You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ignite.apache.org by Valentin Kulichenko <va...@gmail.com> on 2017/04/11 20:53:27 UTC
Re: IGNITE-2741 - spring session design
Hi Rishi,
What was the issue with the HttpSessionCsrfTokenRepository? I didn't have
any problems after I added code you provided.
The fix for [1] is already in master. Can you try building from there and
check if everything works fine for you?
[1] https://issues.apache.org/jira/browse/IGNITE-4948
-Val
On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda <dm...@gridgain.com> wrote:
> Somewhere in April. This will be clarified on the dev list soon.
>
> On Saturday, March 18, 2017, Rishi Yagnik <ri...@gmail.com> wrote:
>
> > Thanks, Val.
> >
> > When are we going to release Ignite 2.0 ? June ??
> >
> > Thanks,
> >
> > On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
> > valentin.kulichenko@gmail.com <javascript:;>> wrote:
> >
> > > Denis,
> > >
> > > Yes, this should be possible. I will try to finalize the fix asap.
> > >
> > > -Val
> > >
> > > On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda <dmagda@apache.org
> > <javascript:;>> wrote:
> > >
> > > > Val,
> > > >
> > > > Will it be possible to incorporate the fix into the nearest 2.0
> > release?
> > > >
> > > > —
> > > > Denis
> > > >
> > > > > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <rishiyagnik@gmail.com
> > <javascript:;>>
> > > > wrote:
> > > > >
> > > > > Hi Val,
> > > > >
> > > > > Hope you are well, any update on web session clustering.
> > > > >
> > > > > Thanks,
> > > > > Rishi
> > > > >
> > > > > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
> > rishiyagnik@gmail.com <javascript:;>>
> > > > > wrote:
> > > > >
> > > > >> Hi Val,
> > > > >>
> > > > >> Thanks looking forward for the fix..
> > > > >>
> > > > >> Take Care,
> > > > >> Rishi
> > > > >>
> > > > >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> > > > >> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > > > >>>
> > > > >>> Hi Rishi,
> > > > >>>
> > > > >>> I want to fix the bug first. It takes a bit longer than I
> thought,
> > > but
> > > > I
> > > > >>> should finish it over the weekend.
> > > > >>>
> > > > >>> -Val
> > > > >>>
> > > > >>>> On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
> > > rishiyagnik@gmail.com <javascript:;>>
> > > > >> wrote:
> > > > >>>>
> > > > >>>> Hi Val,
> > > > >>>>
> > > > >>>> Did you chance to look into session handling issue ?
> > > > >>>>
> > > > >>>> Thanks,
> > > > >>>>
> > > > >>>> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <
> > rishiyagnik@gmail.com <javascript:;>
> > > >
> > > > >>>> wrote:
> > > > >>>>
> > > > >>>>> Hi Val,
> > > > >>>>>
> > > > >>>>> Do you think I can test a fix in 1.9 RC releases ? How are you
> > > > planning
> > > > >>>> to
> > > > >>>>> release a fix ?
> > > > >>>>>
> > > > >>>>> Did you also look into problem where storing xsrf token in
> Ignite
> > > > >> returns
> > > > >>>>> an exception and does not behave as expected ?
> > > > >>>>>
> > > > >>>>> In SecurityConfig.java use HttpSessionCsrfTokenRepository with
> > > > >> following
> > > > >>>>> code -
> > > > >>>>>
> > > > >>>>> .csrfTokenRepository(csrfTokenRepository())
> > > > >>>>>
> > > > >>>>> private CsrfTokenRepository csrfTokenRepository() {
> > > > >>>>> HttpSessionCsrfTokenRepository repository = new
> > > > >>>> HttpSessionCsrfTokenRepository();
> > > > >>>>> repository.setHeaderName("X-XSRF-TOKEN");
> > > > >>>>> return repository;
> > > > >>>>> }
> > > > >>>>>
> > > > >>>>> Thank you for all your help,
> > > > >>>>>
> > > > >>>>>
> > > > >>>>> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> > > > >>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > > > >>>>>
> > > > >>>>>> Hi Rishi,
> > > > >>>>>>
> > > > >>>>>> I got to the bottom of it. Basically, the session is replaced
> in
> > > > >> Spring
> > > > >>>>>> filter, but caching happens based on the old version which
> > doesn't
> > > > >> have
> > > > >>>>>> security attributes. The fix is going to be very easy, I will
> do
> > > it
> > > > >>>>>> tomorrow.
> > > > >>>>>>
> > > > >>>>>> -Val
> > > > >>>>>>
> > > > >>>>>> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik <
> > > rishiyagnik@gmail.com <javascript:;>
> > > > >
> > > > >>>>>> wrote:
> > > > >>>>>>
> > > > >>>>>>> Val,
> > > > >>>>>>>
> > > > >>>>>>> Did you get chance to play around with the code ?
> > > > >>>>>>>
> > > > >>>>>>> Thanks,
> > > > >>>>>>>
> > > > >>>>>>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
> > > > rishiyagnik@gmail.com <javascript:;>>
> > > > >>>>>>> wrote:
> > > > >>>>>>>
> > > > >>>>>>>> Val,
> > > > >>>>>>>>
> > > > >>>>>>>> Adding a filter before csrf filter will invoke the custom
> > ignite
> > > > >>>>>> filter.
> > > > >>>>>>>>
> > > > >>>>>>>> Declare a custom filter class extends it with websession
> > filter
> > > > >>>>>>>>
> > > > >>>>>>>> public class CustomWebSessionFilter extends
> WebSessionFilter {
> > > > >>>>>>>>
> > > > >>>>>>>> private static boolean igniteInitialize = false
> > > > >>>>>>>>
> > > > >>>>>>>> @Override public void doFilter(ServletRequest req,
> > > ServletResponse
> > > > >>>>>> res,
> > > > >>>>>>>> FilterChain chain)
> > > > >>>>>>>> throws IOException, ServletException {
> > > > >>>>>>>> if(!igniteInitialize) {
> > > > >>>>>>>> super.init(new FilterConfig() {
> > > > >>>>>>>> @Override
> > > > >>>>>>>> public String getFilterName() {
> > > > >>>>>>>> return "CustomWebSessionFilter";
> > > > >>>>>>>> }
> > > > >>>>>>>>
> > > > >>>>>>>> @Override
> > > > >>>>>>>> public ServletContext getServletContext() {
> > > > >>>>>>>> return req.getServletContext();
> > > > >>>>>>>> }
> > > > >>>>>>>>
> > > > >>>>>>>> @Override
> > > > >>>>>>>> public String getInitParameter(String name) {
> > > > >>>>>>>> return null;
> > > > >>>>>>>> }
> > > > >>>>>>>>
> > > > >>>>>>>> @Override
> > > > >>>>>>>> public Enumeration<String>
> > > getInitParameterNames() {
> > > > >>>>>>>> return null;
> > > > >>>>>>>> }
> > > > >>>>>>>> });
> > > > >>>>>>>> igniteInitialize = true;
> > > > >>>>>>>> }
> > > > >>>>>>>> super.doFilter(req,res,chain);
> > > > >>>>>>>> }
> > > > >>>>>>>> }
> > > > >>>>>>>>
> > > > >>>>>>>> And in SecurityConfig.java add following line to invoke
> filter
> > > > >>>> before
> > > > >>>>>>>> Ignite Web Session filter -
> > > > >>>>>>>>
> > > > >>>>>>>> .addFilterBefore(new ArWebSessionFilter(), CsrfFilter.class)
> > > > >>>>>>>>
> > > > >>>>>>>> Hope it helps..
> > > > >>>>>>>>
> > > > >>>>>>>> Thanks,
> > > > >>>>>>>>
> > > > >>>>>>>> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
> > > > >>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > > > >>>>>>>>
> > > > >>>>>>>>> Rishi,
> > > > >>>>>>>>>
> > > > >>>>>>>>> Can you please share how you forced Ignite filter to be
> > invoked
> > > > >>>>>> before
> > > > >>>>>>>>> security filter?
> > > > >>>>>>>>>
> > > > >>>>>>>>> -Val
> > > > >>>>>>>>>
> > > > >>>>>>>>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik <
> > > > >>>> rishiyagnik@gmail.com <javascript:;>
> > > > >>>>>>>
> > > > >>>>>>>>> wrote:
> > > > >>>>>>>>>
> > > > >>>>>>>>>> Hi Val,
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> Thanks for the response, we have executed ignite filter
> > before
> > > > >>>>>> spring
> > > > >>>>>>>>>> security filter but somehow the ignite filter does not do
> > the
> > > > job
> > > > >>>>>> of
> > > > >>>>>>>>>> setting spring principle context.
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> As a result even though we have spring principle in
> session,
> > > > >>>> spring
> > > > >>>>>>>>> filter
> > > > >>>>>>>>>> does not recognize it and sends us back to log in page.
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> I think there s some more work needed here to change the
> > > filter
> > > > >>>> and
> > > > >>>>>>> make
> > > > >>>>>>>>>> it work with spring boot application.
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> Take Care,
> > > > >>>>>>>>>> Rishi
> > > > >>>>>>>>>>
> > > > >>>>>>>>>>> On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
> > > > >>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > > > >>>>>>>>>>>
> > > > >>>>>>>>>>> Hi Rishi,
> > > > >>>>>>>>>>>
> > > > >>>>>>>>>>> I did some debugging. Apparently, the reason for this
> > > behavior
> > > > >>>> is
> > > > >>>>>>> that
> > > > >>>>>>>>>>> Spring Security filter resides before Ignite's filter in
> > the
> > > > >>>>>> chain
> > > > >>>>>>>>> list.
> > > > >>>>>>>>>> I
> > > > >>>>>>>>>>> think that eventually this should be fixed in the
> product,
> > > but
> > > > >>>> in
> > > > >>>>>>> the
> > > > >>>>>>>>>>> meantime there must be a way to work around the problem
> by
> > > > >>>>>>> controlling
> > > > >>>>>>>>>> the
> > > > >>>>>>>>>>> order. Do you know how this can be done in Spring Boot?
> > > > >>>>>>>>>>>
> > > > >>>>>>>>>>> -Val
> > > > >>>>>>>>>>>
> > > > >>>>>>>>>>>> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik <
> > > > >>>>>>> rishiyagnik@gmail.com <javascript:;>
> > > > >>>>>>>>>>
> > > > >>>>>>>>>> wrote:
> > > > >>>>>>>>>>>>
> > > > >>>>>>>>>>>> Hi Val,
> > > > >>>>>>>>>>>>
> > > > >>>>>>>>>>>> Sorry for pestering, thanks for all your help.
> > > > >>>>>>>>>>>>
> > > > >>>>>>>>>>>> Rishi
> > > > >>>>>>>>>>>>
> > > > >>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:22 PM, Valentin Kulichenko <
> > > > >>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > > > >>>>>>>>>>>>
> > > > >>>>>>>>>>>>> Hi Rishi,
> > > > >>>>>>>>>>>>>
> > > > >>>>>>>>>>>>> Sorry, not yet. But this on my short list of TODOs,
> will
> > > try
> > > > >>>> to
> > > > >>>>>>>>> give an
> > > > >>>>>>>>>>>>> update as soon as possible.
> > > > >>>>>>>>>>>>>
> > > > >>>>>>>>>>>>> -Val
> > > > >>>>>>>>>>>>>
> > > > >>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik <
> > > > >>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > > > >>>>>>>>>>>>> wrote:
> > > > >>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>> Hi Val,
> > > > >>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>> any update on session replication issue ?
> > > > >>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>> Thanks,
> > > > >>>>>>>>>>>>>> Rishi
> > > > >>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>> On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik <
> > > > >>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > > > >>>>>>>>>>>>>> wrote:
> > > > >>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>> Thanks Val for looking into it.
> > > > >>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>> On Wed, Feb 22, 2017 at 9:32 PM, Valentin Kulichenko
> <
> > > > >>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > > > >>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>> Hi Rishi,
> > > > >>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>> Got it, I think I'm reproducing the issue. I'll
> take a
> > > > >>>> look
> > > > >>>>>> and
> > > > >>>>>>>>> let
> > > > >>>>>>>>>>>>> you
> > > > >>>>>>>>>>>>>>>> know my findings soon.
> > > > >>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>> -Val
> > > > >>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <
> > > > >>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > > > >>>>>>>>>>>>>>>> wrote:
> > > > >>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>> Hi Val,
> > > > >>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>> The issue will occur in cluster environment, please
> > > setup
> > > > >>>>>> the
> > > > >>>>>>>>>>>> spring
> > > > >>>>>>>>>>>>>>>> boot
> > > > >>>>>>>>>>>>>>>>> on 2 different host with LB (F5 OR Reverse proxy)
> in
> > > > >>>> front
> > > > >>>>>> and
> > > > >>>>>>>>> try
> > > > >>>>>>>>>>>>> to
> > > > >>>>>>>>>>>>>>>>> login.
> > > > >>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>> In cluster environment, Spring security does not
> > > > >>>> recognize
> > > > >>>>>> the
> > > > >>>>>>>>>>>>> session
> > > > >>>>>>>>>>>>>>>> on
> > > > >>>>>>>>>>>>>>>>> the host you are not logged in, as a result, spring
> > > > >>>>>> security
> > > > >>>>>>>>> will
> > > > >>>>>>>>>>>>>>>> redirect
> > > > >>>>>>>>>>>>>>>>> to login url however the correct behavior should be
> > > that
> > > > >>>>>> user
> > > > >>>>>>>>>>>> would
> > > > >>>>>>>>>>>>>> stay
> > > > >>>>>>>>>>>>>>>>> logged in with session replication.
> > > > >>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>> Do let me know if you need more information.
> > > > >>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>> Thanks,
> > > > >>>>>>>>>>>>>>>>> Rishi
> > > > >>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:08 PM, Valentin
> Kulichenko
> > <
> > > > >>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> wrote:
> > > > >>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>> Hi Rishi,
> > > > >>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>> I was able to build and run the application. Can
> you
> > > > >>>> give
> > > > >>>>>>> some
> > > > >>>>>>>>>>>>>>>>> description
> > > > >>>>>>>>>>>>>>>>>> on what should I test to understand the issue?
> What
> > > > >>>>>> exactly
> > > > >>>>>>>>>>>> didn't
> > > > >>>>>>>>>>>>>>>> work
> > > > >>>>>>>>>>>>>>>>> for
> > > > >>>>>>>>>>>>>>>>>> you?
> > > > >>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>> -Val
> > > > >>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 10:52 AM, Valentin
> > Kulichenko
> > > <
> > > > >>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> > wrote:
> > > > >>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>> Hi Rishi,
> > > > >>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>> Thanks, I'll take a look.
> > > > >>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>> -Val
> > > > >>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik <
> > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > > > >>>>>>>>>>>>>>>>>>> wrote:
> > > > >>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>> Hi Val,
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>> As promised, please find attached code for
> spring
> > > boot
> > > > >>>>>>>>>>>>>> integration
> > > > >>>>>>>>>>>>>>>>> with
> > > > >>>>>>>>>>>>>>>>>>>> spring security along with Ignite.
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>> Some more information on project -
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>> - It is a maven project ( Ignite 1.7.0, SB
> 1.4.3 )
> > > > >>>>>>>>>>>>>>>>>>>> - spring security integrated with boot project
> > along
> > > > >>>>>> with
> > > > >>>>>>>>>>>>>> ignite
> > > > >>>>>>>>>>>>>>>>>>>> - HttpSessionCookieCsrfTokenRepository does not
> > > > >>>> work,
> > > > >>>>>>>>>>>> gives
> > > > >>>>>>>>>>>>>>>>>>>> intermediate errors on single instance so used
> > > > >>>>>>>>>>>>>>>>>> CookieCsrfTokenRepository
> > > > >>>>>>>>>>>>>>>>>>>> for CSRF token, again I think we need a fix here
> > > > >>>> from
> > > > >>>>>>>>>>>>> Ignite.
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>> I cant reproduce this errors while I am running
> on
> > > > >>>>>> single
> > > > >>>>>>>>>>>>>> instance,
> > > > >>>>>>>>>>>>>>>>> you
> > > > >>>>>>>>>>>>>>>>>>>> need to run this app on 2 spring boot instance
> > > having
> > > > >>>>>> proxy
> > > > >>>>>>>>>>>> in
> > > > >>>>>>>>>>>>>>>> front (
> > > > >>>>>>>>>>>>>>>>>> F5,
> > > > >>>>>>>>>>>>>>>>>>>> OR any proxy ) with round robin fashion ( no
> > sticky
> > > > >>>>>> session
> > > > >>>>>>>>>>>> on
> > > > >>>>>>>>>>>>> F5
> > > > >>>>>>>>>>>>>>>> OR
> > > > >>>>>>>>>>>>>>>>>>>> proxies ).
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>> We were thinking with round robin the user
> session
> > > > >>>> will
> > > > >>>>>>>>>>>> active
> > > > >>>>>>>>>>>>>>>> since
> > > > >>>>>>>>>>>>>>>>> we
> > > > >>>>>>>>>>>>>>>>>>>> used session replication on backend.
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>> Do let me know if you need more information
> here.
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>> Thanks,
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>> Rishi
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 9:57 PM, Rishi Yagnik <
> > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > > > >>>>>>>>>>>>>>>>>>>> wrote:
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>> Val,
> > > > >>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>> My SB sample project is ready however I have
> > asked
> > > > >>>> for
> > > > >>>>>> an
> > > > >>>>>>>>>>>>>>>> approval to
> > > > >>>>>>>>>>>>>>>>>>>>> submit sample project to you, it would take day
> > or
> > > > >>>> two.
> > > > >>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>> I will keep you posted.
> > > > >>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>> Thanks for all your help,
> > > > >>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi Yagnik <
> > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>
> > > > >>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>> wrote:
> > > > >>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>> Let me build an example app for you and send
> it
> > > > >>>>>> across to
> > > > >>>>>>>>>>>>> you.
> > > > >>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>> Thanks,
> > > > >>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin
> > > > >>>> Kulichenko <
> > > > >>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> > wrote:
> > > > >>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>> Rishi,
> > > > >>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>> No I don't, and I think that's what we should
> > > start
> > > > >>>>>>> with.
> > > > >>>>>>>>>>>> I
> > > > >>>>>>>>>>>>>>>> want to
> > > > >>>>>>>>>>>>>>>>>>>>>>> understand a use case that is currently not
> > > > >>>> supported
> > > > >>>>>>> (if
> > > > >>>>>>>>>>>>> any)
> > > > >>>>>>>>>>>>>>>> and
> > > > >>>>>>>>>>>>>>>>>> then
> > > > >>>>>>>>>>>>>>>>>>>>>>> find the best solution. And I would like to
> > reuse
> > > > >>>>>>> existing
> > > > >>>>>>>>>>>>>> code
> > > > >>>>>>>>>>>>>>>> as
> > > > >>>>>>>>>>>>>>>>>>>>>>> much as
> > > > >>>>>>>>>>>>>>>>>>>>>>> possible.
> > > > >>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>> Do you have any code that reproduces the
> > problem
> > > > >>>> you
> > > > >>>>>> had
> > > > >>>>>>>>>>>> and
> > > > >>>>>>>>>>>>>> how
> > > > >>>>>>>>>>>>>>>>> you
> > > > >>>>>>>>>>>>>>>>>>>>>>> tried
> > > > >>>>>>>>>>>>>>>>>>>>>>> to utilize current web session clustering?
> Can
> > > you
> > > > >>>>>> share
> > > > >>>>>>>>>>>> it
> > > > >>>>>>>>>>>>>> with
> > > > >>>>>>>>>>>>>>>>> us?
> > > > >>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>> -Val
> > > > >>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi
> Yagnik
> > <
> > > > >>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > > > >>>>>>>>>>>>>>>>>>>>>>> wrote:
> > > > >>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
> > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>> I am working on SB platform with spring
> > security
> > > > >>>>>> and we
> > > > >>>>>>>>>>>>>> found
> > > > >>>>>>>>>>>>>>>> out
> > > > >>>>>>>>>>>>>>>>>>>>>>> that the
> > > > >>>>>>>>>>>>>>>>>>>>>>>> web session filter ignite provides does not
> > work
> > > > >>>> for
> > > > >>>>>>>>>>>>> session
> > > > >>>>>>>>>>>>>>>>>>>>>>> management on
> > > > >>>>>>>>>>>>>>>>>>>>>>>> 2 node spring boot cluster.
> > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>> Somehow, spring security filter kicks in
> > result
> > > in
> > > > >>>>>> some
> > > > >>>>>>>>>>>>>> weird
> > > > >>>>>>>>>>>>>>>>>> errors
> > > > >>>>>>>>>>>>>>>>>>>>>>> with
> > > > >>>>>>>>>>>>>>>>>>>>>>>> web session filter.
> > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>> So making compatible with spring security
> > > somehow,
> > > > >>>>>> we
> > > > >>>>>>>>>>>> need
> > > > >>>>>>>>>>>>>> to
> > > > >>>>>>>>>>>>>>>>> write
> > > > >>>>>>>>>>>>>>>>>>>>>>>> implementation on spring session.
> > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>> Do you have any test cases that says web
> > session
> > > > >>>>>> filter
> > > > >>>>>>>>>>>>>> would
> > > > >>>>>>>>>>>>>>>>> work
> > > > >>>>>>>>>>>>>>>>>>>>>>> with
> > > > >>>>>>>>>>>>>>>>>>>>>>>> spring security on boot platform ?
> > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>> Thanks,
> > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 1:03 PM, Valentin
> > > > >>>>>> Kulichenko <
> > > > >>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
> <javascript:;>>
> > wrote:
> > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>> Can you please take a look at web session
> > > > >>>>>> clustering
> > > > >>>>>>>>>>>>>> feature
> > > > >>>>>>>>>>>>>>>>> [1]
> > > > >>>>>>>>>>>>>>>>>>>>>>> provided
> > > > >>>>>>>>>>>>>>>>>>>>>>>>> by Ignite? I'm looking at Spring Session
> docs
> > > and
> > > > >>>>>> it
> > > > >>>>>>>>>>>>> seems
> > > > >>>>>>>>>>>>>>>> to
> > > > >>>>>>>>>>>>>>>>> me
> > > > >>>>>>>>>>>>>>>>>>>>>>> it does
> > > > >>>>>>>>>>>>>>>>>>>>>>>>> exactly the same - replaces HttpSession
> with
> > > > >>>> custom
> > > > >>>>>>>>>>>>>>>>>> implementation
> > > > >>>>>>>>>>>>>>>>>>>>>>> that
> > > > >>>>>>>>>>>>>>>>>>>>>>>> has
> > > > >>>>>>>>>>>>>>>>>>>>>>>>> a backend storage. If it doesn't provide
> any
> > > > >>>>>>>>>>>> additional
> > > > >>>>>>>>>>>>>> API
> > > > >>>>>>>>>>>>>>>> or
> > > > >>>>>>>>>>>>>>>>>>>>>>>>> functionality, I'm not sure I understand
> the
> > > > >>>>>> benefit
> > > > >>>>>>>>>>>> of
> > > > >>>>>>>>>>>>>> this
> > > > >>>>>>>>>>>>>>>>>>>>>>> feature.
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>> Let me know if I'm missing something.
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>> [1] https://apacheignite-mix.
> > > > >>>>>>>>>>>>> readme.io/docs/web-session-
> > > > >>>>>>>>>>>>>>>>>> clustering
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>> -Val
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>> On Mon, Feb 13, 2017 at 2:41 PM, Rishi
> > Yagnik <
> > > > >>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>> wrote:
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>> I would like to discuss session
> replication
> > /
> > > > >>>> fail
> > > > >>>>>>>>>>>>> over
> > > > >>>>>>>>>>>>>>>>> design
> > > > >>>>>>>>>>>>>>>>>> on
> > > > >>>>>>>>>>>>>>>>>>>>>>>> spring
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>> boot platform and wanted to find what is
> the
> > > > >>>> best
> > > > >>>>>>>>>>>> out
> > > > >>>>>>>>>>>>> to
> > > > >>>>>>>>>>>>>>>> get
> > > > >>>>>>>>>>>>>>>>>>>>>>> started
> > > > >>>>>>>>>>>>>>>>>>>>>>>>> here ?
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>> Possible approaches are as follows -
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>> - Make use of Spring Session for session
> > > > >>>>>>>>>>>>> replication
> > > > >>>>>>>>>>>>>>>> and
> > > > >>>>>>>>>>>>>>>>>> fail
> > > > >>>>>>>>>>>>>>>>>>>>>>> over
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>> - Extend the web session filter and make
> it
> > > > >>>> work
> > > > >>>>>>>>>>>> on
> > > > >>>>>>>>>>>>>>>> spring
> > > > >>>>>>>>>>>>>>>>>>>>>>> boot
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>> application
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>> I am thinking that best approach would be
> to
> > > get
> > > > >>>>>>>>>>>>> started
> > > > >>>>>>>>>>>>>>>> here
> > > > >>>>>>>>>>>>>>>>>>>>>>> with
> > > > >>>>>>>>>>>>>>>>>>>>>>>> spring
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>> session design however I am open for
> > feedback
> > > > >>>>>> here.
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>> --
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>> --
> > > > >>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>> --
> > > > >>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > > > >>>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>> --
> > > > >>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > > > >>>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>> --
> > > > >>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > > > >>>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>> --
> > > > >>>>>>>>>>>>>>>>> Rishi Yagnik
> > > > >>>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>> --
> > > > >>>>>>>>>>>>>>> Rishi Yagnik
> > > > >>>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>> --
> > > > >>>>>>>>>>>>>> Rishi Yagnik
> > > > >>>>>>>>>>>>>>
> > > > >>>>>>>>>>>>>
> > > > >>>>>>>>>>>>
> > > > >>>>>>>>>>>>
> > > > >>>>>>>>>>>>
> > > > >>>>>>>>>>>> --
> > > > >>>>>>>>>>>> Rishi Yagnik
> > > > >>>>>>>>>>>>
> > > > >>>>>>>>>>
> > > > >>>>>>>>>
> > > > >>>>>>>>
> > > > >>>>>>>>
> > > > >>>>>>>>
> > > > >>>>>>>> --
> > > > >>>>>>>> Rishi Yagnik
> > > > >>>>>>>>
> > > > >>>>>>>
> > > > >>>>>>>
> > > > >>>>>>>
> > > > >>>>>>> --
> > > > >>>>>>> Rishi Yagnik
> > > > >>>>>>>
> > > > >>>>>>
> > > > >>>>>
> > > > >>>>>
> > > > >>>>>
> > > > >>>>> --
> > > > >>>>> Rishi Yagnik
> > > > >>>>>
> > > > >>>>
> > > > >>>>
> > > > >>>>
> > > > >>>> --
> > > > >>>> Rishi Yagnik
> > > > >>>>
> > > > >>
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Rishi Yagnik
> > > >
> > > >
> > >
> >
> >
> >
> > --
> > Rishi Yagnik
> >
>
Re: IGNITE-2741 - spring session design
Posted by Valentin Kulichenko <va...@gmail.com>.
Hi Rishi,
Good news :) Thanks for letting me know.
-Val
On Thu, Apr 13, 2017 at 9:29 PM, Rishi Yagnik <ri...@gmail.com> wrote:
> Hello Val,
>
> I debug further and found out that issue exist with SPA ( Angular APP ) and
> it needs a fix on their end so don't worry about it.
>
> Next week, I will deploy it in a cluster and let you know if that fixes
> session replication issue on cluster.
>
> Thanks,
> Rishi
>
>
> On Thu, Apr 13, 2017 at 7:55 AM, Rishi Yagnik <ri...@gmail.com>
> wrote:
>
> > Val,
> >
> > Yes I would provide you the exact steps today and I will also test it in
> > cluster environment.
> >
> > The local environment is working as expected with the fix.
> >
> > Take Care,
> > Rishi
> >
> > > On Apr 13, 2017, at 2:18 AM, Valentin Kulichenko <
> > valentin.kulichenko@gmail.com> wrote:
> > >
> > > Rishi,
> > >
> > > Can you tell exact steps to reproduce? It's working for me in my
> > > environment.
> > >
> > > Do I understand correctly that apart from the token issue, it works
> fine
> > > with new version?
> > >
> > > -Val
> > >
> > > On Wed, Apr 12, 2017 at 10:00 PM, Rishi Yagnik <ri...@gmail.com>
> > > wrote:
> > >
> > >> Val,
> > >>
> > >> I build it from master s and was able to integrate with our app, but
> as
> > I
> > >> mentioned to you previously, I see the XSRF-Token errors in debug log,
> > >>
> > >> [DEBUG] [XNIO-2 task-4] org.springframework.security.
> > web.FilterChainProxy
> > >> -
> > >> /app/xxx/yyy/zz/A at position 3 of 13 in additional filter chain;
> firing
> > >> Filter: 'HeaderWriterFilter'
> > >> [DEBUG] [XNIO-2 task-4] org.springframework.security.
> > web.FilterChainProxy
> > >> -
> > >> /app/xxx/yyy/zz/A at position 4 of 13 in additional filter chain;
> firing
> > >> Filter: 'CsrfFilter'
> > >>
> > >> [DEBUG] [XNIO-2 task-4] org.springframework.security.
> web.csrf.CsrfFilter
> > -
> > >> Invalid CSRF token found for http://localhost:9002/app/xxx/yyy/zz/A
> > >>
> > >> And, then after, CSRF filter does not like the session, redirects to
> > /403
> > >> error.
> > >>
> > >> Just wondering why the XSRF Token is not being saved in the session ?
> > >>
> > >> More debugging is require for sure..
> > >>
> > >> of course there is a work around to the problem, I can just use Cookie
> > >> based Token repository to avoid this issue.
> > >>
> > >> .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
> > >>
> > >>
> > >> will let you know my findings..
> > >>
> > >> As always, thanks for all your help.
> > >>
> > >> Thanks,
> > >> Rishi
> > >>
> > >>
> > >> On Tue, Apr 11, 2017 at 4:18 PM, Rishi Yagnik <ri...@gmail.com>
> > >> wrote:
> > >>
> > >>> Hi Val,
> > >>>
> > >>> I will build it from master s and let you know by tomorrow.
> > >>>
> > >>> Thanks,
> > >>>
> > >>>
> > >>> On Tue, Apr 11, 2017 at 3:53 PM, Valentin Kulichenko <
> > >>> valentin.kulichenko@gmail.com> wrote:
> > >>>
> > >>>> Hi Rishi,
> > >>>>
> > >>>> What was the issue with the HttpSessionCsrfTokenRepository? I
> didn't
> > >> have
> > >>>> any problems after I added code you provided.
> > >>>>
> > >>>> The fix for [1] is already in master. Can you try building from
> there
> > >> and
> > >>>> check if everything works fine for you?
> > >>>>
> > >>>> [1] https://issues.apache.org/jira/browse/IGNITE-4948
> > >>>>
> > >>>> -Val
> > >>>>
> > >>>> On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda <dm...@gridgain.com>
> > >> wrote:
> > >>>>
> > >>>>> Somewhere in April. This will be clarified on the dev list soon.
> > >>>>>
> > >>>>> On Saturday, March 18, 2017, Rishi Yagnik <ri...@gmail.com>
> > >>>> wrote:
> > >>>>>
> > >>>>>> Thanks, Val.
> > >>>>>>
> > >>>>>> When are we going to release Ignite 2.0 ? June ??
> > >>>>>>
> > >>>>>> Thanks,
> > >>>>>>
> > >>>>>> On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
> > >>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > >>>>>>
> > >>>>>>> Denis,
> > >>>>>>>
> > >>>>>>> Yes, this should be possible. I will try to finalize the fix
> asap.
> > >>>>>>>
> > >>>>>>> -Val
> > >>>>>>>
> > >>>>>>> On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda <dmagda@apache.org
> > >>>>>> <javascript:;>> wrote:
> > >>>>>>>
> > >>>>>>>> Val,
> > >>>>>>>>
> > >>>>>>>> Will it be possible to incorporate the fix into the nearest 2.0
> > >>>>>> release?
> > >>>>>>>>
> > >>>>>>>> —
> > >>>>>>>> Denis
> > >>>>>>>>
> > >>>>>>>>> On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <
> > >>>> rishiyagnik@gmail.com
> > >>>>>> <javascript:;>>
> > >>>>>>>> wrote:
> > >>>>>>>>>
> > >>>>>>>>> Hi Val,
> > >>>>>>>>>
> > >>>>>>>>> Hope you are well, any update on web session clustering.
> > >>>>>>>>>
> > >>>>>>>>> Thanks,
> > >>>>>>>>> Rishi
> > >>>>>>>>>
> > >>>>>>>>> On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
> > >>>>>> rishiyagnik@gmail.com <javascript:;>>
> > >>>>>>>>> wrote:
> > >>>>>>>>>
> > >>>>>>>>>> Hi Val,
> > >>>>>>>>>>
> > >>>>>>>>>> Thanks looking forward for the fix..
> > >>>>>>>>>>
> > >>>>>>>>>> Take Care,
> > >>>>>>>>>> Rishi
> > >>>>>>>>>>
> > >>>>>>>>>>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> > >>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > >>>>>>>>>>>
> > >>>>>>>>>>> Hi Rishi,
> > >>>>>>>>>>>
> > >>>>>>>>>>> I want to fix the bug first. It takes a bit longer than I
> > >>>>> thought,
> > >>>>>>> but
> > >>>>>>>> I
> > >>>>>>>>>>> should finish it over the weekend.
> > >>>>>>>>>>>
> > >>>>>>>>>>> -Val
> > >>>>>>>>>>>
> > >>>>>>>>>>>> On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
> > >>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > >>>>>>>>>> wrote:
> > >>>>>>>>>>>>
> > >>>>>>>>>>>> Hi Val,
> > >>>>>>>>>>>>
> > >>>>>>>>>>>> Did you chance to look into session handling issue ?
> > >>>>>>>>>>>>
> > >>>>>>>>>>>> Thanks,
> > >>>>>>>>>>>>
> > >>>>>>>>>>>> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <
> > >>>>>> rishiyagnik@gmail.com <javascript:;>
> > >>>>>>>>
> > >>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>
> > >>>>>>>>>>>>> Hi Val,
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> Do you think I can test a fix in 1.9 RC releases ? How are
> > >>>> you
> > >>>>>>>> planning
> > >>>>>>>>>>>> to
> > >>>>>>>>>>>>> release a fix ?
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> Did you also look into problem where storing xsrf token in
> > >>>>> Ignite
> > >>>>>>>>>> returns
> > >>>>>>>>>>>>> an exception and does not behave as expected ?
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> In SecurityConfig.java use HttpSessionCsrfTokenRepository
> > >>>> with
> > >>>>>>>>>> following
> > >>>>>>>>>>>>> code -
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> .csrfTokenRepository(csrfTokenRepository())
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> private CsrfTokenRepository csrfTokenRepository() {
> > >>>>>>>>>>>>> HttpSessionCsrfTokenRepository repository = new
> > >>>>>>>>>>>> HttpSessionCsrfTokenRepository();
> > >>>>>>>>>>>>> repository.setHeaderName("X-XSRF-TOKEN");
> > >>>>>>>>>>>>> return repository;
> > >>>>>>>>>>>>> }
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> Thank you for all your help,
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> > >>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>>> Hi Rishi,
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>> I got to the bottom of it. Basically, the session is
> > >>>> replaced
> > >>>>> in
> > >>>>>>>>>> Spring
> > >>>>>>>>>>>>>> filter, but caching happens based on the old version
> > >> which
> > >>>>>> doesn't
> > >>>>>>>>>> have
> > >>>>>>>>>>>>>> security attributes. The fix is going to be very easy, I
> > >>>> will
> > >>>>> do
> > >>>>>>> it
> > >>>>>>>>>>>>>> tomorrow.
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik <
> > >>>>>>> rishiyagnik@gmail.com <javascript:;>
> > >>>>>>>>>
> > >>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>> Val,
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>> Did you get chance to play around with the code ?
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>> Thanks,
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
> > >>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > >>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> Val,
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> Adding a filter before csrf filter will invoke the
> > >> custom
> > >>>>>> ignite
> > >>>>>>>>>>>>>> filter.
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> Declare a custom filter class extends it with
> > >> websession
> > >>>>>> filter
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> public class CustomWebSessionFilter extends
> > >>>>> WebSessionFilter {
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> private static boolean igniteInitialize = false
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> @Override public void doFilter(ServletRequest req,
> > >>>>>>> ServletResponse
> > >>>>>>>>>>>>>> res,
> > >>>>>>>>>>>>>>>> FilterChain chain)
> > >>>>>>>>>>>>>>>> throws IOException, ServletException {
> > >>>>>>>>>>>>>>>> if(!igniteInitialize) {
> > >>>>>>>>>>>>>>>> super.init(new FilterConfig() {
> > >>>>>>>>>>>>>>>> @Override
> > >>>>>>>>>>>>>>>> public String getFilterName() {
> > >>>>>>>>>>>>>>>> return "CustomWebSessionFilter";
> > >>>>>>>>>>>>>>>> }
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> @Override
> > >>>>>>>>>>>>>>>> public ServletContext
> > >> getServletContext() {
> > >>>>>>>>>>>>>>>> return req.getServletContext();
> > >>>>>>>>>>>>>>>> }
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> @Override
> > >>>>>>>>>>>>>>>> public String getInitParameter(String
> > >>>> name) {
> > >>>>>>>>>>>>>>>> return null;
> > >>>>>>>>>>>>>>>> }
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> @Override
> > >>>>>>>>>>>>>>>> public Enumeration<String>
> > >>>>>>> getInitParameterNames() {
> > >>>>>>>>>>>>>>>> return null;
> > >>>>>>>>>>>>>>>> }
> > >>>>>>>>>>>>>>>> });
> > >>>>>>>>>>>>>>>> igniteInitialize = true;
> > >>>>>>>>>>>>>>>> }
> > >>>>>>>>>>>>>>>> super.doFilter(req,res,chain);
> > >>>>>>>>>>>>>>>> }
> > >>>>>>>>>>>>>>>> }
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> And in SecurityConfig.java add following line to invoke
> > >>>>> filter
> > >>>>>>>>>>>> before
> > >>>>>>>>>>>>>>>> Ignite Web Session filter -
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> .addFilterBefore(new ArWebSessionFilter(),
> > >>>> CsrfFilter.class)
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> Hope it helps..
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> Thanks,
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
> > >>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>> Rishi,
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>> Can you please share how you forced Ignite filter to
> > >> be
> > >>>>>> invoked
> > >>>>>>>>>>>>>> before
> > >>>>>>>>>>>>>>>>> security filter?
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik <
> > >>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>> Hi Val,
> > >>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>> Thanks for the response, we have executed ignite
> > >> filter
> > >>>>>> before
> > >>>>>>>>>>>>>> spring
> > >>>>>>>>>>>>>>>>>> security filter but somehow the ignite filter does
> > >> not
> > >>>> do
> > >>>>>> the
> > >>>>>>>> job
> > >>>>>>>>>>>>>> of
> > >>>>>>>>>>>>>>>>>> setting spring principle context.
> > >>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>> As a result even though we have spring principle in
> > >>>>> session,
> > >>>>>>>>>>>> spring
> > >>>>>>>>>>>>>>>>> filter
> > >>>>>>>>>>>>>>>>>> does not recognize it and sends us back to log in
> > >> page.
> > >>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>> I think there s some more work needed here to change
> > >>>> the
> > >>>>>>> filter
> > >>>>>>>>>>>> and
> > >>>>>>>>>>>>>>> make
> > >>>>>>>>>>>>>>>>>> it work with spring boot application.
> > >>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>> Take Care,
> > >>>>>>>>>>>>>>>>>> Rishi
> > >>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>> On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
> > >>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > >>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>> Hi Rishi,
> > >>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>> I did some debugging. Apparently, the reason for
> > >> this
> > >>>>>>> behavior
> > >>>>>>>>>>>> is
> > >>>>>>>>>>>>>>> that
> > >>>>>>>>>>>>>>>>>>> Spring Security filter resides before Ignite's
> > >> filter
> > >>>> in
> > >>>>>> the
> > >>>>>>>>>>>>>> chain
> > >>>>>>>>>>>>>>>>> list.
> > >>>>>>>>>>>>>>>>>> I
> > >>>>>>>>>>>>>>>>>>> think that eventually this should be fixed in the
> > >>>>> product,
> > >>>>>>> but
> > >>>>>>>>>>>> in
> > >>>>>>>>>>>>>>> the
> > >>>>>>>>>>>>>>>>>>> meantime there must be a way to work around the
> > >>>> problem
> > >>>>> by
> > >>>>>>>>>>>>>>> controlling
> > >>>>>>>>>>>>>>>>>> the
> > >>>>>>>>>>>>>>>>>>> order. Do you know how this can be done in Spring
> > >>>> Boot?
> > >>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik <
> > >>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>
> > >>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> Hi Val,
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> Sorry for pestering, thanks for all your help.
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> Rishi
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:22 PM, Valentin
> > >> Kulichenko
> > >>>> <
> > >>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> > >> wrote:
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>> Hi Rishi,
> > >>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>> Sorry, not yet. But this on my short list of
> > >> TODOs,
> > >>>>> will
> > >>>>>>> try
> > >>>>>>>>>>>> to
> > >>>>>>>>>>>>>>>>> give an
> > >>>>>>>>>>>>>>>>>>>>> update as soon as possible.
> > >>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik <
> > >>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > >>>>>>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>> Hi Val,
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>> any update on session replication issue ?
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>> Thanks,
> > >>>>>>>>>>>>>>>>>>>>>> Rishi
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>> On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik <
> > >>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > >>>>>>>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>> Thanks Val for looking into it.
> > >>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>> On Wed, Feb 22, 2017 at 9:32 PM, Valentin
> > >>>> Kulichenko
> > >>>>> <
> > >>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> > >>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>> Got it, I think I'm reproducing the issue. I'll
> > >>>>> take a
> > >>>>>>>>>>>> look
> > >>>>>>>>>>>>>> and
> > >>>>>>>>>>>>>>>>> let
> > >>>>>>>>>>>>>>>>>>>>> you
> > >>>>>>>>>>>>>>>>>>>>>>>> know my findings soon.
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <
> > >>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > >>>>>>>>>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>> The issue will occur in cluster environment,
> > >>>> please
> > >>>>>>> setup
> > >>>>>>>>>>>>>> the
> > >>>>>>>>>>>>>>>>>>>> spring
> > >>>>>>>>>>>>>>>>>>>>>>>> boot
> > >>>>>>>>>>>>>>>>>>>>>>>>> on 2 different host with LB (F5 OR Reverse
> > >>>> proxy)
> > >>>>> in
> > >>>>>>>>>>>> front
> > >>>>>>>>>>>>>> and
> > >>>>>>>>>>>>>>>>> try
> > >>>>>>>>>>>>>>>>>>>>> to
> > >>>>>>>>>>>>>>>>>>>>>>>>> login.
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>> In cluster environment, Spring security does
> > >> not
> > >>>>>>>>>>>> recognize
> > >>>>>>>>>>>>>> the
> > >>>>>>>>>>>>>>>>>>>>> session
> > >>>>>>>>>>>>>>>>>>>>>>>> on
> > >>>>>>>>>>>>>>>>>>>>>>>>> the host you are not logged in, as a result,
> > >>>> spring
> > >>>>>>>>>>>>>> security
> > >>>>>>>>>>>>>>>>> will
> > >>>>>>>>>>>>>>>>>>>>>>>> redirect
> > >>>>>>>>>>>>>>>>>>>>>>>>> to login url however the correct behavior
> > >>>> should be
> > >>>>>>> that
> > >>>>>>>>>>>>>> user
> > >>>>>>>>>>>>>>>>>>>> would
> > >>>>>>>>>>>>>>>>>>>>>> stay
> > >>>>>>>>>>>>>>>>>>>>>>>>> logged in with session replication.
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>> Do let me know if you need more information.
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>> Thanks,
> > >>>>>>>>>>>>>>>>>>>>>>>>> Rishi
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:08 PM, Valentin
> > >>>>> Kulichenko
> > >>>>>> <
> > >>>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> > >>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
> > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>> I was able to build and run the application.
> > >>>> Can
> > >>>>> you
> > >>>>>>>>>>>> give
> > >>>>>>>>>>>>>>> some
> > >>>>>>>>>>>>>>>>>>>>>>>>> description
> > >>>>>>>>>>>>>>>>>>>>>>>>>> on what should I test to understand the
> > >> issue?
> > >>>>> What
> > >>>>>>>>>>>>>> exactly
> > >>>>>>>>>>>>>>>>>>>> didn't
> > >>>>>>>>>>>>>>>>>>>>>>>> work
> > >>>>>>>>>>>>>>>>>>>>>>>>> for
> > >>>>>>>>>>>>>>>>>>>>>>>>>> you?
> > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 10:52 AM, Valentin
> > >>>>>> Kulichenko
> > >>>>>>> <
> > >>>>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
> > >> <javascript:;>>
> > >>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks, I'll take a look.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 9:07 AM, Rishi
> > >> Yagnik
> > >>>> <
> > >>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> As promised, please find attached code for
> > >>>>> spring
> > >>>>>>> boot
> > >>>>>>>>>>>>>>>>>>>>>> integration
> > >>>>>>>>>>>>>>>>>>>>>>>>> with
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> spring security along with Ignite.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> Some more information on project -
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> - It is a maven project ( Ignite 1.7.0, SB
> > >>>>> 1.4.3 )
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> - spring security integrated with boot
> > >>>> project
> > >>>>>> along
> > >>>>>>>>>>>>>> with
> > >>>>>>>>>>>>>>>>>>>>>> ignite
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> - HttpSessionCookieCsrfTokenRepository
> > >> does
> > >>>> not
> > >>>>>>>>>>>> work,
> > >>>>>>>>>>>>>>>>>>>> gives
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> intermediate errors on single instance so
> > >>>> used
> > >>>>>>>>>>>>>>>>>>>>>>>>>> CookieCsrfTokenRepository
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> for CSRF token, again I think we need a fix
> > >>>> here
> > >>>>>>>>>>>> from
> > >>>>>>>>>>>>>>>>>>>>> Ignite.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> I cant reproduce this errors while I am
> > >>>> running
> > >>>>> on
> > >>>>>>>>>>>>>> single
> > >>>>>>>>>>>>>>>>>>>>>> instance,
> > >>>>>>>>>>>>>>>>>>>>>>>>> you
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> need to run this app on 2 spring boot
> > >>>> instance
> > >>>>>>> having
> > >>>>>>>>>>>>>> proxy
> > >>>>>>>>>>>>>>>>>>>> in
> > >>>>>>>>>>>>>>>>>>>>>>>> front (
> > >>>>>>>>>>>>>>>>>>>>>>>>>> F5,
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> OR any proxy ) with round robin fashion (
> > >> no
> > >>>>>> sticky
> > >>>>>>>>>>>>>> session
> > >>>>>>>>>>>>>>>>>>>> on
> > >>>>>>>>>>>>>>>>>>>>> F5
> > >>>>>>>>>>>>>>>>>>>>>>>> OR
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> proxies ).
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> We were thinking with round robin the user
> > >>>>> session
> > >>>>>>>>>>>> will
> > >>>>>>>>>>>>>>>>>>>> active
> > >>>>>>>>>>>>>>>>>>>>>>>> since
> > >>>>>>>>>>>>>>>>>>>>>>>>> we
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> used session replication on backend.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> Do let me know if you need more information
> > >>>>> here.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks,
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 9:57 PM, Rishi
> > >>>> Yagnik <
> > >>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Val,
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>> My SB sample project is ready however I
> > >> have
> > >>>>>> asked
> > >>>>>>>>>>>> for
> > >>>>>>>>>>>>>> an
> > >>>>>>>>>>>>>>>>>>>>>>>> approval to
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>> submit sample project to you, it would
> > >> take
> > >>>> day
> > >>>>>> or
> > >>>>>>>>>>>> two.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>> I will keep you posted.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks for all your help,
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi
> > >>>> Yagnik <
> > >>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Let me build an example app for you and
> > >>>> send
> > >>>>> it
> > >>>>>>>>>>>>>> across to
> > >>>>>>>>>>>>>>>>>>>>> you.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks,
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin
> > >>>>>>>>>>>> Kulichenko <
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
> > >>>> <javascript:;>>
> > >>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi,
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> No I don't, and I think that's what we
> > >>>> should
> > >>>>>>> start
> > >>>>>>>>>>>>>>> with.
> > >>>>>>>>>>>>>>>>>>>> I
> > >>>>>>>>>>>>>>>>>>>>>>>> want to
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> understand a use case that is currently
> > >>>> not
> > >>>>>>>>>>>> supported
> > >>>>>>>>>>>>>>> (if
> > >>>>>>>>>>>>>>>>>>>>> any)
> > >>>>>>>>>>>>>>>>>>>>>>>> and
> > >>>>>>>>>>>>>>>>>>>>>>>>>> then
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> find the best solution. And I would like
> > >>>> to
> > >>>>>> reuse
> > >>>>>>>>>>>>>>> existing
> > >>>>>>>>>>>>>>>>>>>>>> code
> > >>>>>>>>>>>>>>>>>>>>>>>> as
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> much as
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> possible.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Do you have any code that reproduces the
> > >>>>>> problem
> > >>>>>>>>>>>> you
> > >>>>>>>>>>>>>> had
> > >>>>>>>>>>>>>>>>>>>> and
> > >>>>>>>>>>>>>>>>>>>>>> how
> > >>>>>>>>>>>>>>>>>>>>>>>>> you
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> tried
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> to utilize current web session
> > >> clustering?
> > >>>>> Can
> > >>>>>>> you
> > >>>>>>>>>>>>>> share
> > >>>>>>>>>>>>>>>>>>>> it
> > >>>>>>>>>>>>>>>>>>>>>> with
> > >>>>>>>>>>>>>>>>>>>>>>>>> us?
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi
> > >>>>> Yagnik
> > >>>>>> <
> > >>>>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> I am working on SB platform with spring
> > >>>>>> security
> > >>>>>>>>>>>>>> and we
> > >>>>>>>>>>>>>>>>>>>>>> found
> > >>>>>>>>>>>>>>>>>>>>>>>> out
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> that the
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> web session filter ignite provides does
> > >>>> not
> > >>>>>> work
> > >>>>>>>>>>>> for
> > >>>>>>>>>>>>>>>>>>>>> session
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> management on
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 2 node spring boot cluster.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Somehow, spring security filter kicks
> > >> in
> > >>>>>> result
> > >>>>>>> in
> > >>>>>>>>>>>>>> some
> > >>>>>>>>>>>>>>>>>>>>>> weird
> > >>>>>>>>>>>>>>>>>>>>>>>>>> errors
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> with
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> web session filter.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> So making compatible with spring
> > >> security
> > >>>>>>> somehow,
> > >>>>>>>>>>>>>> we
> > >>>>>>>>>>>>>>>>>>>> need
> > >>>>>>>>>>>>>>>>>>>>>> to
> > >>>>>>>>>>>>>>>>>>>>>>>>> write
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> implementation on spring session.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Do you have any test cases that says
> > >> web
> > >>>>>> session
> > >>>>>>>>>>>>>> filter
> > >>>>>>>>>>>>>>>>>>>>>> would
> > >>>>>>>>>>>>>>>>>>>>>>>>> work
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> with
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> spring security on boot platform ?
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks,
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 1:03 PM,
> > >> Valentin
> > >>>>>>>>>>>>>> Kulichenko <
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
> > >>>>> <javascript:;>>
> > >>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Can you please take a look at web
> > >>>> session
> > >>>>>>>>>>>>>> clustering
> > >>>>>>>>>>>>>>>>>>>>>> feature
> > >>>>>>>>>>>>>>>>>>>>>>>>> [1]
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> provided
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> by Ignite? I'm looking at Spring
> > >> Session
> > >>>>> docs
> > >>>>>>> and
> > >>>>>>>>>>>>>> it
> > >>>>>>>>>>>>>>>>>>>>> seems
> > >>>>>>>>>>>>>>>>>>>>>>>> to
> > >>>>>>>>>>>>>>>>>>>>>>>>> me
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> it does
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> exactly the same - replaces
> > >> HttpSession
> > >>>>> with
> > >>>>>>>>>>>> custom
> > >>>>>>>>>>>>>>>>>>>>>>>>>> implementation
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> that
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> has
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> a backend storage. If it doesn't
> > >> provide
> > >>>>> any
> > >>>>>>>>>>>>>>>>>>>> additional
> > >>>>>>>>>>>>>>>>>>>>>> API
> > >>>>>>>>>>>>>>>>>>>>>>>> or
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> functionality, I'm not sure I
> > >> understand
> > >>>>> the
> > >>>>>>>>>>>>>> benefit
> > >>>>>>>>>>>>>>>>>>>> of
> > >>>>>>>>>>>>>>>>>>>>>> this
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> feature.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Let me know if I'm missing something.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> [1] https://apacheignite-mix.
> > >>>>>>>>>>>>>>>>>>>>> readme.io/docs/web-session-
> > >>>>>>>>>>>>>>>>>>>>>>>>>> clustering
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -Val
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Mon, Feb 13, 2017 at 2:41 PM, Rishi
> > >>>>>> Yagnik <
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> I would like to discuss session
> > >>>>> replication
> > >>>>>> /
> > >>>>>>>>>>>> fail
> > >>>>>>>>>>>>>>>>>>>>> over
> > >>>>>>>>>>>>>>>>>>>>>>>>> design
> > >>>>>>>>>>>>>>>>>>>>>>>>>> on
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> spring
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> boot platform and wanted to find what
> > >>>> is
> > >>>>> the
> > >>>>>>>>>>>> best
> > >>>>>>>>>>>>>>>>>>>> out
> > >>>>>>>>>>>>>>>>>>>>> to
> > >>>>>>>>>>>>>>>>>>>>>>>> get
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> started
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> here ?
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Possible approaches are as follows -
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - Make use of Spring Session for
> > >>>> session
> > >>>>>>>>>>>>>>>>>>>>> replication
> > >>>>>>>>>>>>>>>>>>>>>>>> and
> > >>>>>>>>>>>>>>>>>>>>>>>>>> fail
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> over
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - Extend the web session filter and
> > >>>> make
> > >>>>> it
> > >>>>>>>>>>>> work
> > >>>>>>>>>>>>>>>>>>>> on
> > >>>>>>>>>>>>>>>>>>>>>>>> spring
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> boot
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> application
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> I am thinking that best approach
> > >> would
> > >>>> be
> > >>>>> to
> > >>>>>>> get
> > >>>>>>>>>>>>>>>>>>>>> started
> > >>>>>>>>>>>>>>>>>>>>>>>> here
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> with
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> spring
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> session design however I am open for
> > >>>>>> feedback
> > >>>>>>>>>>>>>> here.
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>> --
> > >>>>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> --
> > >>>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>
> > >>>>>>>>>>>>
> > >>>>>>>>>>>>
> > >>>>>>>>>>>> --
> > >>>>>>>>>>>> Rishi Yagnik
> > >>>>>>>>>>>>
> > >>>>>>>>>>
> > >>>>>>>>>
> > >>>>>>>>>
> > >>>>>>>>>
> > >>>>>>>>> --
> > >>>>>>>>> Rishi Yagnik
> > >>>>>>>>
> > >>>>>>>>
> > >>>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> --
> > >>>>>> Rishi Yagnik
> > >>>>>>
> > >>>>>
> > >>>>
> > >>>
> > >>>
> > >>>
> > >>> --
> > >>> Rishi Yagnik
> > >>>
> > >>
> > >>
> > >>
> > >> --
> > >> Rishi Yagnik
> > >>
> >
>
>
>
> --
> Rishi Yagnik
>
Re: IGNITE-2741 - spring session design
Posted by Rishi Yagnik <ri...@gmail.com>.
Hello Val,
I debug further and found out that issue exist with SPA ( Angular APP ) and
it needs a fix on their end so don't worry about it.
Next week, I will deploy it in a cluster and let you know if that fixes
session replication issue on cluster.
Thanks,
Rishi
On Thu, Apr 13, 2017 at 7:55 AM, Rishi Yagnik <ri...@gmail.com> wrote:
> Val,
>
> Yes I would provide you the exact steps today and I will also test it in
> cluster environment.
>
> The local environment is working as expected with the fix.
>
> Take Care,
> Rishi
>
> > On Apr 13, 2017, at 2:18 AM, Valentin Kulichenko <
> valentin.kulichenko@gmail.com> wrote:
> >
> > Rishi,
> >
> > Can you tell exact steps to reproduce? It's working for me in my
> > environment.
> >
> > Do I understand correctly that apart from the token issue, it works fine
> > with new version?
> >
> > -Val
> >
> > On Wed, Apr 12, 2017 at 10:00 PM, Rishi Yagnik <ri...@gmail.com>
> > wrote:
> >
> >> Val,
> >>
> >> I build it from master s and was able to integrate with our app, but as
> I
> >> mentioned to you previously, I see the XSRF-Token errors in debug log,
> >>
> >> [DEBUG] [XNIO-2 task-4] org.springframework.security.
> web.FilterChainProxy
> >> -
> >> /app/xxx/yyy/zz/A at position 3 of 13 in additional filter chain; firing
> >> Filter: 'HeaderWriterFilter'
> >> [DEBUG] [XNIO-2 task-4] org.springframework.security.
> web.FilterChainProxy
> >> -
> >> /app/xxx/yyy/zz/A at position 4 of 13 in additional filter chain; firing
> >> Filter: 'CsrfFilter'
> >>
> >> [DEBUG] [XNIO-2 task-4] org.springframework.security.web.csrf.CsrfFilter
> -
> >> Invalid CSRF token found for http://localhost:9002/app/xxx/yyy/zz/A
> >>
> >> And, then after, CSRF filter does not like the session, redirects to
> /403
> >> error.
> >>
> >> Just wondering why the XSRF Token is not being saved in the session ?
> >>
> >> More debugging is require for sure..
> >>
> >> of course there is a work around to the problem, I can just use Cookie
> >> based Token repository to avoid this issue.
> >>
> >> .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
> >>
> >>
> >> will let you know my findings..
> >>
> >> As always, thanks for all your help.
> >>
> >> Thanks,
> >> Rishi
> >>
> >>
> >> On Tue, Apr 11, 2017 at 4:18 PM, Rishi Yagnik <ri...@gmail.com>
> >> wrote:
> >>
> >>> Hi Val,
> >>>
> >>> I will build it from master s and let you know by tomorrow.
> >>>
> >>> Thanks,
> >>>
> >>>
> >>> On Tue, Apr 11, 2017 at 3:53 PM, Valentin Kulichenko <
> >>> valentin.kulichenko@gmail.com> wrote:
> >>>
> >>>> Hi Rishi,
> >>>>
> >>>> What was the issue with the HttpSessionCsrfTokenRepository? I didn't
> >> have
> >>>> any problems after I added code you provided.
> >>>>
> >>>> The fix for [1] is already in master. Can you try building from there
> >> and
> >>>> check if everything works fine for you?
> >>>>
> >>>> [1] https://issues.apache.org/jira/browse/IGNITE-4948
> >>>>
> >>>> -Val
> >>>>
> >>>> On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda <dm...@gridgain.com>
> >> wrote:
> >>>>
> >>>>> Somewhere in April. This will be clarified on the dev list soon.
> >>>>>
> >>>>> On Saturday, March 18, 2017, Rishi Yagnik <ri...@gmail.com>
> >>>> wrote:
> >>>>>
> >>>>>> Thanks, Val.
> >>>>>>
> >>>>>> When are we going to release Ignite 2.0 ? June ??
> >>>>>>
> >>>>>> Thanks,
> >>>>>>
> >>>>>> On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
> >>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> >>>>>>
> >>>>>>> Denis,
> >>>>>>>
> >>>>>>> Yes, this should be possible. I will try to finalize the fix asap.
> >>>>>>>
> >>>>>>> -Val
> >>>>>>>
> >>>>>>> On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda <dmagda@apache.org
> >>>>>> <javascript:;>> wrote:
> >>>>>>>
> >>>>>>>> Val,
> >>>>>>>>
> >>>>>>>> Will it be possible to incorporate the fix into the nearest 2.0
> >>>>>> release?
> >>>>>>>>
> >>>>>>>> —
> >>>>>>>> Denis
> >>>>>>>>
> >>>>>>>>> On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <
> >>>> rishiyagnik@gmail.com
> >>>>>> <javascript:;>>
> >>>>>>>> wrote:
> >>>>>>>>>
> >>>>>>>>> Hi Val,
> >>>>>>>>>
> >>>>>>>>> Hope you are well, any update on web session clustering.
> >>>>>>>>>
> >>>>>>>>> Thanks,
> >>>>>>>>> Rishi
> >>>>>>>>>
> >>>>>>>>> On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
> >>>>>> rishiyagnik@gmail.com <javascript:;>>
> >>>>>>>>> wrote:
> >>>>>>>>>
> >>>>>>>>>> Hi Val,
> >>>>>>>>>>
> >>>>>>>>>> Thanks looking forward for the fix..
> >>>>>>>>>>
> >>>>>>>>>> Take Care,
> >>>>>>>>>> Rishi
> >>>>>>>>>>
> >>>>>>>>>>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> >>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> >>>>>>>>>>>
> >>>>>>>>>>> Hi Rishi,
> >>>>>>>>>>>
> >>>>>>>>>>> I want to fix the bug first. It takes a bit longer than I
> >>>>> thought,
> >>>>>>> but
> >>>>>>>> I
> >>>>>>>>>>> should finish it over the weekend.
> >>>>>>>>>>>
> >>>>>>>>>>> -Val
> >>>>>>>>>>>
> >>>>>>>>>>>> On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
> >>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >>>>>>>>>> wrote:
> >>>>>>>>>>>>
> >>>>>>>>>>>> Hi Val,
> >>>>>>>>>>>>
> >>>>>>>>>>>> Did you chance to look into session handling issue ?
> >>>>>>>>>>>>
> >>>>>>>>>>>> Thanks,
> >>>>>>>>>>>>
> >>>>>>>>>>>> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <
> >>>>>> rishiyagnik@gmail.com <javascript:;>
> >>>>>>>>
> >>>>>>>>>>>> wrote:
> >>>>>>>>>>>>
> >>>>>>>>>>>>> Hi Val,
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Do you think I can test a fix in 1.9 RC releases ? How are
> >>>> you
> >>>>>>>> planning
> >>>>>>>>>>>> to
> >>>>>>>>>>>>> release a fix ?
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Did you also look into problem where storing xsrf token in
> >>>>> Ignite
> >>>>>>>>>> returns
> >>>>>>>>>>>>> an exception and does not behave as expected ?
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> In SecurityConfig.java use HttpSessionCsrfTokenRepository
> >>>> with
> >>>>>>>>>> following
> >>>>>>>>>>>>> code -
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> .csrfTokenRepository(csrfTokenRepository())
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> private CsrfTokenRepository csrfTokenRepository() {
> >>>>>>>>>>>>> HttpSessionCsrfTokenRepository repository = new
> >>>>>>>>>>>> HttpSessionCsrfTokenRepository();
> >>>>>>>>>>>>> repository.setHeaderName("X-XSRF-TOKEN");
> >>>>>>>>>>>>> return repository;
> >>>>>>>>>>>>> }
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Thank you for all your help,
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> >>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> Hi Rishi,
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> I got to the bottom of it. Basically, the session is
> >>>> replaced
> >>>>> in
> >>>>>>>>>> Spring
> >>>>>>>>>>>>>> filter, but caching happens based on the old version
> >> which
> >>>>>> doesn't
> >>>>>>>>>> have
> >>>>>>>>>>>>>> security attributes. The fix is going to be very easy, I
> >>>> will
> >>>>> do
> >>>>>>> it
> >>>>>>>>>>>>>> tomorrow.
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> -Val
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik <
> >>>>>>> rishiyagnik@gmail.com <javascript:;>
> >>>>>>>>>
> >>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> Val,
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> Did you get chance to play around with the code ?
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> Thanks,
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
> >>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >>>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Val,
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Adding a filter before csrf filter will invoke the
> >> custom
> >>>>>> ignite
> >>>>>>>>>>>>>> filter.
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Declare a custom filter class extends it with
> >> websession
> >>>>>> filter
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> public class CustomWebSessionFilter extends
> >>>>> WebSessionFilter {
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> private static boolean igniteInitialize = false
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> @Override public void doFilter(ServletRequest req,
> >>>>>>> ServletResponse
> >>>>>>>>>>>>>> res,
> >>>>>>>>>>>>>>>> FilterChain chain)
> >>>>>>>>>>>>>>>> throws IOException, ServletException {
> >>>>>>>>>>>>>>>> if(!igniteInitialize) {
> >>>>>>>>>>>>>>>> super.init(new FilterConfig() {
> >>>>>>>>>>>>>>>> @Override
> >>>>>>>>>>>>>>>> public String getFilterName() {
> >>>>>>>>>>>>>>>> return "CustomWebSessionFilter";
> >>>>>>>>>>>>>>>> }
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> @Override
> >>>>>>>>>>>>>>>> public ServletContext
> >> getServletContext() {
> >>>>>>>>>>>>>>>> return req.getServletContext();
> >>>>>>>>>>>>>>>> }
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> @Override
> >>>>>>>>>>>>>>>> public String getInitParameter(String
> >>>> name) {
> >>>>>>>>>>>>>>>> return null;
> >>>>>>>>>>>>>>>> }
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> @Override
> >>>>>>>>>>>>>>>> public Enumeration<String>
> >>>>>>> getInitParameterNames() {
> >>>>>>>>>>>>>>>> return null;
> >>>>>>>>>>>>>>>> }
> >>>>>>>>>>>>>>>> });
> >>>>>>>>>>>>>>>> igniteInitialize = true;
> >>>>>>>>>>>>>>>> }
> >>>>>>>>>>>>>>>> super.doFilter(req,res,chain);
> >>>>>>>>>>>>>>>> }
> >>>>>>>>>>>>>>>> }
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> And in SecurityConfig.java add following line to invoke
> >>>>> filter
> >>>>>>>>>>>> before
> >>>>>>>>>>>>>>>> Ignite Web Session filter -
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> .addFilterBefore(new ArWebSessionFilter(),
> >>>> CsrfFilter.class)
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Hope it helps..
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Thanks,
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
> >>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> Rishi,
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> Can you please share how you forced Ignite filter to
> >> be
> >>>>>> invoked
> >>>>>>>>>>>>>> before
> >>>>>>>>>>>>>>>>> security filter?
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> -Val
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik <
> >>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>> Hi Val,
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>> Thanks for the response, we have executed ignite
> >> filter
> >>>>>> before
> >>>>>>>>>>>>>> spring
> >>>>>>>>>>>>>>>>>> security filter but somehow the ignite filter does
> >> not
> >>>> do
> >>>>>> the
> >>>>>>>> job
> >>>>>>>>>>>>>> of
> >>>>>>>>>>>>>>>>>> setting spring principle context.
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>> As a result even though we have spring principle in
> >>>>> session,
> >>>>>>>>>>>> spring
> >>>>>>>>>>>>>>>>> filter
> >>>>>>>>>>>>>>>>>> does not recognize it and sends us back to log in
> >> page.
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>> I think there s some more work needed here to change
> >>>> the
> >>>>>>> filter
> >>>>>>>>>>>> and
> >>>>>>>>>>>>>>> make
> >>>>>>>>>>>>>>>>>> it work with spring boot application.
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>> Take Care,
> >>>>>>>>>>>>>>>>>> Rishi
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>> On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
> >>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>> Hi Rishi,
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>> I did some debugging. Apparently, the reason for
> >> this
> >>>>>>> behavior
> >>>>>>>>>>>> is
> >>>>>>>>>>>>>>> that
> >>>>>>>>>>>>>>>>>>> Spring Security filter resides before Ignite's
> >> filter
> >>>> in
> >>>>>> the
> >>>>>>>>>>>>>> chain
> >>>>>>>>>>>>>>>>> list.
> >>>>>>>>>>>>>>>>>> I
> >>>>>>>>>>>>>>>>>>> think that eventually this should be fixed in the
> >>>>> product,
> >>>>>>> but
> >>>>>>>>>>>> in
> >>>>>>>>>>>>>>> the
> >>>>>>>>>>>>>>>>>>> meantime there must be a way to work around the
> >>>> problem
> >>>>> by
> >>>>>>>>>>>>>>> controlling
> >>>>>>>>>>>>>>>>>> the
> >>>>>>>>>>>>>>>>>>> order. Do you know how this can be done in Spring
> >>>> Boot?
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>> -Val
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik <
> >>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> Hi Val,
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> Sorry for pestering, thanks for all your help.
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> Rishi
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:22 PM, Valentin
> >> Kulichenko
> >>>> <
> >>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> >> wrote:
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>> Hi Rishi,
> >>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>> Sorry, not yet. But this on my short list of
> >> TODOs,
> >>>>> will
> >>>>>>> try
> >>>>>>>>>>>> to
> >>>>>>>>>>>>>>>>> give an
> >>>>>>>>>>>>>>>>>>>>> update as soon as possible.
> >>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>> -Val
> >>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik <
> >>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >>>>>>>>>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>> Hi Val,
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>> any update on session replication issue ?
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>> Thanks,
> >>>>>>>>>>>>>>>>>>>>>> Rishi
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>> On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik <
> >>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >>>>>>>>>>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>> Thanks Val for looking into it.
> >>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>> On Wed, Feb 22, 2017 at 9:32 PM, Valentin
> >>>> Kulichenko
> >>>>> <
> >>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> >>>> wrote:
> >>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>> Got it, I think I'm reproducing the issue. I'll
> >>>>> take a
> >>>>>>>>>>>> look
> >>>>>>>>>>>>>> and
> >>>>>>>>>>>>>>>>> let
> >>>>>>>>>>>>>>>>>>>>> you
> >>>>>>>>>>>>>>>>>>>>>>>> know my findings soon.
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>> -Val
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <
> >>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >>>>>>>>>>>>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>> The issue will occur in cluster environment,
> >>>> please
> >>>>>>> setup
> >>>>>>>>>>>>>> the
> >>>>>>>>>>>>>>>>>>>> spring
> >>>>>>>>>>>>>>>>>>>>>>>> boot
> >>>>>>>>>>>>>>>>>>>>>>>>> on 2 different host with LB (F5 OR Reverse
> >>>> proxy)
> >>>>> in
> >>>>>>>>>>>> front
> >>>>>>>>>>>>>> and
> >>>>>>>>>>>>>>>>> try
> >>>>>>>>>>>>>>>>>>>>> to
> >>>>>>>>>>>>>>>>>>>>>>>>> login.
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>> In cluster environment, Spring security does
> >> not
> >>>>>>>>>>>> recognize
> >>>>>>>>>>>>>> the
> >>>>>>>>>>>>>>>>>>>>> session
> >>>>>>>>>>>>>>>>>>>>>>>> on
> >>>>>>>>>>>>>>>>>>>>>>>>> the host you are not logged in, as a result,
> >>>> spring
> >>>>>>>>>>>>>> security
> >>>>>>>>>>>>>>>>> will
> >>>>>>>>>>>>>>>>>>>>>>>> redirect
> >>>>>>>>>>>>>>>>>>>>>>>>> to login url however the correct behavior
> >>>> should be
> >>>>>>> that
> >>>>>>>>>>>>>> user
> >>>>>>>>>>>>>>>>>>>> would
> >>>>>>>>>>>>>>>>>>>>>> stay
> >>>>>>>>>>>>>>>>>>>>>>>>> logged in with session replication.
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>> Do let me know if you need more information.
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>> Thanks,
> >>>>>>>>>>>>>>>>>>>>>>>>> Rishi
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:08 PM, Valentin
> >>>>> Kulichenko
> >>>>>> <
> >>>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> >>>>> wrote:
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
> >>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>> I was able to build and run the application.
> >>>> Can
> >>>>> you
> >>>>>>>>>>>> give
> >>>>>>>>>>>>>>> some
> >>>>>>>>>>>>>>>>>>>>>>>>> description
> >>>>>>>>>>>>>>>>>>>>>>>>>> on what should I test to understand the
> >> issue?
> >>>>> What
> >>>>>>>>>>>>>> exactly
> >>>>>>>>>>>>>>>>>>>> didn't
> >>>>>>>>>>>>>>>>>>>>>>>> work
> >>>>>>>>>>>>>>>>>>>>>>>>> for
> >>>>>>>>>>>>>>>>>>>>>>>>>> you?
> >>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>> -Val
> >>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 10:52 AM, Valentin
> >>>>>> Kulichenko
> >>>>>>> <
> >>>>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
> >> <javascript:;>>
> >>>>>> wrote:
> >>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
> >>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks, I'll take a look.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>> -Val
> >>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 9:07 AM, Rishi
> >> Yagnik
> >>>> <
> >>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> As promised, please find attached code for
> >>>>> spring
> >>>>>>> boot
> >>>>>>>>>>>>>>>>>>>>>> integration
> >>>>>>>>>>>>>>>>>>>>>>>>> with
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> spring security along with Ignite.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> Some more information on project -
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> - It is a maven project ( Ignite 1.7.0, SB
> >>>>> 1.4.3 )
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> - spring security integrated with boot
> >>>> project
> >>>>>> along
> >>>>>>>>>>>>>> with
> >>>>>>>>>>>>>>>>>>>>>> ignite
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> - HttpSessionCookieCsrfTokenRepository
> >> does
> >>>> not
> >>>>>>>>>>>> work,
> >>>>>>>>>>>>>>>>>>>> gives
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> intermediate errors on single instance so
> >>>> used
> >>>>>>>>>>>>>>>>>>>>>>>>>> CookieCsrfTokenRepository
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> for CSRF token, again I think we need a fix
> >>>> here
> >>>>>>>>>>>> from
> >>>>>>>>>>>>>>>>>>>>> Ignite.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> I cant reproduce this errors while I am
> >>>> running
> >>>>> on
> >>>>>>>>>>>>>> single
> >>>>>>>>>>>>>>>>>>>>>> instance,
> >>>>>>>>>>>>>>>>>>>>>>>>> you
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> need to run this app on 2 spring boot
> >>>> instance
> >>>>>>> having
> >>>>>>>>>>>>>> proxy
> >>>>>>>>>>>>>>>>>>>> in
> >>>>>>>>>>>>>>>>>>>>>>>> front (
> >>>>>>>>>>>>>>>>>>>>>>>>>> F5,
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> OR any proxy ) with round robin fashion (
> >> no
> >>>>>> sticky
> >>>>>>>>>>>>>> session
> >>>>>>>>>>>>>>>>>>>> on
> >>>>>>>>>>>>>>>>>>>>> F5
> >>>>>>>>>>>>>>>>>>>>>>>> OR
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> proxies ).
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> We were thinking with round robin the user
> >>>>> session
> >>>>>>>>>>>> will
> >>>>>>>>>>>>>>>>>>>> active
> >>>>>>>>>>>>>>>>>>>>>>>> since
> >>>>>>>>>>>>>>>>>>>>>>>>> we
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> used session replication on backend.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> Do let me know if you need more information
> >>>>> here.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks,
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 9:57 PM, Rishi
> >>>> Yagnik <
> >>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Val,
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> My SB sample project is ready however I
> >> have
> >>>>>> asked
> >>>>>>>>>>>> for
> >>>>>>>>>>>>>> an
> >>>>>>>>>>>>>>>>>>>>>>>> approval to
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> submit sample project to you, it would
> >> take
> >>>> day
> >>>>>> or
> >>>>>>>>>>>> two.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> I will keep you posted.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks for all your help,
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi
> >>>> Yagnik <
> >>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>
> >>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Let me build an example app for you and
> >>>> send
> >>>>> it
> >>>>>>>>>>>>>> across to
> >>>>>>>>>>>>>>>>>>>>> you.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks,
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin
> >>>>>>>>>>>> Kulichenko <
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
> >>>> <javascript:;>>
> >>>>>> wrote:
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi,
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> No I don't, and I think that's what we
> >>>> should
> >>>>>>> start
> >>>>>>>>>>>>>>> with.
> >>>>>>>>>>>>>>>>>>>> I
> >>>>>>>>>>>>>>>>>>>>>>>> want to
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> understand a use case that is currently
> >>>> not
> >>>>>>>>>>>> supported
> >>>>>>>>>>>>>>> (if
> >>>>>>>>>>>>>>>>>>>>> any)
> >>>>>>>>>>>>>>>>>>>>>>>> and
> >>>>>>>>>>>>>>>>>>>>>>>>>> then
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> find the best solution. And I would like
> >>>> to
> >>>>>> reuse
> >>>>>>>>>>>>>>> existing
> >>>>>>>>>>>>>>>>>>>>>> code
> >>>>>>>>>>>>>>>>>>>>>>>> as
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> much as
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> possible.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Do you have any code that reproduces the
> >>>>>> problem
> >>>>>>>>>>>> you
> >>>>>>>>>>>>>> had
> >>>>>>>>>>>>>>>>>>>> and
> >>>>>>>>>>>>>>>>>>>>>> how
> >>>>>>>>>>>>>>>>>>>>>>>>> you
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> tried
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> to utilize current web session
> >> clustering?
> >>>>> Can
> >>>>>>> you
> >>>>>>>>>>>>>> share
> >>>>>>>>>>>>>>>>>>>> it
> >>>>>>>>>>>>>>>>>>>>>> with
> >>>>>>>>>>>>>>>>>>>>>>>>> us?
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -Val
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi
> >>>>> Yagnik
> >>>>>> <
> >>>>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> I am working on SB platform with spring
> >>>>>> security
> >>>>>>>>>>>>>> and we
> >>>>>>>>>>>>>>>>>>>>>> found
> >>>>>>>>>>>>>>>>>>>>>>>> out
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> that the
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> web session filter ignite provides does
> >>>> not
> >>>>>> work
> >>>>>>>>>>>> for
> >>>>>>>>>>>>>>>>>>>>> session
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> management on
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 2 node spring boot cluster.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Somehow, spring security filter kicks
> >> in
> >>>>>> result
> >>>>>>> in
> >>>>>>>>>>>>>> some
> >>>>>>>>>>>>>>>>>>>>>> weird
> >>>>>>>>>>>>>>>>>>>>>>>>>> errors
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> with
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> web session filter.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> So making compatible with spring
> >> security
> >>>>>>> somehow,
> >>>>>>>>>>>>>> we
> >>>>>>>>>>>>>>>>>>>> need
> >>>>>>>>>>>>>>>>>>>>>> to
> >>>>>>>>>>>>>>>>>>>>>>>>> write
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> implementation on spring session.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Do you have any test cases that says
> >> web
> >>>>>> session
> >>>>>>>>>>>>>> filter
> >>>>>>>>>>>>>>>>>>>>>> would
> >>>>>>>>>>>>>>>>>>>>>>>>> work
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> with
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> spring security on boot platform ?
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks,
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 1:03 PM,
> >> Valentin
> >>>>>>>>>>>>>> Kulichenko <
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
> >>>>> <javascript:;>>
> >>>>>> wrote:
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Can you please take a look at web
> >>>> session
> >>>>>>>>>>>>>> clustering
> >>>>>>>>>>>>>>>>>>>>>> feature
> >>>>>>>>>>>>>>>>>>>>>>>>> [1]
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> provided
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> by Ignite? I'm looking at Spring
> >> Session
> >>>>> docs
> >>>>>>> and
> >>>>>>>>>>>>>> it
> >>>>>>>>>>>>>>>>>>>>> seems
> >>>>>>>>>>>>>>>>>>>>>>>> to
> >>>>>>>>>>>>>>>>>>>>>>>>> me
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> it does
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> exactly the same - replaces
> >> HttpSession
> >>>>> with
> >>>>>>>>>>>> custom
> >>>>>>>>>>>>>>>>>>>>>>>>>> implementation
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> that
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> has
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> a backend storage. If it doesn't
> >> provide
> >>>>> any
> >>>>>>>>>>>>>>>>>>>> additional
> >>>>>>>>>>>>>>>>>>>>>> API
> >>>>>>>>>>>>>>>>>>>>>>>> or
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> functionality, I'm not sure I
> >> understand
> >>>>> the
> >>>>>>>>>>>>>> benefit
> >>>>>>>>>>>>>>>>>>>> of
> >>>>>>>>>>>>>>>>>>>>>> this
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> feature.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Let me know if I'm missing something.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> [1] https://apacheignite-mix.
> >>>>>>>>>>>>>>>>>>>>> readme.io/docs/web-session-
> >>>>>>>>>>>>>>>>>>>>>>>>>> clustering
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -Val
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Mon, Feb 13, 2017 at 2:41 PM, Rishi
> >>>>>> Yagnik <
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> I would like to discuss session
> >>>>> replication
> >>>>>> /
> >>>>>>>>>>>> fail
> >>>>>>>>>>>>>>>>>>>>> over
> >>>>>>>>>>>>>>>>>>>>>>>>> design
> >>>>>>>>>>>>>>>>>>>>>>>>>> on
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> spring
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> boot platform and wanted to find what
> >>>> is
> >>>>> the
> >>>>>>>>>>>> best
> >>>>>>>>>>>>>>>>>>>> out
> >>>>>>>>>>>>>>>>>>>>> to
> >>>>>>>>>>>>>>>>>>>>>>>> get
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> started
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> here ?
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Possible approaches are as follows -
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - Make use of Spring Session for
> >>>> session
> >>>>>>>>>>>>>>>>>>>>> replication
> >>>>>>>>>>>>>>>>>>>>>>>> and
> >>>>>>>>>>>>>>>>>>>>>>>>>> fail
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> over
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - Extend the web session filter and
> >>>> make
> >>>>> it
> >>>>>>>>>>>> work
> >>>>>>>>>>>>>>>>>>>> on
> >>>>>>>>>>>>>>>>>>>>>>>> spring
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> boot
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> application
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> I am thinking that best approach
> >> would
> >>>> be
> >>>>> to
> >>>>>>> get
> >>>>>>>>>>>>>>>>>>>>> started
> >>>>>>>>>>>>>>>>>>>>>>>> here
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> with
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> spring
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> session design however I am open for
> >>>>>> feedback
> >>>>>>>>>>>>>> here.
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> --
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> --
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> --
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> --
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> --
> >>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>> --
> >>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>> --
> >>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>> --
> >>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>> --
> >>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> --
> >>>>>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> --
> >>>>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> --
> >>>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>> --
> >>>>>>>>>>>> Rishi Yagnik
> >>>>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> --
> >>>>>>>>> Rishi Yagnik
> >>>>>>>>
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>> --
> >>>>>> Rishi Yagnik
> >>>>>>
> >>>>>
> >>>>
> >>>
> >>>
> >>>
> >>> --
> >>> Rishi Yagnik
> >>>
> >>
> >>
> >>
> >> --
> >> Rishi Yagnik
> >>
>
--
Rishi Yagnik
Re: IGNITE-2741 - spring session design
Posted by Rishi Yagnik <ri...@gmail.com>.
Val,
Yes I would provide you the exact steps today and I will also test it in cluster environment.
The local environment is working as expected with the fix.
Take Care,
Rishi
> On Apr 13, 2017, at 2:18 AM, Valentin Kulichenko <va...@gmail.com> wrote:
>
> Rishi,
>
> Can you tell exact steps to reproduce? It's working for me in my
> environment.
>
> Do I understand correctly that apart from the token issue, it works fine
> with new version?
>
> -Val
>
> On Wed, Apr 12, 2017 at 10:00 PM, Rishi Yagnik <ri...@gmail.com>
> wrote:
>
>> Val,
>>
>> I build it from master s and was able to integrate with our app, but as I
>> mentioned to you previously, I see the XSRF-Token errors in debug log,
>>
>> [DEBUG] [XNIO-2 task-4] org.springframework.security.web.FilterChainProxy
>> -
>> /app/xxx/yyy/zz/A at position 3 of 13 in additional filter chain; firing
>> Filter: 'HeaderWriterFilter'
>> [DEBUG] [XNIO-2 task-4] org.springframework.security.web.FilterChainProxy
>> -
>> /app/xxx/yyy/zz/A at position 4 of 13 in additional filter chain; firing
>> Filter: 'CsrfFilter'
>>
>> [DEBUG] [XNIO-2 task-4] org.springframework.security.web.csrf.CsrfFilter -
>> Invalid CSRF token found for http://localhost:9002/app/xxx/yyy/zz/A
>>
>> And, then after, CSRF filter does not like the session, redirects to /403
>> error.
>>
>> Just wondering why the XSRF Token is not being saved in the session ?
>>
>> More debugging is require for sure..
>>
>> of course there is a work around to the problem, I can just use Cookie
>> based Token repository to avoid this issue.
>>
>> .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
>>
>>
>> will let you know my findings..
>>
>> As always, thanks for all your help.
>>
>> Thanks,
>> Rishi
>>
>>
>> On Tue, Apr 11, 2017 at 4:18 PM, Rishi Yagnik <ri...@gmail.com>
>> wrote:
>>
>>> Hi Val,
>>>
>>> I will build it from master s and let you know by tomorrow.
>>>
>>> Thanks,
>>>
>>>
>>> On Tue, Apr 11, 2017 at 3:53 PM, Valentin Kulichenko <
>>> valentin.kulichenko@gmail.com> wrote:
>>>
>>>> Hi Rishi,
>>>>
>>>> What was the issue with the HttpSessionCsrfTokenRepository? I didn't
>> have
>>>> any problems after I added code you provided.
>>>>
>>>> The fix for [1] is already in master. Can you try building from there
>> and
>>>> check if everything works fine for you?
>>>>
>>>> [1] https://issues.apache.org/jira/browse/IGNITE-4948
>>>>
>>>> -Val
>>>>
>>>> On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda <dm...@gridgain.com>
>> wrote:
>>>>
>>>>> Somewhere in April. This will be clarified on the dev list soon.
>>>>>
>>>>> On Saturday, March 18, 2017, Rishi Yagnik <ri...@gmail.com>
>>>> wrote:
>>>>>
>>>>>> Thanks, Val.
>>>>>>
>>>>>> When are we going to release Ignite 2.0 ? June ??
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>> On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>>>>>>
>>>>>>> Denis,
>>>>>>>
>>>>>>> Yes, this should be possible. I will try to finalize the fix asap.
>>>>>>>
>>>>>>> -Val
>>>>>>>
>>>>>>> On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda <dmagda@apache.org
>>>>>> <javascript:;>> wrote:
>>>>>>>
>>>>>>>> Val,
>>>>>>>>
>>>>>>>> Will it be possible to incorporate the fix into the nearest 2.0
>>>>>> release?
>>>>>>>>
>>>>>>>> —
>>>>>>>> Denis
>>>>>>>>
>>>>>>>>> On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <
>>>> rishiyagnik@gmail.com
>>>>>> <javascript:;>>
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> Hi Val,
>>>>>>>>>
>>>>>>>>> Hope you are well, any update on web session clustering.
>>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>> Rishi
>>>>>>>>>
>>>>>>>>> On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
>>>>>> rishiyagnik@gmail.com <javascript:;>>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> Hi Val,
>>>>>>>>>>
>>>>>>>>>> Thanks looking forward for the fix..
>>>>>>>>>>
>>>>>>>>>> Take Care,
>>>>>>>>>> Rishi
>>>>>>>>>>
>>>>>>>>>>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>>>>>>>>>>>
>>>>>>>>>>> Hi Rishi,
>>>>>>>>>>>
>>>>>>>>>>> I want to fix the bug first. It takes a bit longer than I
>>>>> thought,
>>>>>>> but
>>>>>>>> I
>>>>>>>>>>> should finish it over the weekend.
>>>>>>>>>>>
>>>>>>>>>>> -Val
>>>>>>>>>>>
>>>>>>>>>>>> On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>>>>>>>>>> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> Hi Val,
>>>>>>>>>>>>
>>>>>>>>>>>> Did you chance to look into session handling issue ?
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>
>>>>>>>>>>>> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <
>>>>>> rishiyagnik@gmail.com <javascript:;>
>>>>>>>>
>>>>>>>>>>>> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Hi Val,
>>>>>>>>>>>>>
>>>>>>>>>>>>> Do you think I can test a fix in 1.9 RC releases ? How are
>>>> you
>>>>>>>> planning
>>>>>>>>>>>> to
>>>>>>>>>>>>> release a fix ?
>>>>>>>>>>>>>
>>>>>>>>>>>>> Did you also look into problem where storing xsrf token in
>>>>> Ignite
>>>>>>>>>> returns
>>>>>>>>>>>>> an exception and does not behave as expected ?
>>>>>>>>>>>>>
>>>>>>>>>>>>> In SecurityConfig.java use HttpSessionCsrfTokenRepository
>>>> with
>>>>>>>>>> following
>>>>>>>>>>>>> code -
>>>>>>>>>>>>>
>>>>>>>>>>>>> .csrfTokenRepository(csrfTokenRepository())
>>>>>>>>>>>>>
>>>>>>>>>>>>> private CsrfTokenRepository csrfTokenRepository() {
>>>>>>>>>>>>> HttpSessionCsrfTokenRepository repository = new
>>>>>>>>>>>> HttpSessionCsrfTokenRepository();
>>>>>>>>>>>>> repository.setHeaderName("X-XSRF-TOKEN");
>>>>>>>>>>>>> return repository;
>>>>>>>>>>>>> }
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thank you for all your help,
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi Rishi,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I got to the bottom of it. Basically, the session is
>>>> replaced
>>>>> in
>>>>>>>>>> Spring
>>>>>>>>>>>>>> filter, but caching happens based on the old version
>> which
>>>>>> doesn't
>>>>>>>>>> have
>>>>>>>>>>>>>> security attributes. The fix is going to be very easy, I
>>>> will
>>>>> do
>>>>>>> it
>>>>>>>>>>>>>> tomorrow.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> -Val
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik <
>>>>>>> rishiyagnik@gmail.com <javascript:;>
>>>>>>>>>
>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Val,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Did you get chance to play around with the code ?
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Val,
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Adding a filter before csrf filter will invoke the
>> custom
>>>>>> ignite
>>>>>>>>>>>>>> filter.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Declare a custom filter class extends it with
>> websession
>>>>>> filter
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> public class CustomWebSessionFilter extends
>>>>> WebSessionFilter {
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> private static boolean igniteInitialize = false
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> @Override public void doFilter(ServletRequest req,
>>>>>>> ServletResponse
>>>>>>>>>>>>>> res,
>>>>>>>>>>>>>>>> FilterChain chain)
>>>>>>>>>>>>>>>> throws IOException, ServletException {
>>>>>>>>>>>>>>>> if(!igniteInitialize) {
>>>>>>>>>>>>>>>> super.init(new FilterConfig() {
>>>>>>>>>>>>>>>> @Override
>>>>>>>>>>>>>>>> public String getFilterName() {
>>>>>>>>>>>>>>>> return "CustomWebSessionFilter";
>>>>>>>>>>>>>>>> }
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> @Override
>>>>>>>>>>>>>>>> public ServletContext
>> getServletContext() {
>>>>>>>>>>>>>>>> return req.getServletContext();
>>>>>>>>>>>>>>>> }
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> @Override
>>>>>>>>>>>>>>>> public String getInitParameter(String
>>>> name) {
>>>>>>>>>>>>>>>> return null;
>>>>>>>>>>>>>>>> }
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> @Override
>>>>>>>>>>>>>>>> public Enumeration<String>
>>>>>>> getInitParameterNames() {
>>>>>>>>>>>>>>>> return null;
>>>>>>>>>>>>>>>> }
>>>>>>>>>>>>>>>> });
>>>>>>>>>>>>>>>> igniteInitialize = true;
>>>>>>>>>>>>>>>> }
>>>>>>>>>>>>>>>> super.doFilter(req,res,chain);
>>>>>>>>>>>>>>>> }
>>>>>>>>>>>>>>>> }
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> And in SecurityConfig.java add following line to invoke
>>>>> filter
>>>>>>>>>>>> before
>>>>>>>>>>>>>>>> Ignite Web Session filter -
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> .addFilterBefore(new ArWebSessionFilter(),
>>>> CsrfFilter.class)
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Hope it helps..
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Rishi,
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Can you please share how you forced Ignite filter to
>> be
>>>>>> invoked
>>>>>>>>>>>>>> before
>>>>>>>>>>>>>>>>> security filter?
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> -Val
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik <
>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Hi Val,
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Thanks for the response, we have executed ignite
>> filter
>>>>>> before
>>>>>>>>>>>>>> spring
>>>>>>>>>>>>>>>>>> security filter but somehow the ignite filter does
>> not
>>>> do
>>>>>> the
>>>>>>>> job
>>>>>>>>>>>>>> of
>>>>>>>>>>>>>>>>>> setting spring principle context.
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> As a result even though we have spring principle in
>>>>> session,
>>>>>>>>>>>> spring
>>>>>>>>>>>>>>>>> filter
>>>>>>>>>>>>>>>>>> does not recognize it and sends us back to log in
>> page.
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> I think there s some more work needed here to change
>>>> the
>>>>>>> filter
>>>>>>>>>>>> and
>>>>>>>>>>>>>>> make
>>>>>>>>>>>>>>>>>> it work with spring boot application.
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Take Care,
>>>>>>>>>>>>>>>>>> Rishi
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> Hi Rishi,
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> I did some debugging. Apparently, the reason for
>> this
>>>>>>> behavior
>>>>>>>>>>>> is
>>>>>>>>>>>>>>> that
>>>>>>>>>>>>>>>>>>> Spring Security filter resides before Ignite's
>> filter
>>>> in
>>>>>> the
>>>>>>>>>>>>>> chain
>>>>>>>>>>>>>>>>> list.
>>>>>>>>>>>>>>>>>> I
>>>>>>>>>>>>>>>>>>> think that eventually this should be fixed in the
>>>>> product,
>>>>>>> but
>>>>>>>>>>>> in
>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>>>>>> meantime there must be a way to work around the
>>>> problem
>>>>> by
>>>>>>>>>>>>>>> controlling
>>>>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>>>>>> order. Do you know how this can be done in Spring
>>>> Boot?
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> -Val
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik <
>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> Hi Val,
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> Sorry for pestering, thanks for all your help.
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> Rishi
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:22 PM, Valentin
>> Kulichenko
>>>> <
>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
>> wrote:
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>> Sorry, not yet. But this on my short list of
>> TODOs,
>>>>> will
>>>>>>> try
>>>>>>>>>>>> to
>>>>>>>>>>>>>>>>> give an
>>>>>>>>>>>>>>>>>>>>> update as soon as possible.
>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>> -Val
>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik <
>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>>>>>>>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>> Hi Val,
>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>> any update on session replication issue ?
>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>>>>>>>>>>> Rishi
>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>> On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik <
>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>>>>>>>>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>> Thanks Val for looking into it.
>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>> On Wed, Feb 22, 2017 at 9:32 PM, Valentin
>>>> Kulichenko
>>>>> <
>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
>>>> wrote:
>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>> Got it, I think I'm reproducing the issue. I'll
>>>>> take a
>>>>>>>>>>>> look
>>>>>>>>>>>>>> and
>>>>>>>>>>>>>>>>> let
>>>>>>>>>>>>>>>>>>>>> you
>>>>>>>>>>>>>>>>>>>>>>>> know my findings soon.
>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>> -Val
>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <
>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>>>>>>>>>>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>> The issue will occur in cluster environment,
>>>> please
>>>>>>> setup
>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>>>>>>> spring
>>>>>>>>>>>>>>>>>>>>>>>> boot
>>>>>>>>>>>>>>>>>>>>>>>>> on 2 different host with LB (F5 OR Reverse
>>>> proxy)
>>>>> in
>>>>>>>>>>>> front
>>>>>>>>>>>>>> and
>>>>>>>>>>>>>>>>> try
>>>>>>>>>>>>>>>>>>>>> to
>>>>>>>>>>>>>>>>>>>>>>>>> login.
>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>> In cluster environment, Spring security does
>> not
>>>>>>>>>>>> recognize
>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>>>>>>>> session
>>>>>>>>>>>>>>>>>>>>>>>> on
>>>>>>>>>>>>>>>>>>>>>>>>> the host you are not logged in, as a result,
>>>> spring
>>>>>>>>>>>>>> security
>>>>>>>>>>>>>>>>> will
>>>>>>>>>>>>>>>>>>>>>>>> redirect
>>>>>>>>>>>>>>>>>>>>>>>>> to login url however the correct behavior
>>>> should be
>>>>>>> that
>>>>>>>>>>>>>> user
>>>>>>>>>>>>>>>>>>>> would
>>>>>>>>>>>>>>>>>>>>>> stay
>>>>>>>>>>>>>>>>>>>>>>>>> logged in with session replication.
>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>> Do let me know if you need more information.
>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>>>>>>>>>>>>>> Rishi
>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:08 PM, Valentin
>>>>> Kulichenko
>>>>>> <
>>>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
>>>>> wrote:
>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>> I was able to build and run the application.
>>>> Can
>>>>> you
>>>>>>>>>>>> give
>>>>>>>>>>>>>>> some
>>>>>>>>>>>>>>>>>>>>>>>>> description
>>>>>>>>>>>>>>>>>>>>>>>>>> on what should I test to understand the
>> issue?
>>>>> What
>>>>>>>>>>>>>> exactly
>>>>>>>>>>>>>>>>>>>> didn't
>>>>>>>>>>>>>>>>>>>>>>>> work
>>>>>>>>>>>>>>>>>>>>>>>>> for
>>>>>>>>>>>>>>>>>>>>>>>>>> you?
>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>> -Val
>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 10:52 AM, Valentin
>>>>>> Kulichenko
>>>>>>> <
>>>>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
>> <javascript:;>>
>>>>>> wrote:
>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks, I'll take a look.
>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>> -Val
>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 9:07 AM, Rishi
>> Yagnik
>>>> <
>>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>> As promised, please find attached code for
>>>>> spring
>>>>>>> boot
>>>>>>>>>>>>>>>>>>>>>> integration
>>>>>>>>>>>>>>>>>>>>>>>>> with
>>>>>>>>>>>>>>>>>>>>>>>>>>>> spring security along with Ignite.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>> Some more information on project -
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>> - It is a maven project ( Ignite 1.7.0, SB
>>>>> 1.4.3 )
>>>>>>>>>>>>>>>>>>>>>>>>>>>> - spring security integrated with boot
>>>> project
>>>>>> along
>>>>>>>>>>>>>> with
>>>>>>>>>>>>>>>>>>>>>> ignite
>>>>>>>>>>>>>>>>>>>>>>>>>>>> - HttpSessionCookieCsrfTokenRepository
>> does
>>>> not
>>>>>>>>>>>> work,
>>>>>>>>>>>>>>>>>>>> gives
>>>>>>>>>>>>>>>>>>>>>>>>>>>> intermediate errors on single instance so
>>>> used
>>>>>>>>>>>>>>>>>>>>>>>>>> CookieCsrfTokenRepository
>>>>>>>>>>>>>>>>>>>>>>>>>>>> for CSRF token, again I think we need a fix
>>>> here
>>>>>>>>>>>> from
>>>>>>>>>>>>>>>>>>>>> Ignite.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>> I cant reproduce this errors while I am
>>>> running
>>>>> on
>>>>>>>>>>>>>> single
>>>>>>>>>>>>>>>>>>>>>> instance,
>>>>>>>>>>>>>>>>>>>>>>>>> you
>>>>>>>>>>>>>>>>>>>>>>>>>>>> need to run this app on 2 spring boot
>>>> instance
>>>>>>> having
>>>>>>>>>>>>>> proxy
>>>>>>>>>>>>>>>>>>>> in
>>>>>>>>>>>>>>>>>>>>>>>> front (
>>>>>>>>>>>>>>>>>>>>>>>>>> F5,
>>>>>>>>>>>>>>>>>>>>>>>>>>>> OR any proxy ) with round robin fashion (
>> no
>>>>>> sticky
>>>>>>>>>>>>>> session
>>>>>>>>>>>>>>>>>>>> on
>>>>>>>>>>>>>>>>>>>>> F5
>>>>>>>>>>>>>>>>>>>>>>>> OR
>>>>>>>>>>>>>>>>>>>>>>>>>>>> proxies ).
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>> We were thinking with round robin the user
>>>>> session
>>>>>>>>>>>> will
>>>>>>>>>>>>>>>>>>>> active
>>>>>>>>>>>>>>>>>>>>>>>> since
>>>>>>>>>>>>>>>>>>>>>>>>> we
>>>>>>>>>>>>>>>>>>>>>>>>>>>> used session replication on backend.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>> Do let me know if you need more information
>>>>> here.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 9:57 PM, Rishi
>>>> Yagnik <
>>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Val,
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>> My SB sample project is ready however I
>> have
>>>>>> asked
>>>>>>>>>>>> for
>>>>>>>>>>>>>> an
>>>>>>>>>>>>>>>>>>>>>>>> approval to
>>>>>>>>>>>>>>>>>>>>>>>>>>>>> submit sample project to you, it would
>> take
>>>> day
>>>>>> or
>>>>>>>>>>>> two.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>> I will keep you posted.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks for all your help,
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi
>>>> Yagnik <
>>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>
>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Let me build an example app for you and
>>>> send
>>>>> it
>>>>>>>>>>>>>> across to
>>>>>>>>>>>>>>>>>>>>> you.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin
>>>>>>>>>>>> Kulichenko <
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
>>>> <javascript:;>>
>>>>>> wrote:
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi,
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> No I don't, and I think that's what we
>>>> should
>>>>>>> start
>>>>>>>>>>>>>>> with.
>>>>>>>>>>>>>>>>>>>> I
>>>>>>>>>>>>>>>>>>>>>>>> want to
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> understand a use case that is currently
>>>> not
>>>>>>>>>>>> supported
>>>>>>>>>>>>>>> (if
>>>>>>>>>>>>>>>>>>>>> any)
>>>>>>>>>>>>>>>>>>>>>>>> and
>>>>>>>>>>>>>>>>>>>>>>>>>> then
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> find the best solution. And I would like
>>>> to
>>>>>> reuse
>>>>>>>>>>>>>>> existing
>>>>>>>>>>>>>>>>>>>>>> code
>>>>>>>>>>>>>>>>>>>>>>>> as
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> much as
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> possible.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Do you have any code that reproduces the
>>>>>> problem
>>>>>>>>>>>> you
>>>>>>>>>>>>>> had
>>>>>>>>>>>>>>>>>>>> and
>>>>>>>>>>>>>>>>>>>>>> how
>>>>>>>>>>>>>>>>>>>>>>>>> you
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> tried
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> to utilize current web session
>> clustering?
>>>>> Can
>>>>>>> you
>>>>>>>>>>>>>> share
>>>>>>>>>>>>>>>>>>>> it
>>>>>>>>>>>>>>>>>>>>>> with
>>>>>>>>>>>>>>>>>>>>>>>>> us?
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -Val
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi
>>>>> Yagnik
>>>>>> <
>>>>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> I am working on SB platform with spring
>>>>>> security
>>>>>>>>>>>>>> and we
>>>>>>>>>>>>>>>>>>>>>> found
>>>>>>>>>>>>>>>>>>>>>>>> out
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> that the
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> web session filter ignite provides does
>>>> not
>>>>>> work
>>>>>>>>>>>> for
>>>>>>>>>>>>>>>>>>>>> session
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> management on
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 2 node spring boot cluster.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Somehow, spring security filter kicks
>> in
>>>>>> result
>>>>>>> in
>>>>>>>>>>>>>> some
>>>>>>>>>>>>>>>>>>>>>> weird
>>>>>>>>>>>>>>>>>>>>>>>>>> errors
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> with
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> web session filter.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> So making compatible with spring
>> security
>>>>>>> somehow,
>>>>>>>>>>>>>> we
>>>>>>>>>>>>>>>>>>>> need
>>>>>>>>>>>>>>>>>>>>>> to
>>>>>>>>>>>>>>>>>>>>>>>>> write
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> implementation on spring session.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Do you have any test cases that says
>> web
>>>>>> session
>>>>>>>>>>>>>> filter
>>>>>>>>>>>>>>>>>>>>>> would
>>>>>>>>>>>>>>>>>>>>>>>>> work
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> with
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> spring security on boot platform ?
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 1:03 PM,
>> Valentin
>>>>>>>>>>>>>> Kulichenko <
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
>>>>> <javascript:;>>
>>>>>> wrote:
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Can you please take a look at web
>>>> session
>>>>>>>>>>>>>> clustering
>>>>>>>>>>>>>>>>>>>>>> feature
>>>>>>>>>>>>>>>>>>>>>>>>> [1]
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> provided
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> by Ignite? I'm looking at Spring
>> Session
>>>>> docs
>>>>>>> and
>>>>>>>>>>>>>> it
>>>>>>>>>>>>>>>>>>>>> seems
>>>>>>>>>>>>>>>>>>>>>>>> to
>>>>>>>>>>>>>>>>>>>>>>>>> me
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> it does
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> exactly the same - replaces
>> HttpSession
>>>>> with
>>>>>>>>>>>> custom
>>>>>>>>>>>>>>>>>>>>>>>>>> implementation
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> that
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> has
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> a backend storage. If it doesn't
>> provide
>>>>> any
>>>>>>>>>>>>>>>>>>>> additional
>>>>>>>>>>>>>>>>>>>>>> API
>>>>>>>>>>>>>>>>>>>>>>>> or
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> functionality, I'm not sure I
>> understand
>>>>> the
>>>>>>>>>>>>>> benefit
>>>>>>>>>>>>>>>>>>>> of
>>>>>>>>>>>>>>>>>>>>>> this
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> feature.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Let me know if I'm missing something.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> [1] https://apacheignite-mix.
>>>>>>>>>>>>>>>>>>>>> readme.io/docs/web-session-
>>>>>>>>>>>>>>>>>>>>>>>>>> clustering
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -Val
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Mon, Feb 13, 2017 at 2:41 PM, Rishi
>>>>>> Yagnik <
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> I would like to discuss session
>>>>> replication
>>>>>> /
>>>>>>>>>>>> fail
>>>>>>>>>>>>>>>>>>>>> over
>>>>>>>>>>>>>>>>>>>>>>>>> design
>>>>>>>>>>>>>>>>>>>>>>>>>> on
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> spring
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> boot platform and wanted to find what
>>>> is
>>>>> the
>>>>>>>>>>>> best
>>>>>>>>>>>>>>>>>>>> out
>>>>>>>>>>>>>>>>>>>>> to
>>>>>>>>>>>>>>>>>>>>>>>> get
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> started
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> here ?
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Possible approaches are as follows -
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - Make use of Spring Session for
>>>> session
>>>>>>>>>>>>>>>>>>>>> replication
>>>>>>>>>>>>>>>>>>>>>>>> and
>>>>>>>>>>>>>>>>>>>>>>>>>> fail
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> over
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - Extend the web session filter and
>>>> make
>>>>> it
>>>>>>>>>>>> work
>>>>>>>>>>>>>>>>>>>> on
>>>>>>>>>>>>>>>>>>>>>>>> spring
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> boot
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> application
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> I am thinking that best approach
>> would
>>>> be
>>>>> to
>>>>>>> get
>>>>>>>>>>>>>>>>>>>>> started
>>>>>>>>>>>>>>>>>>>>>>>> here
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> with
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> spring
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> session design however I am open for
>>>>>> feedback
>>>>>>>>>>>>>> here.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>> Rishi Yagnik
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>> Rishi Yagnik
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> --
>>>>>>>>>>>>> Rishi Yagnik
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> --
>>>>>>>>>>>> Rishi Yagnik
>>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Rishi Yagnik
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Rishi Yagnik
>>>>>>
>>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> Rishi Yagnik
>>>
>>
>>
>>
>> --
>> Rishi Yagnik
>>
Re: IGNITE-2741 - spring session design
Posted by Valentin Kulichenko <va...@gmail.com>.
Rishi,
Can you tell exact steps to reproduce? It's working for me in my
environment.
Do I understand correctly that apart from the token issue, it works fine
with new version?
-Val
On Wed, Apr 12, 2017 at 10:00 PM, Rishi Yagnik <ri...@gmail.com>
wrote:
> Val,
>
> I build it from master s and was able to integrate with our app, but as I
> mentioned to you previously, I see the XSRF-Token errors in debug log,
>
> [DEBUG] [XNIO-2 task-4] org.springframework.security.web.FilterChainProxy
> -
> /app/xxx/yyy/zz/A at position 3 of 13 in additional filter chain; firing
> Filter: 'HeaderWriterFilter'
> [DEBUG] [XNIO-2 task-4] org.springframework.security.web.FilterChainProxy
> -
> /app/xxx/yyy/zz/A at position 4 of 13 in additional filter chain; firing
> Filter: 'CsrfFilter'
>
> [DEBUG] [XNIO-2 task-4] org.springframework.security.web.csrf.CsrfFilter -
> Invalid CSRF token found for http://localhost:9002/app/xxx/yyy/zz/A
>
> And, then after, CSRF filter does not like the session, redirects to /403
> error.
>
> Just wondering why the XSRF Token is not being saved in the session ?
>
> More debugging is require for sure..
>
> of course there is a work around to the problem, I can just use Cookie
> based Token repository to avoid this issue.
>
> .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
>
>
> will let you know my findings..
>
> As always, thanks for all your help.
>
> Thanks,
> Rishi
>
>
> On Tue, Apr 11, 2017 at 4:18 PM, Rishi Yagnik <ri...@gmail.com>
> wrote:
>
> > Hi Val,
> >
> > I will build it from master s and let you know by tomorrow.
> >
> > Thanks,
> >
> >
> > On Tue, Apr 11, 2017 at 3:53 PM, Valentin Kulichenko <
> > valentin.kulichenko@gmail.com> wrote:
> >
> >> Hi Rishi,
> >>
> >> What was the issue with the HttpSessionCsrfTokenRepository? I didn't
> have
> >> any problems after I added code you provided.
> >>
> >> The fix for [1] is already in master. Can you try building from there
> and
> >> check if everything works fine for you?
> >>
> >> [1] https://issues.apache.org/jira/browse/IGNITE-4948
> >>
> >> -Val
> >>
> >> On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda <dm...@gridgain.com>
> wrote:
> >>
> >> > Somewhere in April. This will be clarified on the dev list soon.
> >> >
> >> > On Saturday, March 18, 2017, Rishi Yagnik <ri...@gmail.com>
> >> wrote:
> >> >
> >> > > Thanks, Val.
> >> > >
> >> > > When are we going to release Ignite 2.0 ? June ??
> >> > >
> >> > > Thanks,
> >> > >
> >> > > On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
> >> > > valentin.kulichenko@gmail.com <javascript:;>> wrote:
> >> > >
> >> > > > Denis,
> >> > > >
> >> > > > Yes, this should be possible. I will try to finalize the fix asap.
> >> > > >
> >> > > > -Val
> >> > > >
> >> > > > On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda <dmagda@apache.org
> >> > > <javascript:;>> wrote:
> >> > > >
> >> > > > > Val,
> >> > > > >
> >> > > > > Will it be possible to incorporate the fix into the nearest 2.0
> >> > > release?
> >> > > > >
> >> > > > > —
> >> > > > > Denis
> >> > > > >
> >> > > > > > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <
> >> rishiyagnik@gmail.com
> >> > > <javascript:;>>
> >> > > > > wrote:
> >> > > > > >
> >> > > > > > Hi Val,
> >> > > > > >
> >> > > > > > Hope you are well, any update on web session clustering.
> >> > > > > >
> >> > > > > > Thanks,
> >> > > > > > Rishi
> >> > > > > >
> >> > > > > > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
> >> > > rishiyagnik@gmail.com <javascript:;>>
> >> > > > > > wrote:
> >> > > > > >
> >> > > > > >> Hi Val,
> >> > > > > >>
> >> > > > > >> Thanks looking forward for the fix..
> >> > > > > >>
> >> > > > > >> Take Care,
> >> > > > > >> Rishi
> >> > > > > >>
> >> > > > > >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> >> > > > > >> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> >> > > > > >>>
> >> > > > > >>> Hi Rishi,
> >> > > > > >>>
> >> > > > > >>> I want to fix the bug first. It takes a bit longer than I
> >> > thought,
> >> > > > but
> >> > > > > I
> >> > > > > >>> should finish it over the weekend.
> >> > > > > >>>
> >> > > > > >>> -Val
> >> > > > > >>>
> >> > > > > >>>> On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
> >> > > > rishiyagnik@gmail.com <javascript:;>>
> >> > > > > >> wrote:
> >> > > > > >>>>
> >> > > > > >>>> Hi Val,
> >> > > > > >>>>
> >> > > > > >>>> Did you chance to look into session handling issue ?
> >> > > > > >>>>
> >> > > > > >>>> Thanks,
> >> > > > > >>>>
> >> > > > > >>>> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <
> >> > > rishiyagnik@gmail.com <javascript:;>
> >> > > > >
> >> > > > > >>>> wrote:
> >> > > > > >>>>
> >> > > > > >>>>> Hi Val,
> >> > > > > >>>>>
> >> > > > > >>>>> Do you think I can test a fix in 1.9 RC releases ? How are
> >> you
> >> > > > > planning
> >> > > > > >>>> to
> >> > > > > >>>>> release a fix ?
> >> > > > > >>>>>
> >> > > > > >>>>> Did you also look into problem where storing xsrf token in
> >> > Ignite
> >> > > > > >> returns
> >> > > > > >>>>> an exception and does not behave as expected ?
> >> > > > > >>>>>
> >> > > > > >>>>> In SecurityConfig.java use HttpSessionCsrfTokenRepository
> >> with
> >> > > > > >> following
> >> > > > > >>>>> code -
> >> > > > > >>>>>
> >> > > > > >>>>> .csrfTokenRepository(csrfTokenRepository())
> >> > > > > >>>>>
> >> > > > > >>>>> private CsrfTokenRepository csrfTokenRepository() {
> >> > > > > >>>>> HttpSessionCsrfTokenRepository repository = new
> >> > > > > >>>> HttpSessionCsrfTokenRepository();
> >> > > > > >>>>> repository.setHeaderName("X-XSRF-TOKEN");
> >> > > > > >>>>> return repository;
> >> > > > > >>>>> }
> >> > > > > >>>>>
> >> > > > > >>>>> Thank you for all your help,
> >> > > > > >>>>>
> >> > > > > >>>>>
> >> > > > > >>>>> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> >> > > > > >>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> >> > > > > >>>>>
> >> > > > > >>>>>> Hi Rishi,
> >> > > > > >>>>>>
> >> > > > > >>>>>> I got to the bottom of it. Basically, the session is
> >> replaced
> >> > in
> >> > > > > >> Spring
> >> > > > > >>>>>> filter, but caching happens based on the old version
> which
> >> > > doesn't
> >> > > > > >> have
> >> > > > > >>>>>> security attributes. The fix is going to be very easy, I
> >> will
> >> > do
> >> > > > it
> >> > > > > >>>>>> tomorrow.
> >> > > > > >>>>>>
> >> > > > > >>>>>> -Val
> >> > > > > >>>>>>
> >> > > > > >>>>>> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik <
> >> > > > rishiyagnik@gmail.com <javascript:;>
> >> > > > > >
> >> > > > > >>>>>> wrote:
> >> > > > > >>>>>>
> >> > > > > >>>>>>> Val,
> >> > > > > >>>>>>>
> >> > > > > >>>>>>> Did you get chance to play around with the code ?
> >> > > > > >>>>>>>
> >> > > > > >>>>>>> Thanks,
> >> > > > > >>>>>>>
> >> > > > > >>>>>>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
> >> > > > > rishiyagnik@gmail.com <javascript:;>>
> >> > > > > >>>>>>> wrote:
> >> > > > > >>>>>>>
> >> > > > > >>>>>>>> Val,
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>> Adding a filter before csrf filter will invoke the
> custom
> >> > > ignite
> >> > > > > >>>>>> filter.
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>> Declare a custom filter class extends it with
> websession
> >> > > filter
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>> public class CustomWebSessionFilter extends
> >> > WebSessionFilter {
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>> private static boolean igniteInitialize = false
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>> @Override public void doFilter(ServletRequest req,
> >> > > > ServletResponse
> >> > > > > >>>>>> res,
> >> > > > > >>>>>>>> FilterChain chain)
> >> > > > > >>>>>>>> throws IOException, ServletException {
> >> > > > > >>>>>>>> if(!igniteInitialize) {
> >> > > > > >>>>>>>> super.init(new FilterConfig() {
> >> > > > > >>>>>>>> @Override
> >> > > > > >>>>>>>> public String getFilterName() {
> >> > > > > >>>>>>>> return "CustomWebSessionFilter";
> >> > > > > >>>>>>>> }
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>> @Override
> >> > > > > >>>>>>>> public ServletContext
> getServletContext() {
> >> > > > > >>>>>>>> return req.getServletContext();
> >> > > > > >>>>>>>> }
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>> @Override
> >> > > > > >>>>>>>> public String getInitParameter(String
> >> name) {
> >> > > > > >>>>>>>> return null;
> >> > > > > >>>>>>>> }
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>> @Override
> >> > > > > >>>>>>>> public Enumeration<String>
> >> > > > getInitParameterNames() {
> >> > > > > >>>>>>>> return null;
> >> > > > > >>>>>>>> }
> >> > > > > >>>>>>>> });
> >> > > > > >>>>>>>> igniteInitialize = true;
> >> > > > > >>>>>>>> }
> >> > > > > >>>>>>>> super.doFilter(req,res,chain);
> >> > > > > >>>>>>>> }
> >> > > > > >>>>>>>> }
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>> And in SecurityConfig.java add following line to invoke
> >> > filter
> >> > > > > >>>> before
> >> > > > > >>>>>>>> Ignite Web Session filter -
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>> .addFilterBefore(new ArWebSessionFilter(),
> >> CsrfFilter.class)
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>> Hope it helps..
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>> Thanks,
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
> >> > > > > >>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>>> Rishi,
> >> > > > > >>>>>>>>>
> >> > > > > >>>>>>>>> Can you please share how you forced Ignite filter to
> be
> >> > > invoked
> >> > > > > >>>>>> before
> >> > > > > >>>>>>>>> security filter?
> >> > > > > >>>>>>>>>
> >> > > > > >>>>>>>>> -Val
> >> > > > > >>>>>>>>>
> >> > > > > >>>>>>>>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik <
> >> > > > > >>>> rishiyagnik@gmail.com <javascript:;>
> >> > > > > >>>>>>>
> >> > > > > >>>>>>>>> wrote:
> >> > > > > >>>>>>>>>
> >> > > > > >>>>>>>>>> Hi Val,
> >> > > > > >>>>>>>>>>
> >> > > > > >>>>>>>>>> Thanks for the response, we have executed ignite
> filter
> >> > > before
> >> > > > > >>>>>> spring
> >> > > > > >>>>>>>>>> security filter but somehow the ignite filter does
> not
> >> do
> >> > > the
> >> > > > > job
> >> > > > > >>>>>> of
> >> > > > > >>>>>>>>>> setting spring principle context.
> >> > > > > >>>>>>>>>>
> >> > > > > >>>>>>>>>> As a result even though we have spring principle in
> >> > session,
> >> > > > > >>>> spring
> >> > > > > >>>>>>>>> filter
> >> > > > > >>>>>>>>>> does not recognize it and sends us back to log in
> page.
> >> > > > > >>>>>>>>>>
> >> > > > > >>>>>>>>>> I think there s some more work needed here to change
> >> the
> >> > > > filter
> >> > > > > >>>> and
> >> > > > > >>>>>>> make
> >> > > > > >>>>>>>>>> it work with spring boot application.
> >> > > > > >>>>>>>>>>
> >> > > > > >>>>>>>>>> Take Care,
> >> > > > > >>>>>>>>>> Rishi
> >> > > > > >>>>>>>>>>
> >> > > > > >>>>>>>>>>> On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
> >> > > > > >>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> >> > > > > >>>>>>>>>>>
> >> > > > > >>>>>>>>>>> Hi Rishi,
> >> > > > > >>>>>>>>>>>
> >> > > > > >>>>>>>>>>> I did some debugging. Apparently, the reason for
> this
> >> > > > behavior
> >> > > > > >>>> is
> >> > > > > >>>>>>> that
> >> > > > > >>>>>>>>>>> Spring Security filter resides before Ignite's
> filter
> >> in
> >> > > the
> >> > > > > >>>>>> chain
> >> > > > > >>>>>>>>> list.
> >> > > > > >>>>>>>>>> I
> >> > > > > >>>>>>>>>>> think that eventually this should be fixed in the
> >> > product,
> >> > > > but
> >> > > > > >>>> in
> >> > > > > >>>>>>> the
> >> > > > > >>>>>>>>>>> meantime there must be a way to work around the
> >> problem
> >> > by
> >> > > > > >>>>>>> controlling
> >> > > > > >>>>>>>>>> the
> >> > > > > >>>>>>>>>>> order. Do you know how this can be done in Spring
> >> Boot?
> >> > > > > >>>>>>>>>>>
> >> > > > > >>>>>>>>>>> -Val
> >> > > > > >>>>>>>>>>>
> >> > > > > >>>>>>>>>>>> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik <
> >> > > > > >>>>>>> rishiyagnik@gmail.com <javascript:;>
> >> > > > > >>>>>>>>>>
> >> > > > > >>>>>>>>>> wrote:
> >> > > > > >>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>> Hi Val,
> >> > > > > >>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>> Sorry for pestering, thanks for all your help.
> >> > > > > >>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>> Rishi
> >> > > > > >>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:22 PM, Valentin
> Kulichenko
> >> <
> >> > > > > >>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> wrote:
> >> > > > > >>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>> Hi Rishi,
> >> > > > > >>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>> Sorry, not yet. But this on my short list of
> TODOs,
> >> > will
> >> > > > try
> >> > > > > >>>> to
> >> > > > > >>>>>>>>> give an
> >> > > > > >>>>>>>>>>>>> update as soon as possible.
> >> > > > > >>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>> -Val
> >> > > > > >>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik <
> >> > > > > >>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >> > > > > >>>>>>>>>>>>> wrote:
> >> > > > > >>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>> Hi Val,
> >> > > > > >>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>> any update on session replication issue ?
> >> > > > > >>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>> Thanks,
> >> > > > > >>>>>>>>>>>>>> Rishi
> >> > > > > >>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>> On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik <
> >> > > > > >>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >> > > > > >>>>>>>>>>>>>> wrote:
> >> > > > > >>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>> Thanks Val for looking into it.
> >> > > > > >>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>> On Wed, Feb 22, 2017 at 9:32 PM, Valentin
> >> Kulichenko
> >> > <
> >> > > > > >>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> >> wrote:
> >> > > > > >>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>> Hi Rishi,
> >> > > > > >>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>> Got it, I think I'm reproducing the issue. I'll
> >> > take a
> >> > > > > >>>> look
> >> > > > > >>>>>> and
> >> > > > > >>>>>>>>> let
> >> > > > > >>>>>>>>>>>>> you
> >> > > > > >>>>>>>>>>>>>>>> know my findings soon.
> >> > > > > >>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>> -Val
> >> > > > > >>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <
> >> > > > > >>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >> > > > > >>>>>>>>>>>>>>>> wrote:
> >> > > > > >>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>> Hi Val,
> >> > > > > >>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>> The issue will occur in cluster environment,
> >> please
> >> > > > setup
> >> > > > > >>>>>> the
> >> > > > > >>>>>>>>>>>> spring
> >> > > > > >>>>>>>>>>>>>>>> boot
> >> > > > > >>>>>>>>>>>>>>>>> on 2 different host with LB (F5 OR Reverse
> >> proxy)
> >> > in
> >> > > > > >>>> front
> >> > > > > >>>>>> and
> >> > > > > >>>>>>>>> try
> >> > > > > >>>>>>>>>>>>> to
> >> > > > > >>>>>>>>>>>>>>>>> login.
> >> > > > > >>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>> In cluster environment, Spring security does
> not
> >> > > > > >>>> recognize
> >> > > > > >>>>>> the
> >> > > > > >>>>>>>>>>>>> session
> >> > > > > >>>>>>>>>>>>>>>> on
> >> > > > > >>>>>>>>>>>>>>>>> the host you are not logged in, as a result,
> >> spring
> >> > > > > >>>>>> security
> >> > > > > >>>>>>>>> will
> >> > > > > >>>>>>>>>>>>>>>> redirect
> >> > > > > >>>>>>>>>>>>>>>>> to login url however the correct behavior
> >> should be
> >> > > > that
> >> > > > > >>>>>> user
> >> > > > > >>>>>>>>>>>> would
> >> > > > > >>>>>>>>>>>>>> stay
> >> > > > > >>>>>>>>>>>>>>>>> logged in with session replication.
> >> > > > > >>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>> Do let me know if you need more information.
> >> > > > > >>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>> Thanks,
> >> > > > > >>>>>>>>>>>>>>>>> Rishi
> >> > > > > >>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:08 PM, Valentin
> >> > Kulichenko
> >> > > <
> >> > > > > >>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> >> > wrote:
> >> > > > > >>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>> Hi Rishi,
> >> > > > > >>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>> I was able to build and run the application.
> >> Can
> >> > you
> >> > > > > >>>> give
> >> > > > > >>>>>>> some
> >> > > > > >>>>>>>>>>>>>>>>> description
> >> > > > > >>>>>>>>>>>>>>>>>> on what should I test to understand the
> issue?
> >> > What
> >> > > > > >>>>>> exactly
> >> > > > > >>>>>>>>>>>> didn't
> >> > > > > >>>>>>>>>>>>>>>> work
> >> > > > > >>>>>>>>>>>>>>>>> for
> >> > > > > >>>>>>>>>>>>>>>>>> you?
> >> > > > > >>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>> -Val
> >> > > > > >>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 10:52 AM, Valentin
> >> > > Kulichenko
> >> > > > <
> >> > > > > >>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
> <javascript:;>>
> >> > > wrote:
> >> > > > > >>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>> Hi Rishi,
> >> > > > > >>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>> Thanks, I'll take a look.
> >> > > > > >>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>> -Val
> >> > > > > >>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 9:07 AM, Rishi
> Yagnik
> >> <
> >> > > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >> > > > > >>>>>>>>>>>>>>>>>>> wrote:
> >> > > > > >>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>> Hi Val,
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>> As promised, please find attached code for
> >> > spring
> >> > > > boot
> >> > > > > >>>>>>>>>>>>>> integration
> >> > > > > >>>>>>>>>>>>>>>>> with
> >> > > > > >>>>>>>>>>>>>>>>>>>> spring security along with Ignite.
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>> Some more information on project -
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>> - It is a maven project ( Ignite 1.7.0, SB
> >> > 1.4.3 )
> >> > > > > >>>>>>>>>>>>>>>>>>>> - spring security integrated with boot
> >> project
> >> > > along
> >> > > > > >>>>>> with
> >> > > > > >>>>>>>>>>>>>> ignite
> >> > > > > >>>>>>>>>>>>>>>>>>>> - HttpSessionCookieCsrfTokenRepository
> does
> >> not
> >> > > > > >>>> work,
> >> > > > > >>>>>>>>>>>> gives
> >> > > > > >>>>>>>>>>>>>>>>>>>> intermediate errors on single instance so
> >> used
> >> > > > > >>>>>>>>>>>>>>>>>> CookieCsrfTokenRepository
> >> > > > > >>>>>>>>>>>>>>>>>>>> for CSRF token, again I think we need a fix
> >> here
> >> > > > > >>>> from
> >> > > > > >>>>>>>>>>>>> Ignite.
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>> I cant reproduce this errors while I am
> >> running
> >> > on
> >> > > > > >>>>>> single
> >> > > > > >>>>>>>>>>>>>> instance,
> >> > > > > >>>>>>>>>>>>>>>>> you
> >> > > > > >>>>>>>>>>>>>>>>>>>> need to run this app on 2 spring boot
> >> instance
> >> > > > having
> >> > > > > >>>>>> proxy
> >> > > > > >>>>>>>>>>>> in
> >> > > > > >>>>>>>>>>>>>>>> front (
> >> > > > > >>>>>>>>>>>>>>>>>> F5,
> >> > > > > >>>>>>>>>>>>>>>>>>>> OR any proxy ) with round robin fashion (
> no
> >> > > sticky
> >> > > > > >>>>>> session
> >> > > > > >>>>>>>>>>>> on
> >> > > > > >>>>>>>>>>>>> F5
> >> > > > > >>>>>>>>>>>>>>>> OR
> >> > > > > >>>>>>>>>>>>>>>>>>>> proxies ).
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>> We were thinking with round robin the user
> >> > session
> >> > > > > >>>> will
> >> > > > > >>>>>>>>>>>> active
> >> > > > > >>>>>>>>>>>>>>>> since
> >> > > > > >>>>>>>>>>>>>>>>> we
> >> > > > > >>>>>>>>>>>>>>>>>>>> used session replication on backend.
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>> Do let me know if you need more information
> >> > here.
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>> Thanks,
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>> Rishi
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 9:57 PM, Rishi
> >> Yagnik <
> >> > > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >> > > > > >>>>>>>>>>>>>>>>>>>> wrote:
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>> Val,
> >> > > > > >>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>> My SB sample project is ready however I
> have
> >> > > asked
> >> > > > > >>>> for
> >> > > > > >>>>>> an
> >> > > > > >>>>>>>>>>>>>>>> approval to
> >> > > > > >>>>>>>>>>>>>>>>>>>>> submit sample project to you, it would
> take
> >> day
> >> > > or
> >> > > > > >>>> two.
> >> > > > > >>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>> I will keep you posted.
> >> > > > > >>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>> Thanks for all your help,
> >> > > > > >>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi
> >> Yagnik <
> >> > > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>
> >> > > > > >>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>> wrote:
> >> > > > > >>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>> Let me build an example app for you and
> >> send
> >> > it
> >> > > > > >>>>>> across to
> >> > > > > >>>>>>>>>>>>> you.
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>> Thanks,
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin
> >> > > > > >>>> Kulichenko <
> >> > > > > >>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
> >> <javascript:;>>
> >> > > wrote:
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> Rishi,
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> No I don't, and I think that's what we
> >> should
> >> > > > start
> >> > > > > >>>>>>> with.
> >> > > > > >>>>>>>>>>>> I
> >> > > > > >>>>>>>>>>>>>>>> want to
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> understand a use case that is currently
> >> not
> >> > > > > >>>> supported
> >> > > > > >>>>>>> (if
> >> > > > > >>>>>>>>>>>>> any)
> >> > > > > >>>>>>>>>>>>>>>> and
> >> > > > > >>>>>>>>>>>>>>>>>> then
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> find the best solution. And I would like
> >> to
> >> > > reuse
> >> > > > > >>>>>>> existing
> >> > > > > >>>>>>>>>>>>>> code
> >> > > > > >>>>>>>>>>>>>>>> as
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> much as
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> possible.
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> Do you have any code that reproduces the
> >> > > problem
> >> > > > > >>>> you
> >> > > > > >>>>>> had
> >> > > > > >>>>>>>>>>>> and
> >> > > > > >>>>>>>>>>>>>> how
> >> > > > > >>>>>>>>>>>>>>>>> you
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> tried
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> to utilize current web session
> clustering?
> >> > Can
> >> > > > you
> >> > > > > >>>>>> share
> >> > > > > >>>>>>>>>>>> it
> >> > > > > >>>>>>>>>>>>>> with
> >> > > > > >>>>>>>>>>>>>>>>> us?
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> -Val
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi
> >> > Yagnik
> >> > > <
> >> > > > > >>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> wrote:
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> I am working on SB platform with spring
> >> > > security
> >> > > > > >>>>>> and we
> >> > > > > >>>>>>>>>>>>>> found
> >> > > > > >>>>>>>>>>>>>>>> out
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> that the
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> web session filter ignite provides does
> >> not
> >> > > work
> >> > > > > >>>> for
> >> > > > > >>>>>>>>>>>>> session
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> management on
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> 2 node spring boot cluster.
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Somehow, spring security filter kicks
> in
> >> > > result
> >> > > > in
> >> > > > > >>>>>> some
> >> > > > > >>>>>>>>>>>>>> weird
> >> > > > > >>>>>>>>>>>>>>>>>> errors
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> with
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> web session filter.
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> So making compatible with spring
> security
> >> > > > somehow,
> >> > > > > >>>>>> we
> >> > > > > >>>>>>>>>>>> need
> >> > > > > >>>>>>>>>>>>>> to
> >> > > > > >>>>>>>>>>>>>>>>> write
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> implementation on spring session.
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Do you have any test cases that says
> web
> >> > > session
> >> > > > > >>>>>> filter
> >> > > > > >>>>>>>>>>>>>> would
> >> > > > > >>>>>>>>>>>>>>>>> work
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> with
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring security on boot platform ?
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Thanks,
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 1:03 PM,
> Valentin
> >> > > > > >>>>>> Kulichenko <
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
> >> > <javascript:;>>
> >> > > wrote:
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Can you please take a look at web
> >> session
> >> > > > > >>>>>> clustering
> >> > > > > >>>>>>>>>>>>>> feature
> >> > > > > >>>>>>>>>>>>>>>>> [1]
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> provided
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> by Ignite? I'm looking at Spring
> Session
> >> > docs
> >> > > > and
> >> > > > > >>>>>> it
> >> > > > > >>>>>>>>>>>>> seems
> >> > > > > >>>>>>>>>>>>>>>> to
> >> > > > > >>>>>>>>>>>>>>>>> me
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> it does
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> exactly the same - replaces
> HttpSession
> >> > with
> >> > > > > >>>> custom
> >> > > > > >>>>>>>>>>>>>>>>>> implementation
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> that
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> has
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> a backend storage. If it doesn't
> provide
> >> > any
> >> > > > > >>>>>>>>>>>> additional
> >> > > > > >>>>>>>>>>>>>> API
> >> > > > > >>>>>>>>>>>>>>>> or
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> functionality, I'm not sure I
> understand
> >> > the
> >> > > > > >>>>>> benefit
> >> > > > > >>>>>>>>>>>> of
> >> > > > > >>>>>>>>>>>>>> this
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> feature.
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Let me know if I'm missing something.
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> [1] https://apacheignite-mix.
> >> > > > > >>>>>>>>>>>>> readme.io/docs/web-session-
> >> > > > > >>>>>>>>>>>>>>>>>> clustering
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> -Val
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> On Mon, Feb 13, 2017 at 2:41 PM, Rishi
> >> > > Yagnik <
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> wrote:
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> I would like to discuss session
> >> > replication
> >> > > /
> >> > > > > >>>> fail
> >> > > > > >>>>>>>>>>>>> over
> >> > > > > >>>>>>>>>>>>>>>>> design
> >> > > > > >>>>>>>>>>>>>>>>>> on
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> boot platform and wanted to find what
> >> is
> >> > the
> >> > > > > >>>> best
> >> > > > > >>>>>>>>>>>> out
> >> > > > > >>>>>>>>>>>>> to
> >> > > > > >>>>>>>>>>>>>>>> get
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> started
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> here ?
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> Possible approaches are as follows -
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> - Make use of Spring Session for
> >> session
> >> > > > > >>>>>>>>>>>>> replication
> >> > > > > >>>>>>>>>>>>>>>> and
> >> > > > > >>>>>>>>>>>>>>>>>> fail
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> over
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> - Extend the web session filter and
> >> make
> >> > it
> >> > > > > >>>> work
> >> > > > > >>>>>>>>>>>> on
> >> > > > > >>>>>>>>>>>>>>>> spring
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> boot
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> application
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> I am thinking that best approach
> would
> >> be
> >> > to
> >> > > > get
> >> > > > > >>>>>>>>>>>>> started
> >> > > > > >>>>>>>>>>>>>>>> here
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>> with
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> session design however I am open for
> >> > > feedback
> >> > > > > >>>>>> here.
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> --
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> --
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>> --
> >> > > > > >>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> >> > > > > >>>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>> --
> >> > > > > >>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> >> > > > > >>>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>> --
> >> > > > > >>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> >> > > > > >>>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>> --
> >> > > > > >>>>>>>>>>>>>>>>> Rishi Yagnik
> >> > > > > >>>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>> --
> >> > > > > >>>>>>>>>>>>>>> Rishi Yagnik
> >> > > > > >>>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>> --
> >> > > > > >>>>>>>>>>>>>> Rishi Yagnik
> >> > > > > >>>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>>
> >> > > > > >>>>>>>>>>>> --
> >> > > > > >>>>>>>>>>>> Rishi Yagnik
> >> > > > > >>>>>>>>>>>>
> >> > > > > >>>>>>>>>>
> >> > > > > >>>>>>>>>
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>> --
> >> > > > > >>>>>>>> Rishi Yagnik
> >> > > > > >>>>>>>>
> >> > > > > >>>>>>>
> >> > > > > >>>>>>>
> >> > > > > >>>>>>>
> >> > > > > >>>>>>> --
> >> > > > > >>>>>>> Rishi Yagnik
> >> > > > > >>>>>>>
> >> > > > > >>>>>>
> >> > > > > >>>>>
> >> > > > > >>>>>
> >> > > > > >>>>>
> >> > > > > >>>>> --
> >> > > > > >>>>> Rishi Yagnik
> >> > > > > >>>>>
> >> > > > > >>>>
> >> > > > > >>>>
> >> > > > > >>>>
> >> > > > > >>>> --
> >> > > > > >>>> Rishi Yagnik
> >> > > > > >>>>
> >> > > > > >>
> >> > > > > >
> >> > > > > >
> >> > > > > >
> >> > > > > > --
> >> > > > > > Rishi Yagnik
> >> > > > >
> >> > > > >
> >> > > >
> >> > >
> >> > >
> >> > >
> >> > > --
> >> > > Rishi Yagnik
> >> > >
> >> >
> >>
> >
> >
> >
> > --
> > Rishi Yagnik
> >
>
>
>
> --
> Rishi Yagnik
>
Re: IGNITE-2741 - spring session design
Posted by Rishi Yagnik <ri...@gmail.com>.
Val,
I build it from master s and was able to integrate with our app, but as I
mentioned to you previously, I see the XSRF-Token errors in debug log,
[DEBUG] [XNIO-2 task-4] org.springframework.security.web.FilterChainProxy -
/app/xxx/yyy/zz/A at position 3 of 13 in additional filter chain; firing
Filter: 'HeaderWriterFilter'
[DEBUG] [XNIO-2 task-4] org.springframework.security.web.FilterChainProxy -
/app/xxx/yyy/zz/A at position 4 of 13 in additional filter chain; firing
Filter: 'CsrfFilter'
[DEBUG] [XNIO-2 task-4] org.springframework.security.web.csrf.CsrfFilter -
Invalid CSRF token found for http://localhost:9002/app/xxx/yyy/zz/A
And, then after, CSRF filter does not like the session, redirects to /403
error.
Just wondering why the XSRF Token is not being saved in the session ?
More debugging is require for sure..
of course there is a work around to the problem, I can just use Cookie
based Token repository to avoid this issue.
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
will let you know my findings..
As always, thanks for all your help.
Thanks,
Rishi
On Tue, Apr 11, 2017 at 4:18 PM, Rishi Yagnik <ri...@gmail.com> wrote:
> Hi Val,
>
> I will build it from master s and let you know by tomorrow.
>
> Thanks,
>
>
> On Tue, Apr 11, 2017 at 3:53 PM, Valentin Kulichenko <
> valentin.kulichenko@gmail.com> wrote:
>
>> Hi Rishi,
>>
>> What was the issue with the HttpSessionCsrfTokenRepository? I didn't have
>> any problems after I added code you provided.
>>
>> The fix for [1] is already in master. Can you try building from there and
>> check if everything works fine for you?
>>
>> [1] https://issues.apache.org/jira/browse/IGNITE-4948
>>
>> -Val
>>
>> On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda <dm...@gridgain.com> wrote:
>>
>> > Somewhere in April. This will be clarified on the dev list soon.
>> >
>> > On Saturday, March 18, 2017, Rishi Yagnik <ri...@gmail.com>
>> wrote:
>> >
>> > > Thanks, Val.
>> > >
>> > > When are we going to release Ignite 2.0 ? June ??
>> > >
>> > > Thanks,
>> > >
>> > > On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
>> > > valentin.kulichenko@gmail.com <javascript:;>> wrote:
>> > >
>> > > > Denis,
>> > > >
>> > > > Yes, this should be possible. I will try to finalize the fix asap.
>> > > >
>> > > > -Val
>> > > >
>> > > > On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda <dmagda@apache.org
>> > > <javascript:;>> wrote:
>> > > >
>> > > > > Val,
>> > > > >
>> > > > > Will it be possible to incorporate the fix into the nearest 2.0
>> > > release?
>> > > > >
>> > > > > —
>> > > > > Denis
>> > > > >
>> > > > > > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <
>> rishiyagnik@gmail.com
>> > > <javascript:;>>
>> > > > > wrote:
>> > > > > >
>> > > > > > Hi Val,
>> > > > > >
>> > > > > > Hope you are well, any update on web session clustering.
>> > > > > >
>> > > > > > Thanks,
>> > > > > > Rishi
>> > > > > >
>> > > > > > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
>> > > rishiyagnik@gmail.com <javascript:;>>
>> > > > > > wrote:
>> > > > > >
>> > > > > >> Hi Val,
>> > > > > >>
>> > > > > >> Thanks looking forward for the fix..
>> > > > > >>
>> > > > > >> Take Care,
>> > > > > >> Rishi
>> > > > > >>
>> > > > > >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
>> > > > > >> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>> > > > > >>>
>> > > > > >>> Hi Rishi,
>> > > > > >>>
>> > > > > >>> I want to fix the bug first. It takes a bit longer than I
>> > thought,
>> > > > but
>> > > > > I
>> > > > > >>> should finish it over the weekend.
>> > > > > >>>
>> > > > > >>> -Val
>> > > > > >>>
>> > > > > >>>> On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
>> > > > rishiyagnik@gmail.com <javascript:;>>
>> > > > > >> wrote:
>> > > > > >>>>
>> > > > > >>>> Hi Val,
>> > > > > >>>>
>> > > > > >>>> Did you chance to look into session handling issue ?
>> > > > > >>>>
>> > > > > >>>> Thanks,
>> > > > > >>>>
>> > > > > >>>> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <
>> > > rishiyagnik@gmail.com <javascript:;>
>> > > > >
>> > > > > >>>> wrote:
>> > > > > >>>>
>> > > > > >>>>> Hi Val,
>> > > > > >>>>>
>> > > > > >>>>> Do you think I can test a fix in 1.9 RC releases ? How are
>> you
>> > > > > planning
>> > > > > >>>> to
>> > > > > >>>>> release a fix ?
>> > > > > >>>>>
>> > > > > >>>>> Did you also look into problem where storing xsrf token in
>> > Ignite
>> > > > > >> returns
>> > > > > >>>>> an exception and does not behave as expected ?
>> > > > > >>>>>
>> > > > > >>>>> In SecurityConfig.java use HttpSessionCsrfTokenRepository
>> with
>> > > > > >> following
>> > > > > >>>>> code -
>> > > > > >>>>>
>> > > > > >>>>> .csrfTokenRepository(csrfTokenRepository())
>> > > > > >>>>>
>> > > > > >>>>> private CsrfTokenRepository csrfTokenRepository() {
>> > > > > >>>>> HttpSessionCsrfTokenRepository repository = new
>> > > > > >>>> HttpSessionCsrfTokenRepository();
>> > > > > >>>>> repository.setHeaderName("X-XSRF-TOKEN");
>> > > > > >>>>> return repository;
>> > > > > >>>>> }
>> > > > > >>>>>
>> > > > > >>>>> Thank you for all your help,
>> > > > > >>>>>
>> > > > > >>>>>
>> > > > > >>>>> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
>> > > > > >>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>> > > > > >>>>>
>> > > > > >>>>>> Hi Rishi,
>> > > > > >>>>>>
>> > > > > >>>>>> I got to the bottom of it. Basically, the session is
>> replaced
>> > in
>> > > > > >> Spring
>> > > > > >>>>>> filter, but caching happens based on the old version which
>> > > doesn't
>> > > > > >> have
>> > > > > >>>>>> security attributes. The fix is going to be very easy, I
>> will
>> > do
>> > > > it
>> > > > > >>>>>> tomorrow.
>> > > > > >>>>>>
>> > > > > >>>>>> -Val
>> > > > > >>>>>>
>> > > > > >>>>>> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik <
>> > > > rishiyagnik@gmail.com <javascript:;>
>> > > > > >
>> > > > > >>>>>> wrote:
>> > > > > >>>>>>
>> > > > > >>>>>>> Val,
>> > > > > >>>>>>>
>> > > > > >>>>>>> Did you get chance to play around with the code ?
>> > > > > >>>>>>>
>> > > > > >>>>>>> Thanks,
>> > > > > >>>>>>>
>> > > > > >>>>>>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
>> > > > > rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>> wrote:
>> > > > > >>>>>>>
>> > > > > >>>>>>>> Val,
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> Adding a filter before csrf filter will invoke the custom
>> > > ignite
>> > > > > >>>>>> filter.
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> Declare a custom filter class extends it with websession
>> > > filter
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> public class CustomWebSessionFilter extends
>> > WebSessionFilter {
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> private static boolean igniteInitialize = false
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> @Override public void doFilter(ServletRequest req,
>> > > > ServletResponse
>> > > > > >>>>>> res,
>> > > > > >>>>>>>> FilterChain chain)
>> > > > > >>>>>>>> throws IOException, ServletException {
>> > > > > >>>>>>>> if(!igniteInitialize) {
>> > > > > >>>>>>>> super.init(new FilterConfig() {
>> > > > > >>>>>>>> @Override
>> > > > > >>>>>>>> public String getFilterName() {
>> > > > > >>>>>>>> return "CustomWebSessionFilter";
>> > > > > >>>>>>>> }
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> @Override
>> > > > > >>>>>>>> public ServletContext getServletContext() {
>> > > > > >>>>>>>> return req.getServletContext();
>> > > > > >>>>>>>> }
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> @Override
>> > > > > >>>>>>>> public String getInitParameter(String
>> name) {
>> > > > > >>>>>>>> return null;
>> > > > > >>>>>>>> }
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> @Override
>> > > > > >>>>>>>> public Enumeration<String>
>> > > > getInitParameterNames() {
>> > > > > >>>>>>>> return null;
>> > > > > >>>>>>>> }
>> > > > > >>>>>>>> });
>> > > > > >>>>>>>> igniteInitialize = true;
>> > > > > >>>>>>>> }
>> > > > > >>>>>>>> super.doFilter(req,res,chain);
>> > > > > >>>>>>>> }
>> > > > > >>>>>>>> }
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> And in SecurityConfig.java add following line to invoke
>> > filter
>> > > > > >>>> before
>> > > > > >>>>>>>> Ignite Web Session filter -
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> .addFilterBefore(new ArWebSessionFilter(),
>> CsrfFilter.class)
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> Hope it helps..
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> Thanks,
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
>> > > > > >>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>> > > > > >>>>>>>>
>> > > > > >>>>>>>>> Rishi,
>> > > > > >>>>>>>>>
>> > > > > >>>>>>>>> Can you please share how you forced Ignite filter to be
>> > > invoked
>> > > > > >>>>>> before
>> > > > > >>>>>>>>> security filter?
>> > > > > >>>>>>>>>
>> > > > > >>>>>>>>> -Val
>> > > > > >>>>>>>>>
>> > > > > >>>>>>>>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik <
>> > > > > >>>> rishiyagnik@gmail.com <javascript:;>
>> > > > > >>>>>>>
>> > > > > >>>>>>>>> wrote:
>> > > > > >>>>>>>>>
>> > > > > >>>>>>>>>> Hi Val,
>> > > > > >>>>>>>>>>
>> > > > > >>>>>>>>>> Thanks for the response, we have executed ignite filter
>> > > before
>> > > > > >>>>>> spring
>> > > > > >>>>>>>>>> security filter but somehow the ignite filter does not
>> do
>> > > the
>> > > > > job
>> > > > > >>>>>> of
>> > > > > >>>>>>>>>> setting spring principle context.
>> > > > > >>>>>>>>>>
>> > > > > >>>>>>>>>> As a result even though we have spring principle in
>> > session,
>> > > > > >>>> spring
>> > > > > >>>>>>>>> filter
>> > > > > >>>>>>>>>> does not recognize it and sends us back to log in page.
>> > > > > >>>>>>>>>>
>> > > > > >>>>>>>>>> I think there s some more work needed here to change
>> the
>> > > > filter
>> > > > > >>>> and
>> > > > > >>>>>>> make
>> > > > > >>>>>>>>>> it work with spring boot application.
>> > > > > >>>>>>>>>>
>> > > > > >>>>>>>>>> Take Care,
>> > > > > >>>>>>>>>> Rishi
>> > > > > >>>>>>>>>>
>> > > > > >>>>>>>>>>> On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
>> > > > > >>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>> > > > > >>>>>>>>>>>
>> > > > > >>>>>>>>>>> Hi Rishi,
>> > > > > >>>>>>>>>>>
>> > > > > >>>>>>>>>>> I did some debugging. Apparently, the reason for this
>> > > > behavior
>> > > > > >>>> is
>> > > > > >>>>>>> that
>> > > > > >>>>>>>>>>> Spring Security filter resides before Ignite's filter
>> in
>> > > the
>> > > > > >>>>>> chain
>> > > > > >>>>>>>>> list.
>> > > > > >>>>>>>>>> I
>> > > > > >>>>>>>>>>> think that eventually this should be fixed in the
>> > product,
>> > > > but
>> > > > > >>>> in
>> > > > > >>>>>>> the
>> > > > > >>>>>>>>>>> meantime there must be a way to work around the
>> problem
>> > by
>> > > > > >>>>>>> controlling
>> > > > > >>>>>>>>>> the
>> > > > > >>>>>>>>>>> order. Do you know how this can be done in Spring
>> Boot?
>> > > > > >>>>>>>>>>>
>> > > > > >>>>>>>>>>> -Val
>> > > > > >>>>>>>>>>>
>> > > > > >>>>>>>>>>>> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik <
>> > > > > >>>>>>> rishiyagnik@gmail.com <javascript:;>
>> > > > > >>>>>>>>>>
>> > > > > >>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>> Hi Val,
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>> Sorry for pestering, thanks for all your help.
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>> Rishi
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:22 PM, Valentin Kulichenko
>> <
>> > > > > >>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>> Hi Rishi,
>> > > > > >>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>> Sorry, not yet. But this on my short list of TODOs,
>> > will
>> > > > try
>> > > > > >>>> to
>> > > > > >>>>>>>>> give an
>> > > > > >>>>>>>>>>>>> update as soon as possible.
>> > > > > >>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>> -Val
>> > > > > >>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik <
>> > > > > >>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>> Hi Val,
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>> any update on session replication issue ?
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>> Thanks,
>> > > > > >>>>>>>>>>>>>> Rishi
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>> On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik <
>> > > > > >>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>> Thanks Val for looking into it.
>> > > > > >>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>> On Wed, Feb 22, 2017 at 9:32 PM, Valentin
>> Kulichenko
>> > <
>> > > > > >>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
>> wrote:
>> > > > > >>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>> Hi Rishi,
>> > > > > >>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>> Got it, I think I'm reproducing the issue. I'll
>> > take a
>> > > > > >>>> look
>> > > > > >>>>>> and
>> > > > > >>>>>>>>> let
>> > > > > >>>>>>>>>>>>> you
>> > > > > >>>>>>>>>>>>>>>> know my findings soon.
>> > > > > >>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>> -Val
>> > > > > >>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <
>> > > > > >>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>> Hi Val,
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>> The issue will occur in cluster environment,
>> please
>> > > > setup
>> > > > > >>>>>> the
>> > > > > >>>>>>>>>>>> spring
>> > > > > >>>>>>>>>>>>>>>> boot
>> > > > > >>>>>>>>>>>>>>>>> on 2 different host with LB (F5 OR Reverse
>> proxy)
>> > in
>> > > > > >>>> front
>> > > > > >>>>>> and
>> > > > > >>>>>>>>> try
>> > > > > >>>>>>>>>>>>> to
>> > > > > >>>>>>>>>>>>>>>>> login.
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>> In cluster environment, Spring security does not
>> > > > > >>>> recognize
>> > > > > >>>>>> the
>> > > > > >>>>>>>>>>>>> session
>> > > > > >>>>>>>>>>>>>>>> on
>> > > > > >>>>>>>>>>>>>>>>> the host you are not logged in, as a result,
>> spring
>> > > > > >>>>>> security
>> > > > > >>>>>>>>> will
>> > > > > >>>>>>>>>>>>>>>> redirect
>> > > > > >>>>>>>>>>>>>>>>> to login url however the correct behavior
>> should be
>> > > > that
>> > > > > >>>>>> user
>> > > > > >>>>>>>>>>>> would
>> > > > > >>>>>>>>>>>>>> stay
>> > > > > >>>>>>>>>>>>>>>>> logged in with session replication.
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>> Do let me know if you need more information.
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>> Thanks,
>> > > > > >>>>>>>>>>>>>>>>> Rishi
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:08 PM, Valentin
>> > Kulichenko
>> > > <
>> > > > > >>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
>> > wrote:
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>> Hi Rishi,
>> > > > > >>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>> I was able to build and run the application.
>> Can
>> > you
>> > > > > >>>> give
>> > > > > >>>>>>> some
>> > > > > >>>>>>>>>>>>>>>>> description
>> > > > > >>>>>>>>>>>>>>>>>> on what should I test to understand the issue?
>> > What
>> > > > > >>>>>> exactly
>> > > > > >>>>>>>>>>>> didn't
>> > > > > >>>>>>>>>>>>>>>> work
>> > > > > >>>>>>>>>>>>>>>>> for
>> > > > > >>>>>>>>>>>>>>>>>> you?
>> > > > > >>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>> -Val
>> > > > > >>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 10:52 AM, Valentin
>> > > Kulichenko
>> > > > <
>> > > > > >>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
>> > > wrote:
>> > > > > >>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>> Hi Rishi,
>> > > > > >>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>> Thanks, I'll take a look.
>> > > > > >>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>> -Val
>> > > > > >>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik
>> <
>> > > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>>>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> Hi Val,
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> As promised, please find attached code for
>> > spring
>> > > > boot
>> > > > > >>>>>>>>>>>>>> integration
>> > > > > >>>>>>>>>>>>>>>>> with
>> > > > > >>>>>>>>>>>>>>>>>>>> spring security along with Ignite.
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> Some more information on project -
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> - It is a maven project ( Ignite 1.7.0, SB
>> > 1.4.3 )
>> > > > > >>>>>>>>>>>>>>>>>>>> - spring security integrated with boot
>> project
>> > > along
>> > > > > >>>>>> with
>> > > > > >>>>>>>>>>>>>> ignite
>> > > > > >>>>>>>>>>>>>>>>>>>> - HttpSessionCookieCsrfTokenRepository does
>> not
>> > > > > >>>> work,
>> > > > > >>>>>>>>>>>> gives
>> > > > > >>>>>>>>>>>>>>>>>>>> intermediate errors on single instance so
>> used
>> > > > > >>>>>>>>>>>>>>>>>> CookieCsrfTokenRepository
>> > > > > >>>>>>>>>>>>>>>>>>>> for CSRF token, again I think we need a fix
>> here
>> > > > > >>>> from
>> > > > > >>>>>>>>>>>>> Ignite.
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> I cant reproduce this errors while I am
>> running
>> > on
>> > > > > >>>>>> single
>> > > > > >>>>>>>>>>>>>> instance,
>> > > > > >>>>>>>>>>>>>>>>> you
>> > > > > >>>>>>>>>>>>>>>>>>>> need to run this app on 2 spring boot
>> instance
>> > > > having
>> > > > > >>>>>> proxy
>> > > > > >>>>>>>>>>>> in
>> > > > > >>>>>>>>>>>>>>>> front (
>> > > > > >>>>>>>>>>>>>>>>>> F5,
>> > > > > >>>>>>>>>>>>>>>>>>>> OR any proxy ) with round robin fashion ( no
>> > > sticky
>> > > > > >>>>>> session
>> > > > > >>>>>>>>>>>> on
>> > > > > >>>>>>>>>>>>> F5
>> > > > > >>>>>>>>>>>>>>>> OR
>> > > > > >>>>>>>>>>>>>>>>>>>> proxies ).
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> We were thinking with round robin the user
>> > session
>> > > > > >>>> will
>> > > > > >>>>>>>>>>>> active
>> > > > > >>>>>>>>>>>>>>>> since
>> > > > > >>>>>>>>>>>>>>>>> we
>> > > > > >>>>>>>>>>>>>>>>>>>> used session replication on backend.
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> Do let me know if you need more information
>> > here.
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> Thanks,
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> Rishi
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 9:57 PM, Rishi
>> Yagnik <
>> > > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>>>>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>> Val,
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>> My SB sample project is ready however I have
>> > > asked
>> > > > > >>>> for
>> > > > > >>>>>> an
>> > > > > >>>>>>>>>>>>>>>> approval to
>> > > > > >>>>>>>>>>>>>>>>>>>>> submit sample project to you, it would take
>> day
>> > > or
>> > > > > >>>> two.
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>> I will keep you posted.
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>> Thanks for all your help,
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi
>> Yagnik <
>> > > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>
>> > > > > >>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>> Let me build an example app for you and
>> send
>> > it
>> > > > > >>>>>> across to
>> > > > > >>>>>>>>>>>>> you.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>> Thanks,
>> > > > > >>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin
>> > > > > >>>> Kulichenko <
>> > > > > >>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
>> <javascript:;>>
>> > > wrote:
>> > > > > >>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> Rishi,
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> No I don't, and I think that's what we
>> should
>> > > > start
>> > > > > >>>>>>> with.
>> > > > > >>>>>>>>>>>> I
>> > > > > >>>>>>>>>>>>>>>> want to
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> understand a use case that is currently
>> not
>> > > > > >>>> supported
>> > > > > >>>>>>> (if
>> > > > > >>>>>>>>>>>>> any)
>> > > > > >>>>>>>>>>>>>>>> and
>> > > > > >>>>>>>>>>>>>>>>>> then
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> find the best solution. And I would like
>> to
>> > > reuse
>> > > > > >>>>>>> existing
>> > > > > >>>>>>>>>>>>>> code
>> > > > > >>>>>>>>>>>>>>>> as
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> much as
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> possible.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> Do you have any code that reproduces the
>> > > problem
>> > > > > >>>> you
>> > > > > >>>>>> had
>> > > > > >>>>>>>>>>>> and
>> > > > > >>>>>>>>>>>>>> how
>> > > > > >>>>>>>>>>>>>>>>> you
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> tried
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> to utilize current web session clustering?
>> > Can
>> > > > you
>> > > > > >>>>>> share
>> > > > > >>>>>>>>>>>> it
>> > > > > >>>>>>>>>>>>>> with
>> > > > > >>>>>>>>>>>>>>>>> us?
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> -Val
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi
>> > Yagnik
>> > > <
>> > > > > >>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> I am working on SB platform with spring
>> > > security
>> > > > > >>>>>> and we
>> > > > > >>>>>>>>>>>>>> found
>> > > > > >>>>>>>>>>>>>>>> out
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> that the
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> web session filter ignite provides does
>> not
>> > > work
>> > > > > >>>> for
>> > > > > >>>>>>>>>>>>> session
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> management on
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> 2 node spring boot cluster.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Somehow, spring security filter kicks in
>> > > result
>> > > > in
>> > > > > >>>>>> some
>> > > > > >>>>>>>>>>>>>> weird
>> > > > > >>>>>>>>>>>>>>>>>> errors
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> with
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> web session filter.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> So making compatible with spring security
>> > > > somehow,
>> > > > > >>>>>> we
>> > > > > >>>>>>>>>>>> need
>> > > > > >>>>>>>>>>>>>> to
>> > > > > >>>>>>>>>>>>>>>>> write
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> implementation on spring session.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Do you have any test cases that says web
>> > > session
>> > > > > >>>>>> filter
>> > > > > >>>>>>>>>>>>>> would
>> > > > > >>>>>>>>>>>>>>>>> work
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> with
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring security on boot platform ?
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Thanks,
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 1:03 PM, Valentin
>> > > > > >>>>>> Kulichenko <
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
>> > <javascript:;>>
>> > > wrote:
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Can you please take a look at web
>> session
>> > > > > >>>>>> clustering
>> > > > > >>>>>>>>>>>>>> feature
>> > > > > >>>>>>>>>>>>>>>>> [1]
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> provided
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> by Ignite? I'm looking at Spring Session
>> > docs
>> > > > and
>> > > > > >>>>>> it
>> > > > > >>>>>>>>>>>>> seems
>> > > > > >>>>>>>>>>>>>>>> to
>> > > > > >>>>>>>>>>>>>>>>> me
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> it does
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> exactly the same - replaces HttpSession
>> > with
>> > > > > >>>> custom
>> > > > > >>>>>>>>>>>>>>>>>> implementation
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> that
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> has
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> a backend storage. If it doesn't provide
>> > any
>> > > > > >>>>>>>>>>>> additional
>> > > > > >>>>>>>>>>>>>> API
>> > > > > >>>>>>>>>>>>>>>> or
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> functionality, I'm not sure I understand
>> > the
>> > > > > >>>>>> benefit
>> > > > > >>>>>>>>>>>> of
>> > > > > >>>>>>>>>>>>>> this
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> feature.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Let me know if I'm missing something.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> [1] https://apacheignite-mix.
>> > > > > >>>>>>>>>>>>> readme.io/docs/web-session-
>> > > > > >>>>>>>>>>>>>>>>>> clustering
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> -Val
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> On Mon, Feb 13, 2017 at 2:41 PM, Rishi
>> > > Yagnik <
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> wrote:
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> I would like to discuss session
>> > replication
>> > > /
>> > > > > >>>> fail
>> > > > > >>>>>>>>>>>>> over
>> > > > > >>>>>>>>>>>>>>>>> design
>> > > > > >>>>>>>>>>>>>>>>>> on
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> boot platform and wanted to find what
>> is
>> > the
>> > > > > >>>> best
>> > > > > >>>>>>>>>>>> out
>> > > > > >>>>>>>>>>>>> to
>> > > > > >>>>>>>>>>>>>>>> get
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> started
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> here ?
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> Possible approaches are as follows -
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> - Make use of Spring Session for
>> session
>> > > > > >>>>>>>>>>>>> replication
>> > > > > >>>>>>>>>>>>>>>> and
>> > > > > >>>>>>>>>>>>>>>>>> fail
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> over
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> - Extend the web session filter and
>> make
>> > it
>> > > > > >>>> work
>> > > > > >>>>>>>>>>>> on
>> > > > > >>>>>>>>>>>>>>>> spring
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> boot
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> application
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> I am thinking that best approach would
>> be
>> > to
>> > > > get
>> > > > > >>>>>>>>>>>>> started
>> > > > > >>>>>>>>>>>>>>>> here
>> > > > > >>>>>>>>>>>>>>>>>>>>>>> with
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> session design however I am open for
>> > > feedback
>> > > > > >>>>>> here.
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>>> --
>> > > > > >>>>>>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>>>>>
>> > > > > >>>>>>>>>>
>> > > > > >>>>>>>>>
>> > > > > >>>>>>>>
>> > > > > >>>>>>>>
>> > > > > >>>>>>>>
>> > > > > >>>>>>>> --
>> > > > > >>>>>>>> Rishi Yagnik
>> > > > > >>>>>>>>
>> > > > > >>>>>>>
>> > > > > >>>>>>>
>> > > > > >>>>>>>
>> > > > > >>>>>>> --
>> > > > > >>>>>>> Rishi Yagnik
>> > > > > >>>>>>>
>> > > > > >>>>>>
>> > > > > >>>>>
>> > > > > >>>>>
>> > > > > >>>>>
>> > > > > >>>>> --
>> > > > > >>>>> Rishi Yagnik
>> > > > > >>>>>
>> > > > > >>>>
>> > > > > >>>>
>> > > > > >>>>
>> > > > > >>>> --
>> > > > > >>>> Rishi Yagnik
>> > > > > >>>>
>> > > > > >>
>> > > > > >
>> > > > > >
>> > > > > >
>> > > > > > --
>> > > > > > Rishi Yagnik
>> > > > >
>> > > > >
>> > > >
>> > >
>> > >
>> > >
>> > > --
>> > > Rishi Yagnik
>> > >
>> >
>>
>
>
>
> --
> Rishi Yagnik
>
--
Rishi Yagnik
Re: IGNITE-2741 - spring session design
Posted by Rishi Yagnik <ri...@gmail.com>.
Hi Val,
I will build it from master s and let you know by tomorrow.
Thanks,
On Tue, Apr 11, 2017 at 3:53 PM, Valentin Kulichenko <
valentin.kulichenko@gmail.com> wrote:
> Hi Rishi,
>
> What was the issue with the HttpSessionCsrfTokenRepository? I didn't have
> any problems after I added code you provided.
>
> The fix for [1] is already in master. Can you try building from there and
> check if everything works fine for you?
>
> [1] https://issues.apache.org/jira/browse/IGNITE-4948
>
> -Val
>
> On Sat, Mar 18, 2017 at 5:15 PM, Denis Magda <dm...@gridgain.com> wrote:
>
> > Somewhere in April. This will be clarified on the dev list soon.
> >
> > On Saturday, March 18, 2017, Rishi Yagnik <ri...@gmail.com> wrote:
> >
> > > Thanks, Val.
> > >
> > > When are we going to release Ignite 2.0 ? June ??
> > >
> > > Thanks,
> > >
> > > On Sat, Mar 18, 2017 at 6:02 AM, Valentin Kulichenko <
> > > valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > >
> > > > Denis,
> > > >
> > > > Yes, this should be possible. I will try to finalize the fix asap.
> > > >
> > > > -Val
> > > >
> > > > On Fri, Mar 17, 2017 at 7:46 PM, Denis Magda <dmagda@apache.org
> > > <javascript:;>> wrote:
> > > >
> > > > > Val,
> > > > >
> > > > > Will it be possible to incorporate the fix into the nearest 2.0
> > > release?
> > > > >
> > > > > —
> > > > > Denis
> > > > >
> > > > > > On Mar 17, 2017, at 11:43 AM, Rishi Yagnik <
> rishiyagnik@gmail.com
> > > <javascript:;>>
> > > > > wrote:
> > > > > >
> > > > > > Hi Val,
> > > > > >
> > > > > > Hope you are well, any update on web session clustering.
> > > > > >
> > > > > > Thanks,
> > > > > > Rishi
> > > > > >
> > > > > > On Sat, Mar 11, 2017 at 12:29 PM, Rishi Yagnik <
> > > rishiyagnik@gmail.com <javascript:;>>
> > > > > > wrote:
> > > > > >
> > > > > >> Hi Val,
> > > > > >>
> > > > > >> Thanks looking forward for the fix..
> > > > > >>
> > > > > >> Take Care,
> > > > > >> Rishi
> > > > > >>
> > > > > >>> On Mar 11, 2017, at 11:31 AM, Valentin Kulichenko <
> > > > > >> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > > > > >>>
> > > > > >>> Hi Rishi,
> > > > > >>>
> > > > > >>> I want to fix the bug first. It takes a bit longer than I
> > thought,
> > > > but
> > > > > I
> > > > > >>> should finish it over the weekend.
> > > > > >>>
> > > > > >>> -Val
> > > > > >>>
> > > > > >>>> On Fri, Mar 10, 2017 at 4:13 AM, Rishi Yagnik <
> > > > rishiyagnik@gmail.com <javascript:;>>
> > > > > >> wrote:
> > > > > >>>>
> > > > > >>>> Hi Val,
> > > > > >>>>
> > > > > >>>> Did you chance to look into session handling issue ?
> > > > > >>>>
> > > > > >>>> Thanks,
> > > > > >>>>
> > > > > >>>> On Mon, Mar 6, 2017 at 3:37 PM, Rishi Yagnik <
> > > rishiyagnik@gmail.com <javascript:;>
> > > > >
> > > > > >>>> wrote:
> > > > > >>>>
> > > > > >>>>> Hi Val,
> > > > > >>>>>
> > > > > >>>>> Do you think I can test a fix in 1.9 RC releases ? How are
> you
> > > > > planning
> > > > > >>>> to
> > > > > >>>>> release a fix ?
> > > > > >>>>>
> > > > > >>>>> Did you also look into problem where storing xsrf token in
> > Ignite
> > > > > >> returns
> > > > > >>>>> an exception and does not behave as expected ?
> > > > > >>>>>
> > > > > >>>>> In SecurityConfig.java use HttpSessionCsrfTokenRepository
> with
> > > > > >> following
> > > > > >>>>> code -
> > > > > >>>>>
> > > > > >>>>> .csrfTokenRepository(csrfTokenRepository())
> > > > > >>>>>
> > > > > >>>>> private CsrfTokenRepository csrfTokenRepository() {
> > > > > >>>>> HttpSessionCsrfTokenRepository repository = new
> > > > > >>>> HttpSessionCsrfTokenRepository();
> > > > > >>>>> repository.setHeaderName("X-XSRF-TOKEN");
> > > > > >>>>> return repository;
> > > > > >>>>> }
> > > > > >>>>>
> > > > > >>>>> Thank you for all your help,
> > > > > >>>>>
> > > > > >>>>>
> > > > > >>>>> On Mon, Mar 6, 2017 at 2:34 PM, Valentin Kulichenko <
> > > > > >>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > > > > >>>>>
> > > > > >>>>>> Hi Rishi,
> > > > > >>>>>>
> > > > > >>>>>> I got to the bottom of it. Basically, the session is
> replaced
> > in
> > > > > >> Spring
> > > > > >>>>>> filter, but caching happens based on the old version which
> > > doesn't
> > > > > >> have
> > > > > >>>>>> security attributes. The fix is going to be very easy, I
> will
> > do
> > > > it
> > > > > >>>>>> tomorrow.
> > > > > >>>>>>
> > > > > >>>>>> -Val
> > > > > >>>>>>
> > > > > >>>>>> On Mon, Mar 6, 2017 at 7:34 PM, Rishi Yagnik <
> > > > rishiyagnik@gmail.com <javascript:;>
> > > > > >
> > > > > >>>>>> wrote:
> > > > > >>>>>>
> > > > > >>>>>>> Val,
> > > > > >>>>>>>
> > > > > >>>>>>> Did you get chance to play around with the code ?
> > > > > >>>>>>>
> > > > > >>>>>>> Thanks,
> > > > > >>>>>>>
> > > > > >>>>>>> On Sun, Mar 5, 2017 at 7:25 PM, Rishi Yagnik <
> > > > > rishiyagnik@gmail.com <javascript:;>>
> > > > > >>>>>>> wrote:
> > > > > >>>>>>>
> > > > > >>>>>>>> Val,
> > > > > >>>>>>>>
> > > > > >>>>>>>> Adding a filter before csrf filter will invoke the custom
> > > ignite
> > > > > >>>>>> filter.
> > > > > >>>>>>>>
> > > > > >>>>>>>> Declare a custom filter class extends it with websession
> > > filter
> > > > > >>>>>>>>
> > > > > >>>>>>>> public class CustomWebSessionFilter extends
> > WebSessionFilter {
> > > > > >>>>>>>>
> > > > > >>>>>>>> private static boolean igniteInitialize = false
> > > > > >>>>>>>>
> > > > > >>>>>>>> @Override public void doFilter(ServletRequest req,
> > > > ServletResponse
> > > > > >>>>>> res,
> > > > > >>>>>>>> FilterChain chain)
> > > > > >>>>>>>> throws IOException, ServletException {
> > > > > >>>>>>>> if(!igniteInitialize) {
> > > > > >>>>>>>> super.init(new FilterConfig() {
> > > > > >>>>>>>> @Override
> > > > > >>>>>>>> public String getFilterName() {
> > > > > >>>>>>>> return "CustomWebSessionFilter";
> > > > > >>>>>>>> }
> > > > > >>>>>>>>
> > > > > >>>>>>>> @Override
> > > > > >>>>>>>> public ServletContext getServletContext() {
> > > > > >>>>>>>> return req.getServletContext();
> > > > > >>>>>>>> }
> > > > > >>>>>>>>
> > > > > >>>>>>>> @Override
> > > > > >>>>>>>> public String getInitParameter(String name)
> {
> > > > > >>>>>>>> return null;
> > > > > >>>>>>>> }
> > > > > >>>>>>>>
> > > > > >>>>>>>> @Override
> > > > > >>>>>>>> public Enumeration<String>
> > > > getInitParameterNames() {
> > > > > >>>>>>>> return null;
> > > > > >>>>>>>> }
> > > > > >>>>>>>> });
> > > > > >>>>>>>> igniteInitialize = true;
> > > > > >>>>>>>> }
> > > > > >>>>>>>> super.doFilter(req,res,chain);
> > > > > >>>>>>>> }
> > > > > >>>>>>>> }
> > > > > >>>>>>>>
> > > > > >>>>>>>> And in SecurityConfig.java add following line to invoke
> > filter
> > > > > >>>> before
> > > > > >>>>>>>> Ignite Web Session filter -
> > > > > >>>>>>>>
> > > > > >>>>>>>> .addFilterBefore(new ArWebSessionFilter(),
> CsrfFilter.class)
> > > > > >>>>>>>>
> > > > > >>>>>>>> Hope it helps..
> > > > > >>>>>>>>
> > > > > >>>>>>>> Thanks,
> > > > > >>>>>>>>
> > > > > >>>>>>>> On Sun, Mar 5, 2017 at 1:28 PM, Valentin Kulichenko <
> > > > > >>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > > > > >>>>>>>>
> > > > > >>>>>>>>> Rishi,
> > > > > >>>>>>>>>
> > > > > >>>>>>>>> Can you please share how you forced Ignite filter to be
> > > invoked
> > > > > >>>>>> before
> > > > > >>>>>>>>> security filter?
> > > > > >>>>>>>>>
> > > > > >>>>>>>>> -Val
> > > > > >>>>>>>>>
> > > > > >>>>>>>>> On Sun, Mar 5, 2017 at 11:20 AM, Rishi Yagnik <
> > > > > >>>> rishiyagnik@gmail.com <javascript:;>
> > > > > >>>>>>>
> > > > > >>>>>>>>> wrote:
> > > > > >>>>>>>>>
> > > > > >>>>>>>>>> Hi Val,
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>> Thanks for the response, we have executed ignite filter
> > > before
> > > > > >>>>>> spring
> > > > > >>>>>>>>>> security filter but somehow the ignite filter does not
> do
> > > the
> > > > > job
> > > > > >>>>>> of
> > > > > >>>>>>>>>> setting spring principle context.
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>> As a result even though we have spring principle in
> > session,
> > > > > >>>> spring
> > > > > >>>>>>>>> filter
> > > > > >>>>>>>>>> does not recognize it and sends us back to log in page.
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>> I think there s some more work needed here to change the
> > > > filter
> > > > > >>>> and
> > > > > >>>>>>> make
> > > > > >>>>>>>>>> it work with spring boot application.
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>> Take Care,
> > > > > >>>>>>>>>> Rishi
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>>> On Mar 5, 2017, at 10:16 AM, Valentin Kulichenko <
> > > > > >>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> Hi Rishi,
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> I did some debugging. Apparently, the reason for this
> > > > behavior
> > > > > >>>> is
> > > > > >>>>>>> that
> > > > > >>>>>>>>>>> Spring Security filter resides before Ignite's filter
> in
> > > the
> > > > > >>>>>> chain
> > > > > >>>>>>>>> list.
> > > > > >>>>>>>>>> I
> > > > > >>>>>>>>>>> think that eventually this should be fixed in the
> > product,
> > > > but
> > > > > >>>> in
> > > > > >>>>>>> the
> > > > > >>>>>>>>>>> meantime there must be a way to work around the problem
> > by
> > > > > >>>>>>> controlling
> > > > > >>>>>>>>>> the
> > > > > >>>>>>>>>>> order. Do you know how this can be done in Spring Boot?
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>> -Val
> > > > > >>>>>>>>>>>
> > > > > >>>>>>>>>>>> On Tue, Feb 28, 2017 at 9:31 AM, Rishi Yagnik <
> > > > > >>>>>>> rishiyagnik@gmail.com <javascript:;>
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>> wrote:
> > > > > >>>>>>>>>>>>
> > > > > >>>>>>>>>>>> Hi Val,
> > > > > >>>>>>>>>>>>
> > > > > >>>>>>>>>>>> Sorry for pestering, thanks for all your help.
> > > > > >>>>>>>>>>>>
> > > > > >>>>>>>>>>>> Rishi
> > > > > >>>>>>>>>>>>
> > > > > >>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:22 PM, Valentin Kulichenko <
> > > > > >>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>> wrote:
> > > > > >>>>>>>>>>>>
> > > > > >>>>>>>>>>>>> Hi Rishi,
> > > > > >>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>> Sorry, not yet. But this on my short list of TODOs,
> > will
> > > > try
> > > > > >>>> to
> > > > > >>>>>>>>> give an
> > > > > >>>>>>>>>>>>> update as soon as possible.
> > > > > >>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>> -Val
> > > > > >>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>> On Mon, Feb 27, 2017 at 7:47 AM, Rishi Yagnik <
> > > > > >>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > > > > >>>>>>>>>>>>> wrote:
> > > > > >>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>> Hi Val,
> > > > > >>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>> any update on session replication issue ?
> > > > > >>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>> Thanks,
> > > > > >>>>>>>>>>>>>> Rishi
> > > > > >>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>> On Thu, Feb 23, 2017 at 8:07 AM, Rishi Yagnik <
> > > > > >>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > > > > >>>>>>>>>>>>>> wrote:
> > > > > >>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>> Thanks Val for looking into it.
> > > > > >>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>> On Wed, Feb 22, 2017 at 9:32 PM, Valentin
> Kulichenko
> > <
> > > > > >>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> wrote:
> > > > > >>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>> Hi Rishi,
> > > > > >>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>> Got it, I think I'm reproducing the issue. I'll
> > take a
> > > > > >>>> look
> > > > > >>>>>> and
> > > > > >>>>>>>>> let
> > > > > >>>>>>>>>>>>> you
> > > > > >>>>>>>>>>>>>>>> know my findings soon.
> > > > > >>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>> -Val
> > > > > >>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:27 PM, Rishi Yagnik <
> > > > > >>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > > > > >>>>>>>>>>>>>>>> wrote:
> > > > > >>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>> Hi Val,
> > > > > >>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>> The issue will occur in cluster environment,
> please
> > > > setup
> > > > > >>>>>> the
> > > > > >>>>>>>>>>>> spring
> > > > > >>>>>>>>>>>>>>>> boot
> > > > > >>>>>>>>>>>>>>>>> on 2 different host with LB (F5 OR Reverse proxy)
> > in
> > > > > >>>> front
> > > > > >>>>>> and
> > > > > >>>>>>>>> try
> > > > > >>>>>>>>>>>>> to
> > > > > >>>>>>>>>>>>>>>>> login.
> > > > > >>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>> In cluster environment, Spring security does not
> > > > > >>>> recognize
> > > > > >>>>>> the
> > > > > >>>>>>>>>>>>> session
> > > > > >>>>>>>>>>>>>>>> on
> > > > > >>>>>>>>>>>>>>>>> the host you are not logged in, as a result,
> spring
> > > > > >>>>>> security
> > > > > >>>>>>>>> will
> > > > > >>>>>>>>>>>>>>>> redirect
> > > > > >>>>>>>>>>>>>>>>> to login url however the correct behavior should
> be
> > > > that
> > > > > >>>>>> user
> > > > > >>>>>>>>>>>> would
> > > > > >>>>>>>>>>>>>> stay
> > > > > >>>>>>>>>>>>>>>>> logged in with session replication.
> > > > > >>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>> Do let me know if you need more information.
> > > > > >>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>> Thanks,
> > > > > >>>>>>>>>>>>>>>>> Rishi
> > > > > >>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>> On Tue, Feb 21, 2017 at 7:08 PM, Valentin
> > Kulichenko
> > > <
> > > > > >>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> > wrote:
> > > > > >>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>> Hi Rishi,
> > > > > >>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>> I was able to build and run the application. Can
> > you
> > > > > >>>> give
> > > > > >>>>>>> some
> > > > > >>>>>>>>>>>>>>>>> description
> > > > > >>>>>>>>>>>>>>>>>> on what should I test to understand the issue?
> > What
> > > > > >>>>>> exactly
> > > > > >>>>>>>>>>>> didn't
> > > > > >>>>>>>>>>>>>>>> work
> > > > > >>>>>>>>>>>>>>>>> for
> > > > > >>>>>>>>>>>>>>>>>> you?
> > > > > >>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>> -Val
> > > > > >>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 10:52 AM, Valentin
> > > Kulichenko
> > > > <
> > > > > >>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com <javascript:;>>
> > > wrote:
> > > > > >>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>> Hi Rishi,
> > > > > >>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>> Thanks, I'll take a look.
> > > > > >>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>> -Val
> > > > > >>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>> On Wed, Feb 15, 2017 at 9:07 AM, Rishi Yagnik <
> > > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > > > > >>>>>>>>>>>>>>>>>>> wrote:
> > > > > >>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>> Hi Val,
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>> As promised, please find attached code for
> > spring
> > > > boot
> > > > > >>>>>>>>>>>>>> integration
> > > > > >>>>>>>>>>>>>>>>> with
> > > > > >>>>>>>>>>>>>>>>>>>> spring security along with Ignite.
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>> Some more information on project -
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>> - It is a maven project ( Ignite 1.7.0, SB
> > 1.4.3 )
> > > > > >>>>>>>>>>>>>>>>>>>> - spring security integrated with boot project
> > > along
> > > > > >>>>>> with
> > > > > >>>>>>>>>>>>>> ignite
> > > > > >>>>>>>>>>>>>>>>>>>> - HttpSessionCookieCsrfTokenRepository does
> not
> > > > > >>>> work,
> > > > > >>>>>>>>>>>> gives
> > > > > >>>>>>>>>>>>>>>>>>>> intermediate errors on single instance so used
> > > > > >>>>>>>>>>>>>>>>>> CookieCsrfTokenRepository
> > > > > >>>>>>>>>>>>>>>>>>>> for CSRF token, again I think we need a fix
> here
> > > > > >>>> from
> > > > > >>>>>>>>>>>>> Ignite.
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>> I cant reproduce this errors while I am
> running
> > on
> > > > > >>>>>> single
> > > > > >>>>>>>>>>>>>> instance,
> > > > > >>>>>>>>>>>>>>>>> you
> > > > > >>>>>>>>>>>>>>>>>>>> need to run this app on 2 spring boot instance
> > > > having
> > > > > >>>>>> proxy
> > > > > >>>>>>>>>>>> in
> > > > > >>>>>>>>>>>>>>>> front (
> > > > > >>>>>>>>>>>>>>>>>> F5,
> > > > > >>>>>>>>>>>>>>>>>>>> OR any proxy ) with round robin fashion ( no
> > > sticky
> > > > > >>>>>> session
> > > > > >>>>>>>>>>>> on
> > > > > >>>>>>>>>>>>> F5
> > > > > >>>>>>>>>>>>>>>> OR
> > > > > >>>>>>>>>>>>>>>>>>>> proxies ).
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>> We were thinking with round robin the user
> > session
> > > > > >>>> will
> > > > > >>>>>>>>>>>> active
> > > > > >>>>>>>>>>>>>>>> since
> > > > > >>>>>>>>>>>>>>>>> we
> > > > > >>>>>>>>>>>>>>>>>>>> used session replication on backend.
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>> Do let me know if you need more information
> > here.
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>> Thanks,
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>> Rishi
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 9:57 PM, Rishi Yagnik
> <
> > > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > > > > >>>>>>>>>>>>>>>>>>>> wrote:
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>> Val,
> > > > > >>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>> My SB sample project is ready however I have
> > > asked
> > > > > >>>> for
> > > > > >>>>>> an
> > > > > >>>>>>>>>>>>>>>> approval to
> > > > > >>>>>>>>>>>>>>>>>>>>> submit sample project to you, it would take
> day
> > > or
> > > > > >>>> two.
> > > > > >>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>> I will keep you posted.
> > > > > >>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>> Thanks for all your help,
> > > > > >>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:51 PM, Rishi
> Yagnik <
> > > > > >>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>
> > > > > >>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>> wrote:
> > > > > >>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>> Let me build an example app for you and send
> > it
> > > > > >>>>>> across to
> > > > > >>>>>>>>>>>>> you.
> > > > > >>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>> Thanks,
> > > > > >>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 3:28 PM, Valentin
> > > > > >>>> Kulichenko <
> > > > > >>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
> <javascript:;>>
> > > wrote:
> > > > > >>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>> Rishi,
> > > > > >>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>> No I don't, and I think that's what we
> should
> > > > start
> > > > > >>>>>>> with.
> > > > > >>>>>>>>>>>> I
> > > > > >>>>>>>>>>>>>>>> want to
> > > > > >>>>>>>>>>>>>>>>>>>>>>> understand a use case that is currently not
> > > > > >>>> supported
> > > > > >>>>>>> (if
> > > > > >>>>>>>>>>>>> any)
> > > > > >>>>>>>>>>>>>>>> and
> > > > > >>>>>>>>>>>>>>>>>> then
> > > > > >>>>>>>>>>>>>>>>>>>>>>> find the best solution. And I would like to
> > > reuse
> > > > > >>>>>>> existing
> > > > > >>>>>>>>>>>>>> code
> > > > > >>>>>>>>>>>>>>>> as
> > > > > >>>>>>>>>>>>>>>>>>>>>>> much as
> > > > > >>>>>>>>>>>>>>>>>>>>>>> possible.
> > > > > >>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>> Do you have any code that reproduces the
> > > problem
> > > > > >>>> you
> > > > > >>>>>> had
> > > > > >>>>>>>>>>>> and
> > > > > >>>>>>>>>>>>>> how
> > > > > >>>>>>>>>>>>>>>>> you
> > > > > >>>>>>>>>>>>>>>>>>>>>>> tried
> > > > > >>>>>>>>>>>>>>>>>>>>>>> to utilize current web session clustering?
> > Can
> > > > you
> > > > > >>>>>> share
> > > > > >>>>>>>>>>>> it
> > > > > >>>>>>>>>>>>>> with
> > > > > >>>>>>>>>>>>>>>>> us?
> > > > > >>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>> -Val
> > > > > >>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 11:28 AM, Rishi
> > Yagnik
> > > <
> > > > > >>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>> wrote:
> > > > > >>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Hi Val,
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> I am working on SB platform with spring
> > > security
> > > > > >>>>>> and we
> > > > > >>>>>>>>>>>>>> found
> > > > > >>>>>>>>>>>>>>>> out
> > > > > >>>>>>>>>>>>>>>>>>>>>>> that the
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> web session filter ignite provides does
> not
> > > work
> > > > > >>>> for
> > > > > >>>>>>>>>>>>> session
> > > > > >>>>>>>>>>>>>>>>>>>>>>> management on
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> 2 node spring boot cluster.
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Somehow, spring security filter kicks in
> > > result
> > > > in
> > > > > >>>>>> some
> > > > > >>>>>>>>>>>>>> weird
> > > > > >>>>>>>>>>>>>>>>>> errors
> > > > > >>>>>>>>>>>>>>>>>>>>>>> with
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> web session filter.
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> So making compatible with spring security
> > > > somehow,
> > > > > >>>>>> we
> > > > > >>>>>>>>>>>> need
> > > > > >>>>>>>>>>>>>> to
> > > > > >>>>>>>>>>>>>>>>> write
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> implementation on spring session.
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Do you have any test cases that says web
> > > session
> > > > > >>>>>> filter
> > > > > >>>>>>>>>>>>>> would
> > > > > >>>>>>>>>>>>>>>>> work
> > > > > >>>>>>>>>>>>>>>>>>>>>>> with
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring security on boot platform ?
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Thanks,
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> On Tue, Feb 14, 2017 at 1:03 PM, Valentin
> > > > > >>>>>> Kulichenko <
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> valentin.kulichenko@gmail.com
> > <javascript:;>>
> > > wrote:
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Hi Rishi,
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Can you please take a look at web session
> > > > > >>>>>> clustering
> > > > > >>>>>>>>>>>>>> feature
> > > > > >>>>>>>>>>>>>>>>> [1]
> > > > > >>>>>>>>>>>>>>>>>>>>>>> provided
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> by Ignite? I'm looking at Spring Session
> > docs
> > > > and
> > > > > >>>>>> it
> > > > > >>>>>>>>>>>>> seems
> > > > > >>>>>>>>>>>>>>>> to
> > > > > >>>>>>>>>>>>>>>>> me
> > > > > >>>>>>>>>>>>>>>>>>>>>>> it does
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> exactly the same - replaces HttpSession
> > with
> > > > > >>>> custom
> > > > > >>>>>>>>>>>>>>>>>> implementation
> > > > > >>>>>>>>>>>>>>>>>>>>>>> that
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> has
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> a backend storage. If it doesn't provide
> > any
> > > > > >>>>>>>>>>>> additional
> > > > > >>>>>>>>>>>>>> API
> > > > > >>>>>>>>>>>>>>>> or
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> functionality, I'm not sure I understand
> > the
> > > > > >>>>>> benefit
> > > > > >>>>>>>>>>>> of
> > > > > >>>>>>>>>>>>>> this
> > > > > >>>>>>>>>>>>>>>>>>>>>>> feature.
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> Let me know if I'm missing something.
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> [1] https://apacheignite-mix.
> > > > > >>>>>>>>>>>>> readme.io/docs/web-session-
> > > > > >>>>>>>>>>>>>>>>>> clustering
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> -Val
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> On Mon, Feb 13, 2017 at 2:41 PM, Rishi
> > > Yagnik <
> > > > > >>>>>>>>>>>>>>>>>>>>>>> rishiyagnik@gmail.com <javascript:;>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> wrote:
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> I would like to discuss session
> > replication
> > > /
> > > > > >>>> fail
> > > > > >>>>>>>>>>>>> over
> > > > > >>>>>>>>>>>>>>>>> design
> > > > > >>>>>>>>>>>>>>>>>> on
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> boot platform and wanted to find what is
> > the
> > > > > >>>> best
> > > > > >>>>>>>>>>>> out
> > > > > >>>>>>>>>>>>> to
> > > > > >>>>>>>>>>>>>>>> get
> > > > > >>>>>>>>>>>>>>>>>>>>>>> started
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>> here ?
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> Possible approaches are as follows -
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> - Make use of Spring Session for session
> > > > > >>>>>>>>>>>>> replication
> > > > > >>>>>>>>>>>>>>>> and
> > > > > >>>>>>>>>>>>>>>>>> fail
> > > > > >>>>>>>>>>>>>>>>>>>>>>> over
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> - Extend the web session filter and make
> > it
> > > > > >>>> work
> > > > > >>>>>>>>>>>> on
> > > > > >>>>>>>>>>>>>>>> spring
> > > > > >>>>>>>>>>>>>>>>>>>>>>> boot
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> application
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> I am thinking that best approach would
> be
> > to
> > > > get
> > > > > >>>>>>>>>>>>> started
> > > > > >>>>>>>>>>>>>>>> here
> > > > > >>>>>>>>>>>>>>>>>>>>>>> with
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> spring
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> session design however I am open for
> > > feedback
> > > > > >>>>>> here.
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> --
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> --
> > > > > >>>>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > > > > >>>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>> --
> > > > > >>>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > > > > >>>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>> --
> > > > > >>>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > > > > >>>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>> --
> > > > > >>>>>>>>>>>>>>>>>>>> Rishi Yagnik
> > > > > >>>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>> --
> > > > > >>>>>>>>>>>>>>>>> Rishi Yagnik
> > > > > >>>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>> --
> > > > > >>>>>>>>>>>>>>> Rishi Yagnik
> > > > > >>>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>> --
> > > > > >>>>>>>>>>>>>> Rishi Yagnik
> > > > > >>>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>>
> > > > > >>>>>>>>>>>>
> > > > > >>>>>>>>>>>>
> > > > > >>>>>>>>>>>>
> > > > > >>>>>>>>>>>> --
> > > > > >>>>>>>>>>>> Rishi Yagnik
> > > > > >>>>>>>>>>>>
> > > > > >>>>>>>>>>
> > > > > >>>>>>>>>
> > > > > >>>>>>>>
> > > > > >>>>>>>>
> > > > > >>>>>>>>
> > > > > >>>>>>>> --
> > > > > >>>>>>>> Rishi Yagnik
> > > > > >>>>>>>>
> > > > > >>>>>>>
> > > > > >>>>>>>
> > > > > >>>>>>>
> > > > > >>>>>>> --
> > > > > >>>>>>> Rishi Yagnik
> > > > > >>>>>>>
> > > > > >>>>>>
> > > > > >>>>>
> > > > > >>>>>
> > > > > >>>>>
> > > > > >>>>> --
> > > > > >>>>> Rishi Yagnik
> > > > > >>>>>
> > > > > >>>>
> > > > > >>>>
> > > > > >>>>
> > > > > >>>> --
> > > > > >>>> Rishi Yagnik
> > > > > >>>>
> > > > > >>
> > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > Rishi Yagnik
> > > > >
> > > > >
> > > >
> > >
> > >
> > >
> > > --
> > > Rishi Yagnik
> > >
> >
>
--
Rishi Yagnik