
>> > it work with spring boot application.
>> >
>> > Take Care,
>> > Rishi
>> >
>> > > On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
>> > valentin.kuliche...@gmail.com> wrote:
>> > >
>> > > Hi Rishi,
>> > >
>> > > I did some debugging. Apparently, the reason for this behavior is that
>> > > Spring Security filter resides before Ignite's filter in the chain
>> list.
>> > I
>> > > think that eventually this should be fixed in the product, but in the
>> > > meantime there must be a way to work around the problem by controlling
>> > the
>> > > order. Do you know how this can be done in Spring Boot?
>> > >
>> > > -Val
>> > >
>> > >> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik > >
>> > wrote:
>> > >>
>> > >> Hi Val,
>> > >>
>> > >> Sorry for pestering, thanks for all your help.
>> > >>
>> > >> Rishi
>> > >>
>> > >> On Mon, Feb 27, 2017 at 7:22 PM, Valentin Kulichenko <
>> > >> valentin.kuliche...@gmail.com> wrote:
>> > >>
>> > >>> Hi Rishi,
>> > >>>
>> > >>> Sorry, not yet. But this on my short list of TODOs, will try to
>> give an
>> > >>> update as soon as possible.
>> > >>>
>> > >>> -Val
>> > >>>
>> > >>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik <
>> rishiyag...@gmail.com>
>> > >>> wrote:
>> > >>>
>> >  Hi Val,
>> > 
>> >  any update on session replication issue ?
>> > 
>> >  Thanks,
>> >  Rishi
>> > 
>> >  On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik <
>> rishiyag...@gmail.com>
>> >  wrote:
>> > 
>> > > Thanks Val for looking into it.
>> > >
>> > > On Wed, Feb 22, 2017 at 9:32 PM, Valentin Kulichenko <
>> > > valentin.kuliche...@gmail.com> wrote:
>> > >
>> > >> Hi Rishi,
>> > >>
>> > >> Got it, I think I'm reproducing the issue. I'll take a look and
>> let
>> > >>> you
>> > >> know my findings soon.
>> > >>
>> > >> -Val
>> > >>
>> > >> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <
>> > >> rishiyag...@gmail.com>
>> > >> wrote:
>> > >>
>> > >>> Hi Val,
>> > >>>
>> > >>> The issue will occur in cluster environment, please setup the
>> > >> spring
>> > >> boot
>> > >>> on 2 different host with LB (F5 OR Reverse proxy) in front and
>> try
>> > >>> to
>> > >>> login.
>> > >>>
>> > >>> In cluster environment, Spring security does not recognize the
>> > >>> session
>> > >> on
>> > >>> the host you are not logged in, as a result, spring security
>> will
>> > >> redirect
>> > >>> to login url however the correct behavior should be that user
>> > >> would
>> >  stay
>> > >>> logged in with session replication.
>> > >>>
>> >

Re: IGNITE-2741 - spring session design

2017-03-05 Thread Rishi Yagnik 
Val,

Adding a filter before csrf filter will invoke the custom ignite filter.

Declare a custom filter class extends it with websession filter

public class CustomWebSessionFilter extends WebSessionFilter {

 private static boolean igniteInitialize = false

@Override public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain)
throws IOException, ServletException {
if(!igniteInitialize) {
super.init(new FilterConfig() {
@Override
public String getFilterName() {
return "CustomWebSessionFilter";
}

@Override
public ServletContext getServletContext() {
return req.getServletContext();
}

@Override
public String getInitParameter(String name) {
return null;
}

@Override
public Enumeration getInitParameterNames() {
return null;
}
});
igniteInitialize = true;
}
super.doFilter(req,res,chain);
}
}

And in SecurityConfig.java add following line to invoke filter before
Ignite Web Session filter -

 .addFilterBefore(new ArWebSessionFilter(), CsrfFilter.class)

Hope it helps..

Thanks,

On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
valentin.kuliche...@gmail.com> wrote:

> Rishi,
>
> Can you please share how you forced Ignite filter to be invoked before
> security filter?
>
> -Val
>
> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik 
> wrote:
>
> > Hi Val,
> >
> > Thanks for the response, we have executed ignite filter before spring
> > security filter but somehow the ignite filter does not do the job of
> > setting spring principle context.
> >
> > As a result even though we have spring principle in session, spring
> filter
> > does not recognize it and sends us back to log in page.
> >
> > I think there s some more work needed here to change the filter and make
> > it work with spring boot application.
> >
> > Take Care,
> > Rishi
> >
> > > On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
> > valentin.kuliche...@gmail.com> wrote:
> > >
> > > Hi Rishi,
> > >
> > > I did some debugging. Apparently, the reason for this behavior is that
> > > Spring Security filter resides before Ignite's filter in the chain
> list.
> > I
> > > think that eventually this should be fixed in the product, but in the
> > > meantime there must be a way to work around the problem by controlling
> > the
> > > order. Do you know how this can be done in Spring Boot?
> > >
> > > -Val
> > >
> > >> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik 
> > wrote:
> > >>
> > >> Hi Val,
> > >>
> > >> Sorry for pestering, thanks for all your help.
> > >>
> > >> Rishi
> > >>
> > >> On Mon, Feb 27, 2017 at 7:22 PM, Valentin Kulichenko <
> > >> valentin.kuliche...@gmail.com> wrote:
> > >>
> > >>> Hi Rishi,
> > >>>
> > >>> Sorry, not yet. But this on my short list of TODOs, will try to give
> an
> > >>> update as soon as possible.
> > >>>
> > >>> -Val
> > >>>
> > >>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik  >
> > >>> wrote:
> > >>>
> >  Hi Val,
> > 
> >  any update on session replication issue ?
> > 
> >  Thanks,
> >  Rishi
> > 
> >  On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik <
> rishiyag...@gmail.com>
> >  wrote:
> > 
> > > Thanks Val for looking into it.
> > >
> > > On Wed, Feb 22, 2017 at 9:32 PM, Valentin Kulichenko <
> > > valentin.kuliche...@gmail.com> wrote:
> > >
> > >> Hi Rishi,
> > >>
> > >> Got it, I think I'm reproducing the issue. I'll take a look and
> let
> > >>> you
> > >> know my findings soon.
> > >>
> > >> -Val
> > >>
> > >> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <
> > >> rishiyag...@gmail.com>
> > >> wrote:
> > >>
> > >>> Hi Val,
> > >>>
> > >>> The issue will occur in cluster environment, please setup the
> > >> spring
> > >> boot
> > >>> on 2 different host with LB (F5 OR Reverse proxy) in front and
> try
> > >>> to
> > >>> login.
> > >>>
> > >>> In cluster environment, Spring security does not recognize the
> > >>> session
> > >> on
> > >>> the host you are not logged in, as a result, spring security will
> > >> redirect
> > >>> to login url however the correct behavior should be that user
> > >> would
> >  stay
> > >>> logged in with session replication.
> > >>>
> > >>> Do let me know if you need more information.
> > >>>
> > >>> Thanks,
> > >>> Rishi
> > >>>
> > >>>
> > >>>
> > >>> On Tue, Feb 21, 2017 at 7:08 PM, Valentin Kulichenko <
> > >>> valentin.kuliche...@gmail.com> wrote:
> > >>>
> >  Hi Rishi,
> > 
> >  I was able to build and run the application.

Re: IGNITE-2741 - spring session design

2017-03-05 Thread Valentin Kulichenko 
Rishi,

Can you please share how you forced Ignite filter to be invoked before
security filter?

-Val

On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik  wrote:

> Hi Val,
>
> Thanks for the response, we have executed ignite filter before spring
> security filter but somehow the ignite filter does not do the job of
> setting spring principle context.
>
> As a result even though we have spring principle in session, spring filter
> does not recognize it and sends us back to log in page.
>
> I think there s some more work needed here to change the filter and make
> it work with spring boot application.
>
> Take Care,
> Rishi
>
> > On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
> valentin.kuliche...@gmail.com> wrote:
> >
> > Hi Rishi,
> >
> > I did some debugging. Apparently, the reason for this behavior is that
> > Spring Security filter resides before Ignite's filter in the chain list.
> I
> > think that eventually this should be fixed in the product, but in the
> > meantime there must be a way to work around the problem by controlling
> the
> > order. Do you know how this can be done in Spring Boot?
> >
> > -Val
> >
> >> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik 
> wrote:
> >>
> >> Hi Val,
> >>
> >> Sorry for pestering, thanks for all your help.
> >>
> >> Rishi
> >>
> >> On Mon, Feb 27, 2017 at 7:22 PM, Valentin Kulichenko <
> >> valentin.kuliche...@gmail.com> wrote:
> >>
> >>> Hi Rishi,
> >>>
> >>> Sorry, not yet. But this on my short list of TODOs, will try to give an
> >>> update as soon as possible.
> >>>
> >>> -Val
> >>>
> >>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik 
> >>> wrote:
> >>>
>  Hi Val,
> 
>  any update on session replication issue ?
> 
>  Thanks,
>  Rishi
> 
>  On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik 
>  wrote:
> 
> > Thanks Val for looking into it.
> >
> > On Wed, Feb 22, 2017 at 9:32 PM, Valentin Kulichenko <
> > valentin.kuliche...@gmail.com> wrote:
> >
> >> Hi Rishi,
> >>
> >> Got it, I think I'm reproducing the issue. I'll take a look and let
> >>> you
> >> know my findings soon.
> >>
> >> -Val
> >>
> >> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <
> >> rishiyag...@gmail.com>
> >> wrote:
> >>
> >>> Hi Val,
> >>>
> >>> The issue will occur in cluster environment, please setup the
> >> spring
> >> boot
> >>> on 2 different host with LB (F5 OR Reverse proxy) in front and try
> >>> to
> >>> login.
> >>>
> >>> In cluster environment, Spring security does not recognize the
> >>> session
> >> on
> >>> the host you are not logged in, as a result, spring security will
> >> redirect
> >>> to login url however the correct behavior should be that user
> >> would
>  stay
> >>> logged in with session replication.
> >>>
> >>> Do let me know if you need more information.
> >>>
> >>> Thanks,
> >>> Rishi
> >>>
> >>>
> >>>
> >>> On Tue, Feb 21, 2017 at 7:08 PM, Valentin Kulichenko <
> >>> valentin.kuliche...@gmail.com> wrote:
> >>>
>  Hi Rishi,
> 
>  I was able to build and run the application. Can you give some
> >>> description
>  on what should I test to understand the issue? What exactly
> >> didn't
> >> work
> >>> for
>  you?
> 
>  -Val
> 
>  On Wed, Feb 15, 2017 at 10:52 AM, Valentin Kulichenko <
>  valentin.kuliche...@gmail.com> wrote:
> 
> > Hi Rishi,
> >
> > Thanks, I'll take a look.
> >
> > -Val
> >
> > On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik <
> >> rishiyag...@gmail.com>
> > wrote:
> >
> >> Hi Val,
> >>
> >> As promised, please find attached code for spring boot
>  integration
> >>> with
> >> spring security along with Ignite.
> >>
> >> Some more information on project -
> >>
> >>   - It is a maven project ( Ignite 1.7.0, SB 1.4.3 )
> >>   - spring security integrated with boot project along with
>  ignite
> >>   - HttpSessionCookieCsrfTokenRepository does not work,
> >> gives
> >>   intermediate errors on single instance so used
>  CookieCsrfTokenRepository
> >>   for CSRF token, again I think we need a fix here from
> >>> Ignite.
> >>
> >> I cant reproduce this errors while I am running on single
>  instance,
> >>> you
> >> need to run this app on 2 spring boot instance having proxy
> >> in
> >> front (
>  F5,
> >> OR any proxy ) with round robin fashion ( no sticky session
> >> on
> >>> F5
> >> OR
> >> proxies ).
> >>
> >> We were thinking with round robin the user session will
> >> active
> >> since
> >>>

Re: IGNITE-2741 - spring session design

2017-02-28 Thread Rishi Yagnik 
Hi Val,

Sorry for pestering, thanks for all your help.

Rishi

On Mon, Feb 27, 2017 at 7:22 PM, Valentin Kulichenko <
valentin.kuliche...@gmail.com> wrote:

> Hi Rishi,
>
> Sorry, not yet. But this on my short list of TODOs, will try to give an
> update as soon as possible.
>
> -Val
>
> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik 
> wrote:
>
> > Hi Val,
> >
> > any update on session replication issue ?
> >
> > Thanks,
> > Rishi
> >
> > On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik 
> > wrote:
> >
> > > Thanks Val for looking into it.
> > >
> > > On Wed, Feb 22, 2017 at 9:32 PM, Valentin Kulichenko <
> > > valentin.kuliche...@gmail.com> wrote:
> > >
> > >> Hi Rishi,
> > >>
> > >> Got it, I think I'm reproducing the issue. I'll take a look and let
> you
> > >> know my findings soon.
> > >>
> > >> -Val
> > >>
> > >> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik 
> > >> wrote:
> > >>
> > >> > Hi Val,
> > >> >
> > >> > The issue will occur in cluster environment, please setup the spring
> > >> boot
> > >> > on 2 different host with LB (F5 OR Reverse proxy) in front and try
> to
> > >> > login.
> > >> >
> > >> > In cluster environment, Spring security does not recognize the
> session
> > >> on
> > >> > the host you are not logged in, as a result, spring security will
> > >> redirect
> > >> > to login url however the correct behavior should be that user would
> > stay
> > >> > logged in with session replication.
> > >> >
> > >> > Do let me know if you need more information.
> > >> >
> > >> > Thanks,
> > >> > Rishi
> > >> >
> > >> >
> > >> >
> > >> > On Tue, Feb 21, 2017 at 7:08 PM, Valentin Kulichenko <
> > >> > valentin.kuliche...@gmail.com> wrote:
> > >> >
> > >> > > Hi Rishi,
> > >> > >
> > >> > > I was able to build and run the application. Can you give some
> > >> > description
> > >> > > on what should I test to understand the issue? What exactly didn't
> > >> work
> > >> > for
> > >> > > you?
> > >> > >
> > >> > > -Val
> > >> > >
> > >> > > On Wed, Feb 15, 2017 at 10:52 AM, Valentin Kulichenko <
> > >> > > valentin.kuliche...@gmail.com> wrote:
> > >> > >
> > >> > > > Hi Rishi,
> > >> > > >
> > >> > > > Thanks, I'll take a look.
> > >> > > >
> > >> > > > -Val
> > >> > > >
> > >> > > > On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik <
> > >> rishiyag...@gmail.com>
> > >> > > > wrote:
> > >> > > >
> > >> > > >> Hi Val,
> > >> > > >>
> > >> > > >> As promised, please find attached code for spring boot
> > integration
> > >> > with
> > >> > > >> spring security along with Ignite.
> > >> > > >>
> > >> > > >> Some more information on project -
> > >> > > >>
> > >> > > >>- It is a maven project ( Ignite 1.7.0, SB 1.4.3 )
> > >> > > >>- spring security integrated with boot project along with
> > ignite
> > >> > > >>- HttpSessionCookieCsrfTokenRepository does not work, gives
> > >> > > >>intermediate errors on single instance so used
> > >> > > CookieCsrfTokenRepository
> > >> > > >>for CSRF token, again I think we need a fix here from
> Ignite.
> > >> > > >>
> > >> > > >> I cant reproduce this errors while I am running on single
> > instance,
> > >> > you
> > >> > > >> need to run this app on 2 spring boot instance having proxy in
> > >> front (
> > >> > > F5,
> > >> > > >> OR any proxy ) with round robin fashion ( no sticky session on
> F5
> > >> OR
> > >> > > >> proxies ).
> > >> > > >>
> > >> > > >> We were thinking with round robin the user session will active
> > >> since
> > >> > we
> > >> > > >> used session replication on backend.
> > >> > > >>
> > >> > > >> Do let me know if you need more information here.
> > >> > > >>
> > >> > > >> Thanks,
> > >> > > >>
> > >> > > >> Rishi
> > >> > > >>
> > >> > > >>
> > >> > > >>
> > >> > > >>
> > >> > > >> On Tue, Feb 14, 2017 at 9:57 PM, Rishi Yagnik <
> > >> rishiyag...@gmail.com>
> > >> > > >> wrote:
> > >> > > >>
> > >> > > >>> Val,
> > >> > > >>>
> > >> > > >>> My SB sample project is ready however I have asked for an
> > >> approval to
> > >> > > >>> submit sample project to you, it would take day or two.
> > >> > > >>>
> > >> > > >>> I will keep you posted.
> > >> > > >>>
> > >> > > >>> Thanks for all your help,
> > >> > > >>>
> > >> > > >>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi Yagnik <
> > >> rishiyag...@gmail.com
> > >> > >
> > >> > > >>> wrote:
> > >> > > >>>
> > >> > >  Let me build an example app for you and send it across to
> you.
> > >> > > 
> > >> > >  Thanks,
> > >> > > 
> > >> > >  On Tue, Feb 14, 2017 at 3:28 PM, Valentin Kulichenko <
> > >> > >  valentin.kuliche...@gmail.com> wrote:
> > >> > > 
> > >> > > > Rishi,
> > >> > > >
> > >> > > > No I don't, and I think that's what we should start with. I
> > >> want to
> > >> > > > understand a use case that is currently not supported (if
> any)
> > >> and
> > >> > > then
> > >> > > > find the best solution. And I would like to reuse existing
> > code
> > >> as
> >

Re: IGNITE-2741 - spring session design

2017-02-27 Thread Rishi Yagnik 
Hi Val,

any update on session replication issue ?

Thanks,
Rishi

On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik  wrote:

> Thanks Val for looking into it.
>
> On Wed, Feb 22, 2017 at 9:32 PM, Valentin Kulichenko <
> valentin.kuliche...@gmail.com> wrote:
>
>> Hi Rishi,
>>
>> Got it, I think I'm reproducing the issue. I'll take a look and let you
>> know my findings soon.
>>
>> -Val
>>
>> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik 
>> wrote:
>>
>> > Hi Val,
>> >
>> > The issue will occur in cluster environment, please setup the spring
>> boot
>> > on 2 different host with LB (F5 OR Reverse proxy) in front and try to
>> > login.
>> >
>> > In cluster environment, Spring security does not recognize the session
>> on
>> > the host you are not logged in, as a result, spring security will
>> redirect
>> > to login url however the correct behavior should be that user would stay
>> > logged in with session replication.
>> >
>> > Do let me know if you need more information.
>> >
>> > Thanks,
>> > Rishi
>> >
>> >
>> >
>> > On Tue, Feb 21, 2017 at 7:08 PM, Valentin Kulichenko <
>> > valentin.kuliche...@gmail.com> wrote:
>> >
>> > > Hi Rishi,
>> > >
>> > > I was able to build and run the application. Can you give some
>> > description
>> > > on what should I test to understand the issue? What exactly didn't
>> work
>> > for
>> > > you?
>> > >
>> > > -Val
>> > >
>> > > On Wed, Feb 15, 2017 at 10:52 AM, Valentin Kulichenko <
>> > > valentin.kuliche...@gmail.com> wrote:
>> > >
>> > > > Hi Rishi,
>> > > >
>> > > > Thanks, I'll take a look.
>> > > >
>> > > > -Val
>> > > >
>> > > > On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik <
>> rishiyag...@gmail.com>
>> > > > wrote:
>> > > >
>> > > >> Hi Val,
>> > > >>
>> > > >> As promised, please find attached code for spring boot integration
>> > with
>> > > >> spring security along with Ignite.
>> > > >>
>> > > >> Some more information on project -
>> > > >>
>> > > >>- It is a maven project ( Ignite 1.7.0, SB 1.4.3 )
>> > > >>- spring security integrated with boot project along with ignite
>> > > >>- HttpSessionCookieCsrfTokenRepository does not work, gives
>> > > >>intermediate errors on single instance so used
>> > > CookieCsrfTokenRepository
>> > > >>for CSRF token, again I think we need a fix here from Ignite.
>> > > >>
>> > > >> I cant reproduce this errors while I am running on single instance,
>> > you
>> > > >> need to run this app on 2 spring boot instance having proxy in
>> front (
>> > > F5,
>> > > >> OR any proxy ) with round robin fashion ( no sticky session on F5
>> OR
>> > > >> proxies ).
>> > > >>
>> > > >> We were thinking with round robin the user session will active
>> since
>> > we
>> > > >> used session replication on backend.
>> > > >>
>> > > >> Do let me know if you need more information here.
>> > > >>
>> > > >> Thanks,
>> > > >>
>> > > >> Rishi
>> > > >>
>> > > >>
>> > > >>
>> > > >>
>> > > >> On Tue, Feb 14, 2017 at 9:57 PM, Rishi Yagnik <
>> rishiyag...@gmail.com>
>> > > >> wrote:
>> > > >>
>> > > >>> Val,
>> > > >>>
>> > > >>> My SB sample project is ready however I have asked for an
>> approval to
>> > > >>> submit sample project to you, it would take day or two.
>> > > >>>
>> > > >>> I will keep you posted.
>> > > >>>
>> > > >>> Thanks for all your help,
>> > > >>>
>> > > >>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi Yagnik <
>> rishiyag...@gmail.com
>> > >
>> > > >>> wrote:
>> > > >>>
>> > >  Let me build an example app for you and send it across to you.
>> > > 
>> > >  Thanks,
>> > > 
>> > >  On Tue, Feb 14, 2017 at 3:28 PM, Valentin Kulichenko <
>> > >  valentin.kuliche...@gmail.com> wrote:
>> > > 
>> > > > Rishi,
>> > > >
>> > > > No I don't, and I think that's what we should start with. I
>> want to
>> > > > understand a use case that is currently not supported (if any)
>> and
>> > > then
>> > > > find the best solution. And I would like to reuse existing code
>> as
>> > > > much as
>> > > > possible.
>> > > >
>> > > > Do you have any code that reproduces the problem you had and how
>> > you
>> > > > tried
>> > > > to utilize current web session clustering? Can you share it with
>> > us?
>> > > >
>> > > > -Val
>> > > >
>> > > > On Tue, Feb 14, 2017 at 11:28 AM, Rishi Yagnik <
>> > > rishiyag...@gmail.com>
>> > > > wrote:
>> > > >
>> > > > > Hi Val,
>> > > > >
>> > > > > I am working on SB platform with spring security and we found
>> out
>> > > > that the
>> > > > > web session filter ignite provides does not work for session
>> > > > management on
>> > > > > 2 node spring boot cluster.
>> > > > >
>> > > > > Somehow, spring security filter kicks in result in some weird
>> > > errors
>> > > > with
>> > > > > web session filter.
>> > > > >
>> > > > > So making compatible with spring security somehow, we need to
>> > write
>> > > > >

Re: IGNITE-2741 - spring session design

2017-02-23 Thread Rishi Yagnik 
Thanks Val for looking into it.

On Wed, Feb 22, 2017 at 9:32 PM, Valentin Kulichenko <
valentin.kuliche...@gmail.com> wrote:

> Hi Rishi,
>
> Got it, I think I'm reproducing the issue. I'll take a look and let you
> know my findings soon.
>
> -Val
>
> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik 
> wrote:
>
> > Hi Val,
> >
> > The issue will occur in cluster environment, please setup the spring boot
> > on 2 different host with LB (F5 OR Reverse proxy) in front and try to
> > login.
> >
> > In cluster environment, Spring security does not recognize the session on
> > the host you are not logged in, as a result, spring security will
> redirect
> > to login url however the correct behavior should be that user would stay
> > logged in with session replication.
> >
> > Do let me know if you need more information.
> >
> > Thanks,
> > Rishi
> >
> >
> >
> > On Tue, Feb 21, 2017 at 7:08 PM, Valentin Kulichenko <
> > valentin.kuliche...@gmail.com> wrote:
> >
> > > Hi Rishi,
> > >
> > > I was able to build and run the application. Can you give some
> > description
> > > on what should I test to understand the issue? What exactly didn't work
> > for
> > > you?
> > >
> > > -Val
> > >
> > > On Wed, Feb 15, 2017 at 10:52 AM, Valentin Kulichenko <
> > > valentin.kuliche...@gmail.com> wrote:
> > >
> > > > Hi Rishi,
> > > >
> > > > Thanks, I'll take a look.
> > > >
> > > > -Val
> > > >
> > > > On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik  >
> > > > wrote:
> > > >
> > > >> Hi Val,
> > > >>
> > > >> As promised, please find attached code for spring boot integration
> > with
> > > >> spring security along with Ignite.
> > > >>
> > > >> Some more information on project -
> > > >>
> > > >>- It is a maven project ( Ignite 1.7.0, SB 1.4.3 )
> > > >>- spring security integrated with boot project along with ignite
> > > >>- HttpSessionCookieCsrfTokenRepository does not work, gives
> > > >>intermediate errors on single instance so used
> > > CookieCsrfTokenRepository
> > > >>for CSRF token, again I think we need a fix here from Ignite.
> > > >>
> > > >> I cant reproduce this errors while I am running on single instance,
> > you
> > > >> need to run this app on 2 spring boot instance having proxy in
> front (
> > > F5,
> > > >> OR any proxy ) with round robin fashion ( no sticky session on F5 OR
> > > >> proxies ).
> > > >>
> > > >> We were thinking with round robin the user session will active since
> > we
> > > >> used session replication on backend.
> > > >>
> > > >> Do let me know if you need more information here.
> > > >>
> > > >> Thanks,
> > > >>
> > > >> Rishi
> > > >>
> > > >>
> > > >>
> > > >>
> > > >> On Tue, Feb 14, 2017 at 9:57 PM, Rishi Yagnik <
> rishiyag...@gmail.com>
> > > >> wrote:
> > > >>
> > > >>> Val,
> > > >>>
> > > >>> My SB sample project is ready however I have asked for an approval
> to
> > > >>> submit sample project to you, it would take day or two.
> > > >>>
> > > >>> I will keep you posted.
> > > >>>
> > > >>> Thanks for all your help,
> > > >>>
> > > >>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi Yagnik <
> rishiyag...@gmail.com
> > >
> > > >>> wrote:
> > > >>>
> > >  Let me build an example app for you and send it across to you.
> > > 
> > >  Thanks,
> > > 
> > >  On Tue, Feb 14, 2017 at 3:28 PM, Valentin Kulichenko <
> > >  valentin.kuliche...@gmail.com> wrote:
> > > 
> > > > Rishi,
> > > >
> > > > No I don't, and I think that's what we should start with. I want
> to
> > > > understand a use case that is currently not supported (if any)
> and
> > > then
> > > > find the best solution. And I would like to reuse existing code
> as
> > > > much as
> > > > possible.
> > > >
> > > > Do you have any code that reproduces the problem you had and how
> > you
> > > > tried
> > > > to utilize current web session clustering? Can you share it with
> > us?
> > > >
> > > > -Val
> > > >
> > > > On Tue, Feb 14, 2017 at 11:28 AM, Rishi Yagnik <
> > > rishiyag...@gmail.com>
> > > > wrote:
> > > >
> > > > > Hi Val,
> > > > >
> > > > > I am working on SB platform with spring security and we found
> out
> > > > that the
> > > > > web session filter ignite provides does not work for session
> > > > management on
> > > > > 2 node spring boot cluster.
> > > > >
> > > > > Somehow, spring security filter kicks in result in some weird
> > > errors
> > > > with
> > > > > web session filter.
> > > > >
> > > > > So making compatible with spring security somehow, we need to
> > write
> > > > > implementation on spring session.
> > > > >
> > > > > Do you have any test cases that says web session filter would
> > work
> > > > with
> > > > > spring security on boot platform ?
> > > > >
> > > > > Thanks,
> > > > >
> > > > >
> > > > > On Tue, Feb 14, 2017 at 1:03 PM, Valentin Kulichenko

Re: IGNITE-2741 - spring session design

2017-02-22 Thread Valentin Kulichenko 
Hi Rishi,

Got it, I think I'm reproducing the issue. I'll take a look and let you
know my findings soon.

-Val

On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik  wrote:

> Hi Val,
>
> The issue will occur in cluster environment, please setup the spring boot
> on 2 different host with LB (F5 OR Reverse proxy) in front and try to
> login.
>
> In cluster environment, Spring security does not recognize the session on
> the host you are not logged in, as a result, spring security will redirect
> to login url however the correct behavior should be that user would stay
> logged in with session replication.
>
> Do let me know if you need more information.
>
> Thanks,
> Rishi
>
>
>
> On Tue, Feb 21, 2017 at 7:08 PM, Valentin Kulichenko <
> valentin.kuliche...@gmail.com> wrote:
>
> > Hi Rishi,
> >
> > I was able to build and run the application. Can you give some
> description
> > on what should I test to understand the issue? What exactly didn't work
> for
> > you?
> >
> > -Val
> >
> > On Wed, Feb 15, 2017 at 10:52 AM, Valentin Kulichenko <
> > valentin.kuliche...@gmail.com> wrote:
> >
> > > Hi Rishi,
> > >
> > > Thanks, I'll take a look.
> > >
> > > -Val
> > >
> > > On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik 
> > > wrote:
> > >
> > >> Hi Val,
> > >>
> > >> As promised, please find attached code for spring boot integration
> with
> > >> spring security along with Ignite.
> > >>
> > >> Some more information on project -
> > >>
> > >>- It is a maven project ( Ignite 1.7.0, SB 1.4.3 )
> > >>- spring security integrated with boot project along with ignite
> > >>- HttpSessionCookieCsrfTokenRepository does not work, gives
> > >>intermediate errors on single instance so used
> > CookieCsrfTokenRepository
> > >>for CSRF token, again I think we need a fix here from Ignite.
> > >>
> > >> I cant reproduce this errors while I am running on single instance,
> you
> > >> need to run this app on 2 spring boot instance having proxy in front (
> > F5,
> > >> OR any proxy ) with round robin fashion ( no sticky session on F5 OR
> > >> proxies ).
> > >>
> > >> We were thinking with round robin the user session will active since
> we
> > >> used session replication on backend.
> > >>
> > >> Do let me know if you need more information here.
> > >>
> > >> Thanks,
> > >>
> > >> Rishi
> > >>
> > >>
> > >>
> > >>
> > >> On Tue, Feb 14, 2017 at 9:57 PM, Rishi Yagnik 
> > >> wrote:
> > >>
> > >>> Val,
> > >>>
> > >>> My SB sample project is ready however I have asked for an approval to
> > >>> submit sample project to you, it would take day or two.
> > >>>
> > >>> I will keep you posted.
> > >>>
> > >>> Thanks for all your help,
> > >>>
> > >>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi Yagnik  >
> > >>> wrote:
> > >>>
> >  Let me build an example app for you and send it across to you.
> > 
> >  Thanks,
> > 
> >  On Tue, Feb 14, 2017 at 3:28 PM, Valentin Kulichenko <
> >  valentin.kuliche...@gmail.com> wrote:
> > 
> > > Rishi,
> > >
> > > No I don't, and I think that's what we should start with. I want to
> > > understand a use case that is currently not supported (if any) and
> > then
> > > find the best solution. And I would like to reuse existing code as
> > > much as
> > > possible.
> > >
> > > Do you have any code that reproduces the problem you had and how
> you
> > > tried
> > > to utilize current web session clustering? Can you share it with
> us?
> > >
> > > -Val
> > >
> > > On Tue, Feb 14, 2017 at 11:28 AM, Rishi Yagnik <
> > rishiyag...@gmail.com>
> > > wrote:
> > >
> > > > Hi Val,
> > > >
> > > > I am working on SB platform with spring security and we found out
> > > that the
> > > > web session filter ignite provides does not work for session
> > > management on
> > > > 2 node spring boot cluster.
> > > >
> > > > Somehow, spring security filter kicks in result in some weird
> > errors
> > > with
> > > > web session filter.
> > > >
> > > > So making compatible with spring security somehow, we need to
> write
> > > > implementation on spring session.
> > > >
> > > > Do you have any test cases that says web session filter would
> work
> > > with
> > > > spring security on boot platform ?
> > > >
> > > > Thanks,
> > > >
> > > >
> > > > On Tue, Feb 14, 2017 at 1:03 PM, Valentin Kulichenko <
> > > > valentin.kuliche...@gmail.com> wrote:
> > > >
> > > > > Hi Rishi,
> > > > >
> > > > > Can you please take a look at web session clustering feature
> [1]
> > > provided
> > > > > by Ignite? I'm looking at Spring Session docs and it seems to
> me
> > > it does
> > > > > exactly the same - replaces HttpSession with custom
> > implementation
> > > that
> > > > has
> > > > > a backend storage. If it

Re: IGNITE-2741 - spring session design

2017-02-21 Thread Rishi Yagnik 
Hi Val,

The issue will occur in cluster environment, please setup the spring boot
on 2 different host with LB (F5 OR Reverse proxy) in front and try to login.

In cluster environment, Spring security does not recognize the session on
the host you are not logged in, as a result, spring security will redirect
to login url however the correct behavior should be that user would stay
logged in with session replication.

Do let me know if you need more information.

Thanks,
Rishi



On Tue, Feb 21, 2017 at 7:08 PM, Valentin Kulichenko <
valentin.kuliche...@gmail.com> wrote:

> Hi Rishi,
>
> I was able to build and run the application. Can you give some description
> on what should I test to understand the issue? What exactly didn't work for
> you?
>
> -Val
>
> On Wed, Feb 15, 2017 at 10:52 AM, Valentin Kulichenko <
> valentin.kuliche...@gmail.com> wrote:
>
> > Hi Rishi,
> >
> > Thanks, I'll take a look.
> >
> > -Val
> >
> > On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik 
> > wrote:
> >
> >> Hi Val,
> >>
> >> As promised, please find attached code for spring boot integration with
> >> spring security along with Ignite.
> >>
> >> Some more information on project -
> >>
> >>- It is a maven project ( Ignite 1.7.0, SB 1.4.3 )
> >>- spring security integrated with boot project along with ignite
> >>- HttpSessionCookieCsrfTokenRepository does not work, gives
> >>intermediate errors on single instance so used
> CookieCsrfTokenRepository
> >>for CSRF token, again I think we need a fix here from Ignite.
> >>
> >> I cant reproduce this errors while I am running on single instance, you
> >> need to run this app on 2 spring boot instance having proxy in front (
> F5,
> >> OR any proxy ) with round robin fashion ( no sticky session on F5 OR
> >> proxies ).
> >>
> >> We were thinking with round robin the user session will active since we
> >> used session replication on backend.
> >>
> >> Do let me know if you need more information here.
> >>
> >> Thanks,
> >>
> >> Rishi
> >>
> >>
> >>
> >>
> >> On Tue, Feb 14, 2017 at 9:57 PM, Rishi Yagnik 
> >> wrote:
> >>
> >>> Val,
> >>>
> >>> My SB sample project is ready however I have asked for an approval to
> >>> submit sample project to you, it would take day or two.
> >>>
> >>> I will keep you posted.
> >>>
> >>> Thanks for all your help,
> >>>
> >>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi Yagnik 
> >>> wrote:
> >>>
>  Let me build an example app for you and send it across to you.
> 
>  Thanks,
> 
>  On Tue, Feb 14, 2017 at 3:28 PM, Valentin Kulichenko <
>  valentin.kuliche...@gmail.com> wrote:
> 
> > Rishi,
> >
> > No I don't, and I think that's what we should start with. I want to
> > understand a use case that is currently not supported (if any) and
> then
> > find the best solution. And I would like to reuse existing code as
> > much as
> > possible.
> >
> > Do you have any code that reproduces the problem you had and how you
> > tried
> > to utilize current web session clustering? Can you share it with us?
> >
> > -Val
> >
> > On Tue, Feb 14, 2017 at 11:28 AM, Rishi Yagnik <
> rishiyag...@gmail.com>
> > wrote:
> >
> > > Hi Val,
> > >
> > > I am working on SB platform with spring security and we found out
> > that the
> > > web session filter ignite provides does not work for session
> > management on
> > > 2 node spring boot cluster.
> > >
> > > Somehow, spring security filter kicks in result in some weird
> errors
> > with
> > > web session filter.
> > >
> > > So making compatible with spring security somehow, we need to write
> > > implementation on spring session.
> > >
> > > Do you have any test cases that says web session filter would work
> > with
> > > spring security on boot platform ?
> > >
> > > Thanks,
> > >
> > >
> > > On Tue, Feb 14, 2017 at 1:03 PM, Valentin Kulichenko <
> > > valentin.kuliche...@gmail.com> wrote:
> > >
> > > > Hi Rishi,
> > > >
> > > > Can you please take a look at web session clustering feature [1]
> > provided
> > > > by Ignite? I'm looking at Spring Session docs and it seems to me
> > it does
> > > > exactly the same - replaces HttpSession with custom
> implementation
> > that
> > > has
> > > > a backend storage. If it doesn't provide any additional API or
> > > > functionality, I'm not sure I understand the benefit of this
> > feature.
> > > >
> > > > Let me know if I'm missing something.
> > > >
> > > > [1] https://apacheignite-mix.readme.io/docs/web-session-
> clustering
> > > >
> > > > -Val
> > > >
> > > > On Mon, Feb 13, 2017 at 2:41 PM, Rishi Yagnik <
> > rishiyag...@gmail.com>
> > > > wrote:
> > > >
> > > > > I would like to discuss session replication / fail

Re: IGNITE-2741 - spring session design

2017-02-15 Thread Valentin Kulichenko 
Hi Rishi,

Thanks, I'll take a look.

-Val

On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik  wrote:

> Hi Val,
>
> As promised, please find attached code for spring boot integration with
> spring security along with Ignite.
>
> Some more information on project -
>
>- It is a maven project ( Ignite 1.7.0, SB 1.4.3 )
>- spring security integrated with boot project along with ignite
>- HttpSessionCookieCsrfTokenRepository does not work, gives
>intermediate errors on single instance so used CookieCsrfTokenRepository
>for CSRF token, again I think we need a fix here from Ignite.
>
> I cant reproduce this errors while I am running on single instance, you
> need to run this app on 2 spring boot instance having proxy in front ( F5,
> OR any proxy ) with round robin fashion ( no sticky session on F5 OR
> proxies ).
>
> We were thinking with round robin the user session will active since we
> used session replication on backend.
>
> Do let me know if you need more information here.
>
> Thanks,
>
> Rishi
>
>
>
>
> On Tue, Feb 14, 2017 at 9:57 PM, Rishi Yagnik 
> wrote:
>
>> Val,
>>
>> My SB sample project is ready however I have asked for an approval to
>> submit sample project to you, it would take day or two.
>>
>> I will keep you posted.
>>
>> Thanks for all your help,
>>
>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi Yagnik 
>> wrote:
>>
>>> Let me build an example app for you and send it across to you.
>>>
>>> Thanks,
>>>
>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin Kulichenko <
>>> valentin.kuliche...@gmail.com> wrote:
>>>
 Rishi,

 No I don't, and I think that's what we should start with. I want to
 understand a use case that is currently not supported (if any) and then
 find the best solution. And I would like to reuse existing code as much
 as
 possible.

 Do you have any code that reproduces the problem you had and how you
 tried
 to utilize current web session clustering? Can you share it with us?

 -Val

 On Tue, Feb 14, 2017 at 11:28 AM, Rishi Yagnik 
 wrote:

 > Hi Val,
 >
 > I am working on SB platform with spring security and we found out
 that the
 > web session filter ignite provides does not work for session
 management on
 > 2 node spring boot cluster.
 >
 > Somehow, spring security filter kicks in result in some weird errors
 with
 > web session filter.
 >
 > So making compatible with spring security somehow, we need to write
 > implementation on spring session.
 >
 > Do you have any test cases that says web session filter would work
 with
 > spring security on boot platform ?
 >
 > Thanks,
 >
 >
 > On Tue, Feb 14, 2017 at 1:03 PM, Valentin Kulichenko <
 > valentin.kuliche...@gmail.com> wrote:
 >
 > > Hi Rishi,
 > >
 > > Can you please take a look at web session clustering feature [1]
 provided
 > > by Ignite? I'm looking at Spring Session docs and it seems to me it
 does
 > > exactly the same - replaces HttpSession with custom implementation
 that
 > has
 > > a backend storage. If it doesn't provide any additional API or
 > > functionality, I'm not sure I understand the benefit of this
 feature.
 > >
 > > Let me know if I'm missing something.
 > >
 > > [1] https://apacheignite-mix.readme.io/docs/web-session-clustering
 > >
 > > -Val
 > >
 > > On Mon, Feb 13, 2017 at 2:41 PM, Rishi Yagnik <
 rishiyag...@gmail.com>
 > > wrote:
 > >
 > > > I would like to discuss session replication / fail over design on
 > spring
 > > > boot platform and wanted to find what is the best out to get
 started
 > > here ?
 > > >
 > > > Possible approaches are as follows -
 > > >
 > > >- Make use of Spring Session for session replication and fail
 over
 > > >- Extend the web session filter and make it work on spring boot
 > > >application
 > > >
 > > >
 > > > I am thinking that best approach would be to get started here with
 > spring
 > > > session design however I am open for feedback here.
 > > >
 > > > --
 > > > Rishi Yagnik
 > > >
 > >
 >
 >
 >
 > --
 > Rishi Yagnik
 >

>>>
>>>
>>>
>>> --
>>> Rishi Yagnik
>>>
>>
>>
>>
>> --
>> Rishi Yagnik
>>
>
>
>
> --
> Rishi Yagnik
>

Re: IGNITE-2741 - spring session design

2017-02-14 Thread Rishi Yagnik 
Val,

My SB sample project is ready however I have asked for an approval to
submit sample project to you, it would take day or two.

I will keep you posted.

Thanks for all your help,

On Tue, Feb 14, 2017 at 3:51 PM, Rishi Yagnik  wrote:

> Let me build an example app for you and send it across to you.
>
> Thanks,
>
> On Tue, Feb 14, 2017 at 3:28 PM, Valentin Kulichenko <
> valentin.kuliche...@gmail.com> wrote:
>
>> Rishi,
>>
>> No I don't, and I think that's what we should start with. I want to
>> understand a use case that is currently not supported (if any) and then
>> find the best solution. And I would like to reuse existing code as much as
>> possible.
>>
>> Do you have any code that reproduces the problem you had and how you tried
>> to utilize current web session clustering? Can you share it with us?
>>
>> -Val
>>
>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi Yagnik 
>> wrote:
>>
>> > Hi Val,
>> >
>> > I am working on SB platform with spring security and we found out that
>> the
>> > web session filter ignite provides does not work for session management
>> on
>> > 2 node spring boot cluster.
>> >
>> > Somehow, spring security filter kicks in result in some weird errors
>> with
>> > web session filter.
>> >
>> > So making compatible with spring security somehow, we need to write
>> > implementation on spring session.
>> >
>> > Do you have any test cases that says web session filter would work with
>> > spring security on boot platform ?
>> >
>> > Thanks,
>> >
>> >
>> > On Tue, Feb 14, 2017 at 1:03 PM, Valentin Kulichenko <
>> > valentin.kuliche...@gmail.com> wrote:
>> >
>> > > Hi Rishi,
>> > >
>> > > Can you please take a look at web session clustering feature [1]
>> provided
>> > > by Ignite? I'm looking at Spring Session docs and it seems to me it
>> does
>> > > exactly the same - replaces HttpSession with custom implementation
>> that
>> > has
>> > > a backend storage. If it doesn't provide any additional API or
>> > > functionality, I'm not sure I understand the benefit of this feature.
>> > >
>> > > Let me know if I'm missing something.
>> > >
>> > > [1] https://apacheignite-mix.readme.io/docs/web-session-clustering
>> > >
>> > > -Val
>> > >
>> > > On Mon, Feb 13, 2017 at 2:41 PM, Rishi Yagnik 
>> > > wrote:
>> > >
>> > > > I would like to discuss session replication / fail over design on
>> > spring
>> > > > boot platform and wanted to find what is the best out to get started
>> > > here ?
>> > > >
>> > > > Possible approaches are as follows -
>> > > >
>> > > >- Make use of Spring Session for session replication and fail
>> over
>> > > >- Extend the web session filter and make it work on spring boot
>> > > >application
>> > > >
>> > > >
>> > > > I am thinking that best approach would be to get started here with
>> > spring
>> > > > session design however I am open for feedback here.
>> > > >
>> > > > --
>> > > > Rishi Yagnik
>> > > >
>> > >
>> >
>> >
>> >
>> > --
>> > Rishi Yagnik
>> >
>>
>
>
>
> --
> Rishi Yagnik
>



-- 
Rishi Yagnik

Re: IGNITE-2741 - spring session design

2017-02-14 Thread Rishi Yagnik 
Let me build an example app for you and send it across to you.

Thanks,

On Tue, Feb 14, 2017 at 3:28 PM, Valentin Kulichenko <
valentin.kuliche...@gmail.com> wrote:

> Rishi,
>
> No I don't, and I think that's what we should start with. I want to
> understand a use case that is currently not supported (if any) and then
> find the best solution. And I would like to reuse existing code as much as
> possible.
>
> Do you have any code that reproduces the problem you had and how you tried
> to utilize current web session clustering? Can you share it with us?
>
> -Val
>
> On Tue, Feb 14, 2017 at 11:28 AM, Rishi Yagnik 
> wrote:
>
> > Hi Val,
> >
> > I am working on SB platform with spring security and we found out that
> the
> > web session filter ignite provides does not work for session management
> on
> > 2 node spring boot cluster.
> >
> > Somehow, spring security filter kicks in result in some weird errors with
> > web session filter.
> >
> > So making compatible with spring security somehow, we need to write
> > implementation on spring session.
> >
> > Do you have any test cases that says web session filter would work with
> > spring security on boot platform ?
> >
> > Thanks,
> >
> >
> > On Tue, Feb 14, 2017 at 1:03 PM, Valentin Kulichenko <
> > valentin.kuliche...@gmail.com> wrote:
> >
> > > Hi Rishi,
> > >
> > > Can you please take a look at web session clustering feature [1]
> provided
> > > by Ignite? I'm looking at Spring Session docs and it seems to me it
> does
> > > exactly the same - replaces HttpSession with custom implementation that
> > has
> > > a backend storage. If it doesn't provide any additional API or
> > > functionality, I'm not sure I understand the benefit of this feature.
> > >
> > > Let me know if I'm missing something.
> > >
> > > [1] https://apacheignite-mix.readme.io/docs/web-session-clustering
> > >
> > > -Val
> > >
> > > On Mon, Feb 13, 2017 at 2:41 PM, Rishi Yagnik 
> > > wrote:
> > >
> > > > I would like to discuss session replication / fail over design on
> > spring
> > > > boot platform and wanted to find what is the best out to get started
> > > here ?
> > > >
> > > > Possible approaches are as follows -
> > > >
> > > >- Make use of Spring Session for session replication and fail over
> > > >- Extend the web session filter and make it work on spring boot
> > > >application
> > > >
> > > >
> > > > I am thinking that best approach would be to get started here with
> > spring
> > > > session design however I am open for feedback here.
> > > >
> > > > --
> > > > Rishi Yagnik
> > > >
> > >
> >
> >
> >
> > --
> > Rishi Yagnik
> >
>



-- 
Rishi Yagnik

Re: IGNITE-2741 - spring session design

2017-02-14 Thread Valentin Kulichenko 
Rishi,

No I don't, and I think that's what we should start with. I want to
understand a use case that is currently not supported (if any) and then
find the best solution. And I would like to reuse existing code as much as
possible.

Do you have any code that reproduces the problem you had and how you tried
to utilize current web session clustering? Can you share it with us?

-Val

On Tue, Feb 14, 2017 at 11:28 AM, Rishi Yagnik 
wrote:

> Hi Val,
>
> I am working on SB platform with spring security and we found out that the
> web session filter ignite provides does not work for session management on
> 2 node spring boot cluster.
>
> Somehow, spring security filter kicks in result in some weird errors with
> web session filter.
>
> So making compatible with spring security somehow, we need to write
> implementation on spring session.
>
> Do you have any test cases that says web session filter would work with
> spring security on boot platform ?
>
> Thanks,
>
>
> On Tue, Feb 14, 2017 at 1:03 PM, Valentin Kulichenko <
> valentin.kuliche...@gmail.com> wrote:
>
> > Hi Rishi,
> >
> > Can you please take a look at web session clustering feature [1] provided
> > by Ignite? I'm looking at Spring Session docs and it seems to me it does
> > exactly the same - replaces HttpSession with custom implementation that
> has
> > a backend storage. If it doesn't provide any additional API or
> > functionality, I'm not sure I understand the benefit of this feature.
> >
> > Let me know if I'm missing something.
> >
> > [1] https://apacheignite-mix.readme.io/docs/web-session-clustering
> >
> > -Val
> >
> > On Mon, Feb 13, 2017 at 2:41 PM, Rishi Yagnik 
> > wrote:
> >
> > > I would like to discuss session replication / fail over design on
> spring
> > > boot platform and wanted to find what is the best out to get started
> > here ?
> > >
> > > Possible approaches are as follows -
> > >
> > >- Make use of Spring Session for session replication and fail over
> > >- Extend the web session filter and make it work on spring boot
> > >application
> > >
> > >
> > > I am thinking that best approach would be to get started here with
> spring
> > > session design however I am open for feedback here.
> > >
> > > --
> > > Rishi Yagnik
> > >
> >
>
>
>
> --
> Rishi Yagnik
>

Re: IGNITE-2741 - spring session design

2017-02-14 Thread Rishi Yagnik 
Hi Val,

I am working on SB platform with spring security and we found out that the
web session filter ignite provides does not work for session management on
2 node spring boot cluster.

Somehow, spring security filter kicks in result in some weird errors with
web session filter.

So making compatible with spring security somehow, we need to write
implementation on spring session.

Do you have any test cases that says web session filter would work with
spring security on boot platform ?

Thanks,


On Tue, Feb 14, 2017 at 1:03 PM, Valentin Kulichenko <
valentin.kuliche...@gmail.com> wrote:

> Hi Rishi,
>
> Can you please take a look at web session clustering feature [1] provided
> by Ignite? I'm looking at Spring Session docs and it seems to me it does
> exactly the same - replaces HttpSession with custom implementation that has
> a backend storage. If it doesn't provide any additional API or
> functionality, I'm not sure I understand the benefit of this feature.
>
> Let me know if I'm missing something.
>
> [1] https://apacheignite-mix.readme.io/docs/web-session-clustering
>
> -Val
>
> On Mon, Feb 13, 2017 at 2:41 PM, Rishi Yagnik 
> wrote:
>
> > I would like to discuss session replication / fail over design on spring
> > boot platform and wanted to find what is the best out to get started
> here ?
> >
> > Possible approaches are as follows -
> >
> >- Make use of Spring Session for session replication and fail over
> >- Extend the web session filter and make it work on spring boot
> >application
> >
> >
> > I am thinking that best approach would be to get started here with spring
> > session design however I am open for feedback here.
> >
> > --
> > Rishi Yagnik
> >
>



-- 
Rishi Yagnik

Re: IGNITE-2741 - spring session design

2017-02-14 Thread Valentin Kulichenko 
Hi Rishi,

Can you please take a look at web session clustering feature [1] provided
by Ignite? I'm looking at Spring Session docs and it seems to me it does
exactly the same - replaces HttpSession with custom implementation that has
a backend storage. If it doesn't provide any additional API or
functionality, I'm not sure I understand the benefit of this feature.

Let me know if I'm missing something.

[1] https://apacheignite-mix.readme.io/docs/web-session-clustering

-Val

On Mon, Feb 13, 2017 at 2:41 PM, Rishi Yagnik  wrote:

> I would like to discuss session replication / fail over design on spring
> boot platform and wanted to find what is the best out to get started here ?
>
> Possible approaches are as follows -
>
>- Make use of Spring Session for session replication and fail over
>- Extend the web session filter and make it work on spring boot
>application
>
>
> I am thinking that best approach would be to get started here with spring
> session design however I am open for feedback here.
>
> --
> Rishi Yagnik
>