Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How can I do relational database-based HTTP Session Persistence in Spring 4?

Tags:

spring-mvc

spring

spring-security

I need to be able to store the HTTP Session in a relational database in order to do stateless load balancing of my front-end users across multiple front-end servers. How can I achieve this in Spring 4?

I see how one can do this with Redis, however there does not appear to be documentation on how to do this with a relational database e.g. Postgres.

like image 838
BestPractices Avatar asked Jul 14 '15 01:07

BestPractices

People also ask

How session is maintained in spring?

By default, Spring Security will create a session when it needs one — this is “ifRequired“. For a more stateless application, the “never” option will ensure that Spring Security itself won't create any session. But if the application creates one, Spring Security will make use of it.

What is SessionCreationPolicy?

Enum SessionCreationPolicySpecifies the various session creation policies for Spring Security.

1 Answers

With Spring Session (it transparently will override HttpSessions from Java EE) you can just take SessionRepository interface and implement it with your custom ex. JdbcSessionRepository. It is kind of easy to do. When you have your implementation, then just add manually (you don't need @EnableRedisHttpSession annotation) created filter to filter chain, like bellow:

@Configuration
@EnableWebMvcSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

   //other stuff...

   @Autowired
   private SessionRepository<ExpiringSession> sessionRepository;

   private HttpSessionStrategy httpSessionStrategy = new CookieHttpSessionStrategy(); // or HeaderHttpSessionStrategy

   @Bean
   public SessionRepository<ExpiringSession> sessionRepository() {
       return new JdbcSessionRepository();
   }

   @Override
   protected void configure(HttpSecurity http) throws Exception {
       super.configure(http);
       SessionRepositoryFilter<ExpiringSession> sessionRepositoryFilter = new SessionRepositoryFilter<>(sessionRepository);
       sessionRepositoryFilter.setHttpSessionStrategy(httpSessionStrategy);
       http
            .addFilterBefore(sessionRepositoryFilter, ChannelProcessingFilter.class);
   }
}

Here you have how SessionRepository interface looks like. It has only 4 methods to implement. For how to create Session object, you can look in MapSessionRepository and MapSession implementation (or RedisOperationsSessionRepository and RedisSession).

public interface SessionRepository<S extends Session> {
   S createSession();
   void save(S session);
   S getSession(String id);
   void delete(String id);
}

Example solution https://github.com/Mati20041/spring-session-jpa-repository

like image 179
Mati Avatar answered Nov 01 '22 15:11

Mati
Sign in to Comment

Related questions

Spring security oauth2 'dependencies.dependency.version' is missing for spring boot 2.0.3
BearerTokenAccessDeniedHandler Class Definition Not found
Communications link failure , Spring Boot + MySql +Docker + Hibernate
JSPs not displaying objects from model in Spring
Replacing EL in JSP with SpEL from Spring 3.0
Spring Java config: import properties file
method annotations null when proxying via CGLIB
Using Spring Validator outside of the context of Spring MVC
Injecting values into spring using command line arguments
Spring MVC web application - enabling / disabling controller from property
How do I get my Spring-JUnit test to think its running in a GenericApplicationContext?
How can I prevent Spring MVC from doing a redirect?
How concatenate two string in Spring Expression Language (SpEL)
Spring @Async: null hibernate session on LAZY collection
Spring Boot app not serving static content
How to validate 2 field with OR condition?
Get new instance of a spring bean
Embedded id and "repeated column in mapping for entity..." exception
"Error: HttpStatus cannot be resolved to a variable" How to resolve This?
Configure Gson in Spring before using GsonHttpMessageConverter

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!