Hi Rishi, Got it, I think I'm reproducing the issue. I'll take a look and let you know my findings soon.
-Val On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <rishiyag...@gmail.com> wrote: > Hi Val, > > The issue will occur in cluster environment, please setup the spring boot > on 2 different host with LB (F5 OR Reverse proxy) in front and try to > login. > > In cluster environment, Spring security does not recognize the session on > the host you are not logged in, as a result, spring security will redirect > to login url however the correct behavior should be that user would stay > logged in with session replication. > > Do let me know if you need more information. > > Thanks, > Rishi > > > > On Tue, Feb 21, 2017 at 7:08 PM, Valentin Kulichenko < > valentin.kuliche...@gmail.com> wrote: > > > Hi Rishi, > > > > I was able to build and run the application. Can you give some > description > > on what should I test to understand the issue? What exactly didn't work > for > > you? > > > > -Val > > > > On Wed, Feb 15, 2017 at 10:52 AM, Valentin Kulichenko < > > valentin.kuliche...@gmail.com> wrote: > > > > > Hi Rishi, > > > > > > Thanks, I'll take a look. > > > > > > -Val > > > > > > On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik <rishiyag...@gmail.com> > > > wrote: > > > > > >> Hi Val, > > >> > > >> As promised, please find attached code for spring boot integration > with > > >> spring security along with Ignite. > > >> > > >> Some more information on project - > > >> > > >> - It is a maven project ( Ignite 1.7.0, SB 1.4.3 ) > > >> - spring security integrated with boot project along with ignite > > >> - HttpSessionCookieCsrfTokenRepository does not work, gives > > >> intermediate errors on single instance so used > > CookieCsrfTokenRepository > > >> for CSRF token, again I think we need a fix here from Ignite. > > >> > > >> I cant reproduce this errors while I am running on single instance, > you > > >> need to run this app on 2 spring boot instance having proxy in front ( > > F5, > > >> OR any proxy ) with round robin fashion ( no sticky session on F5 OR > > >> proxies ). > > >> > > >> We were thinking with round robin the user session will active since > we > > >> used session replication on backend. > > >> > > >> Do let me know if you need more information here. > > >> > > >> Thanks, > > >> > > >> Rishi > > >> > > >> > > >> > > >> > > >> On Tue, Feb 14, 2017 at 9:57 PM, Rishi Yagnik <rishiyag...@gmail.com> > > >> wrote: > > >> > > >>> Val, > > >>> > > >>> My SB sample project is ready however I have asked for an approval to > > >>> submit sample project to you, it would take day or two. > > >>> > > >>> I will keep you posted. > > >>> > > >>> Thanks for all your help, > > >>> > > >>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi Yagnik <rishiyag...@gmail.com > > > > >>> wrote: > > >>> > > >>>> Let me build an example app for you and send it across to you. > > >>>> > > >>>> Thanks, > > >>>> > > >>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin Kulichenko < > > >>>> valentin.kuliche...@gmail.com> wrote: > > >>>> > > >>>>> Rishi, > > >>>>> > > >>>>> No I don't, and I think that's what we should start with. I want to > > >>>>> understand a use case that is currently not supported (if any) and > > then > > >>>>> find the best solution. And I would like to reuse existing code as > > >>>>> much as > > >>>>> possible. > > >>>>> > > >>>>> Do you have any code that reproduces the problem you had and how > you > > >>>>> tried > > >>>>> to utilize current web session clustering? Can you share it with > us? > > >>>>> > > >>>>> -Val > > >>>>> > > >>>>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi Yagnik < > > rishiyag...@gmail.com> > > >>>>> wrote: > > >>>>> > > >>>>> > Hi Val, > > >>>>> > > > >>>>> > I am working on SB platform with spring security and we found out > > >>>>> that the > > >>>>> > web session filter ignite provides does not work for session > > >>>>> management on > > >>>>> > 2 node spring boot cluster. > > >>>>> > > > >>>>> > Somehow, spring security filter kicks in result in some weird > > errors > > >>>>> with > > >>>>> > web session filter. > > >>>>> > > > >>>>> > So making compatible with spring security somehow, we need to > write > > >>>>> > implementation on spring session. > > >>>>> > > > >>>>> > Do you have any test cases that says web session filter would > work > > >>>>> with > > >>>>> > spring security on boot platform ? > > >>>>> > > > >>>>> > Thanks, > > >>>>> > > > >>>>> > > > >>>>> > On Tue, Feb 14, 2017 at 1:03 PM, Valentin Kulichenko < > > >>>>> > valentin.kuliche...@gmail.com> wrote: > > >>>>> > > > >>>>> > > Hi Rishi, > > >>>>> > > > > >>>>> > > Can you please take a look at web session clustering feature > [1] > > >>>>> provided > > >>>>> > > by Ignite? I'm looking at Spring Session docs and it seems to > me > > >>>>> it does > > >>>>> > > exactly the same - replaces HttpSession with custom > > implementation > > >>>>> that > > >>>>> > has > > >>>>> > > a backend storage. If it doesn't provide any additional API or > > >>>>> > > functionality, I'm not sure I understand the benefit of this > > >>>>> feature. > > >>>>> > > > > >>>>> > > Let me know if I'm missing something. > > >>>>> > > > > >>>>> > > [1] https://apacheignite-mix.readme.io/docs/web-session- > > clustering > > >>>>> > > > > >>>>> > > -Val > > >>>>> > > > > >>>>> > > On Mon, Feb 13, 2017 at 2:41 PM, Rishi Yagnik < > > >>>>> rishiyag...@gmail.com> > > >>>>> > > wrote: > > >>>>> > > > > >>>>> > > > I would like to discuss session replication / fail over > design > > on > > >>>>> > spring > > >>>>> > > > boot platform and wanted to find what is the best out to get > > >>>>> started > > >>>>> > > here ? > > >>>>> > > > > > >>>>> > > > Possible approaches are as follows - > > >>>>> > > > > > >>>>> > > > - Make use of Spring Session for session replication and > > fail > > >>>>> over > > >>>>> > > > - Extend the web session filter and make it work on spring > > >>>>> boot > > >>>>> > > > application > > >>>>> > > > > > >>>>> > > > > > >>>>> > > > I am thinking that best approach would be to get started here > > >>>>> with > > >>>>> > spring > > >>>>> > > > session design however I am open for feedback here. > > >>>>> > > > > > >>>>> > > > -- > > >>>>> > > > Rishi Yagnik > > >>>>> > > > > > >>>>> > > > > >>>>> > > > >>>>> > > > >>>>> > > > >>>>> > -- > > >>>>> > Rishi Yagnik > > >>>>> > > > >>>>> > > >>>> > > >>>> > > >>>> > > >>>> -- > > >>>> Rishi Yagnik > > >>>> > > >>> > > >>> > > >>> > > >>> -- > > >>> Rishi Yagnik > > >>> > > >> > > >> > > >> > > >> -- > > >> Rishi Yagnik > > >> > > > > > > > > > > > > -- > Rishi Yagnik >
