Hello Val, As I discussed earlier, the problem arises in the cluster environment.
we have 2 SB staleless instance backed by Ignite data store. The local environment is working fine and I am able to see the user sessions are being stored correctly. I could not make session replication working with Ignite 2.0 in cluster environment so my fixes are of no use. IMO,The web filter approach is very intrusive approach with spring security and that is why I thought we need to come up with the solution which sits on top of spring security. The possible solution could be spring session. The example which I posted can be tested on cluster as well. Would Ignite team try out the clustering ? Looking for your inputs / suggestions on the issue. Thank you for all your help, Rishi On Mon, May 22, 2017 at 1:02 PM, Valentin Kulichenko < valentin.kuliche...@gmail.com> wrote: > Hi Rishi, > > I'm not sure I understand what the issue is. Can you elaborate a bit more > and provide exact examples of what is not working? What code tweaks are > required and how critical are they? Also I recall that your example was > working fine after the latest fixes in 1.9 (if I'm not mistaken). Did you > make any changes after that? > > -Val > > On Fri, May 19, 2017 at 11:34 PM, Rishi Yagnik <rishiyag...@gmail.com> > wrote: > >> Hello Dmitriy, >> >> Thank you for the response, I would await for Val's feedback. >> >> I would like to discuss the possible approach for implementation here, and >> it could be one of this - >> >> https://issues.apache.org/jira/browse/IGNITE-2741 >> >> Hope we all come on to conclusion here. >> >> Thanks, >> >> On Fri, May 19, 2017 at 3:57 PM, Dmitriy Setrakyan <dsetrak...@apache.org >> > >> wrote: >> >> > Hi Rishi, >> > >> > I think the best way is to file a ticket in Ignite Jira with your >> > findings. This ticket does not seem tremendously difficult, so hopefully >> > someone from the community will pick it up. All we need to do is to take >> > our existing Web Session Clustering [1][2] code and port it to work with >> > Spring Boot. >> > >> > BTW, feel free to contribute it yourself if you have time. >> > >> > [1] https://ignite.apache.org/use-cases/caching/web-session- >> > clustering.html >> > [2] https://apacheignite-mix.readme.io/docs/web-session-clustering >> > >> > D. >> > >> > On Fri, May 19, 2017 at 11:43 AM, Rishi Yagnik <rishiyag...@gmail.com> >> > wrote: >> > >> >> Hello Val, >> >> >> >> I tested out the session replication on spring boot cluster and here is >> >> the >> >> result. >> >> >> >> My finding were as follows with Ignite 2.0 on session replication and >> hope >> >> that helps the team – >> >> >> >> - Spring Security Filters requires context to be set with >> >> Authentication >> >> object, later on when user authentication object is set on the >> ignite >> >> filter from Ignite cache, the spring security treat that as a new >> >> session >> >> just to prevent session fixation issue. >> >> - As spring security creates a new session and since there is no >> way to >> >> tell Ignite that user session has been changed, the user session is >> no >> >> good >> >> here despite the fact that user session holds by the ignite is a >> true >> >> session for that user. >> >> - Configuring web session filter does not work OOTB in spring boot >> >> platform, it require some additional tweaking in the code to make it >> >> work. >> >> >> >> >> >> So in the nutshell, I would think having spring session on ignite >> platform >> >> would support full session replication with spring boot platform. >> >> >> >> >> >> Please note that we have 2 SB instances, serving request round robin >> via >> >> F5 >> >> ( load balancers) supported by 2 node ignite cluster. >> >> >> >> Any suggestions on how we want to conquer the issue ? >> >> >> >> Thanks, >> >> >> >> -- >> >> Rishi Yagnik >> >> >> > >> > >> >> >> -- >> Rishi Yagnik >> > > -- Rishi Yagnik
