You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ignite.apache.org by Rishi Yagnik <ri...@gmail.com> on 2017/05/19 18:43:56 UTC
Session Replication Update on spring boot platform
Hello Val,
I tested out the session replication on spring boot cluster and here is the
result.
My finding were as follows with Ignite 2.0 on session replication and hope
that helps the team –
- Spring Security Filters requires context to be set with Authentication
object, later on when user authentication object is set on the ignite
filter from Ignite cache, the spring security treat that as a new session
just to prevent session fixation issue.
- As spring security creates a new session and since there is no way to
tell Ignite that user session has been changed, the user session is no good
here despite the fact that user session holds by the ignite is a true
session for that user.
- Configuring web session filter does not work OOTB in spring boot
platform, it require some additional tweaking in the code to make it work.
So in the nutshell, I would think having spring session on ignite platform
would support full session replication with spring boot platform.
Please note that we have 2 SB instances, serving request round robin via F5
( load balancers) supported by 2 node ignite cluster.
Any suggestions on how we want to conquer the issue ?
Thanks,
--
Rishi Yagnik
Re: Session Replication Update on spring boot platform
Posted by Rishi Yagnik <ri...@gmail.com>.
Hello Val,
we are in the middle of the sprint so cant hijack any of our environment
but would keep you posted with the timelines.
Thank you for all your help,
Rishi
On Tue, May 23, 2017 at 2:37 AM, Valentin Kulichenko <
valentin.kulichenko@gmail.com> wrote:
> Hi Rishi,
>
> It was working for me in cluster environment after the fix [1] we
> discussed in previous thread [2]. The fix was included in Ignite 2.0.
>
> Can you please reattach the latest version of your app based on Ignite 2.0
> and give a detailed step by step instruction on how to reproduce the issue
> you're having?
>
> [1] https://issues.apache.org/jira/browse/IGNITE-4948
> [2] http://apache-ignite-developers.2346864.n4.nabble.
> com/IGNITE-2741-spring-session-design-td14560.html
>
> -Val
>
> On Mon, May 22, 2017 at 8:35 PM, Rishi Yagnik <ri...@gmail.com>
> wrote:
>
>> Hello Val,
>>
>> As I discussed earlier, the problem arises in the cluster environment.
>>
>> we have 2 SB staleless instance backed by Ignite data store.
>>
>> The local environment is working fine and I am able to see the user
>> sessions are being stored correctly.
>>
>> I could not make session replication working with Ignite 2.0 in cluster
>> environment so my fixes are of no use.
>>
>> IMO,The web filter approach is very intrusive approach with spring
>> security and that is why I thought we need to come up with the solution
>> which sits on top of spring security.
>>
>> The possible solution could be spring session.
>>
>> The example which I posted can be tested on cluster as well. Would Ignite
>> team try out the clustering ?
>>
>> Looking for your inputs / suggestions on the issue.
>>
>> Thank you for all your help,
>> Rishi
>>
>>
>>
>>
>> On Mon, May 22, 2017 at 1:02 PM, Valentin Kulichenko <
>> valentin.kulichenko@gmail.com> wrote:
>>
>>> Hi Rishi,
>>>
>>> I'm not sure I understand what the issue is. Can you elaborate a bit
>>> more and provide exact examples of what is not working? What code tweaks
>>> are required and how critical are they? Also I recall that your example was
>>> working fine after the latest fixes in 1.9 (if I'm not mistaken). Did you
>>> make any changes after that?
>>>
>>> -Val
>>>
>>> On Fri, May 19, 2017 at 11:34 PM, Rishi Yagnik <ri...@gmail.com>
>>> wrote:
>>>
>>>> Hello Dmitriy,
>>>>
>>>> Thank you for the response, I would await for Val's feedback.
>>>>
>>>> I would like to discuss the possible approach for implementation here,
>>>> and
>>>> it could be one of this -
>>>>
>>>> https://issues.apache.org/jira/browse/IGNITE-2741
>>>>
>>>> Hope we all come on to conclusion here.
>>>>
>>>> Thanks,
>>>>
>>>> On Fri, May 19, 2017 at 3:57 PM, Dmitriy Setrakyan <
>>>> dsetrakyan@apache.org>
>>>> wrote:
>>>>
>>>> > Hi Rishi,
>>>> >
>>>> > I think the best way is to file a ticket in Ignite Jira with your
>>>> > findings. This ticket does not seem tremendously difficult, so
>>>> hopefully
>>>> > someone from the community will pick it up. All we need to do is to
>>>> take
>>>> > our existing Web Session Clustering [1][2] code and port it to work
>>>> with
>>>> > Spring Boot.
>>>> >
>>>> > BTW, feel free to contribute it yourself if you have time.
>>>> >
>>>> > [1] https://ignite.apache.org/use-cases/caching/web-session-
>>>> > clustering.html
>>>> > [2] https://apacheignite-mix.readme.io/docs/web-session-clustering
>>>> >
>>>> > D.
>>>> >
>>>> > On Fri, May 19, 2017 at 11:43 AM, Rishi Yagnik <rishiyagnik@gmail.com
>>>> >
>>>> > wrote:
>>>> >
>>>> >> Hello Val,
>>>> >>
>>>> >> I tested out the session replication on spring boot cluster and here
>>>> is
>>>> >> the
>>>> >> result.
>>>> >>
>>>> >> My finding were as follows with Ignite 2.0 on session replication
>>>> and hope
>>>> >> that helps the team –
>>>> >>
>>>> >> - Spring Security Filters requires context to be set with
>>>> >> Authentication
>>>> >> object, later on when user authentication object is set on the
>>>> ignite
>>>> >> filter from Ignite cache, the spring security treat that as a new
>>>> >> session
>>>> >> just to prevent session fixation issue.
>>>> >> - As spring security creates a new session and since there is no
>>>> way to
>>>> >> tell Ignite that user session has been changed, the user session
>>>> is no
>>>> >> good
>>>> >> here despite the fact that user session holds by the ignite is a
>>>> true
>>>> >> session for that user.
>>>> >> - Configuring web session filter does not work OOTB in spring boot
>>>> >> platform, it require some additional tweaking in the code to make
>>>> it
>>>> >> work.
>>>> >>
>>>> >>
>>>> >> So in the nutshell, I would think having spring session on ignite
>>>> platform
>>>> >> would support full session replication with spring boot platform.
>>>> >>
>>>> >>
>>>> >> Please note that we have 2 SB instances, serving request round robin
>>>> via
>>>> >> F5
>>>> >> ( load balancers) supported by 2 node ignite cluster.
>>>> >>
>>>> >> Any suggestions on how we want to conquer the issue ?
>>>> >>
>>>> >> Thanks,
>>>> >>
>>>> >> --
>>>> >> Rishi Yagnik
>>>> >>
>>>> >
>>>> >
>>>>
>>>>
>>>> --
>>>> Rishi Yagnik
>>>>
>>>
>>>
>>
>>
>> --
>> Rishi Yagnik
>>
>
>
--
Rishi Yagnik
Re: Session Replication Update on spring boot platform
Posted by Valentin Kulichenko <va...@gmail.com>.
Hi Rishi,
It was working for me in cluster environment after the fix [1] we discussed
in previous thread [2]. The fix was included in Ignite 2.0.
Can you please reattach the latest version of your app based on Ignite 2.0
and give a detailed step by step instruction on how to reproduce the issue
you're having?
[1] https://issues.apache.org/jira/browse/IGNITE-4948
[2]
http://apache-ignite-developers.2346864.n4.nabble.com/IGNITE-2741-spring-session-design-td14560.html
-Val
On Mon, May 22, 2017 at 8:35 PM, Rishi Yagnik <ri...@gmail.com> wrote:
> Hello Val,
>
> As I discussed earlier, the problem arises in the cluster environment.
>
> we have 2 SB staleless instance backed by Ignite data store.
>
> The local environment is working fine and I am able to see the user
> sessions are being stored correctly.
>
> I could not make session replication working with Ignite 2.0 in cluster
> environment so my fixes are of no use.
>
> IMO,The web filter approach is very intrusive approach with spring
> security and that is why I thought we need to come up with the solution
> which sits on top of spring security.
>
> The possible solution could be spring session.
>
> The example which I posted can be tested on cluster as well. Would Ignite
> team try out the clustering ?
>
> Looking for your inputs / suggestions on the issue.
>
> Thank you for all your help,
> Rishi
>
>
>
>
> On Mon, May 22, 2017 at 1:02 PM, Valentin Kulichenko <
> valentin.kulichenko@gmail.com> wrote:
>
>> Hi Rishi,
>>
>> I'm not sure I understand what the issue is. Can you elaborate a bit more
>> and provide exact examples of what is not working? What code tweaks are
>> required and how critical are they? Also I recall that your example was
>> working fine after the latest fixes in 1.9 (if I'm not mistaken). Did you
>> make any changes after that?
>>
>> -Val
>>
>> On Fri, May 19, 2017 at 11:34 PM, Rishi Yagnik <ri...@gmail.com>
>> wrote:
>>
>>> Hello Dmitriy,
>>>
>>> Thank you for the response, I would await for Val's feedback.
>>>
>>> I would like to discuss the possible approach for implementation here,
>>> and
>>> it could be one of this -
>>>
>>> https://issues.apache.org/jira/browse/IGNITE-2741
>>>
>>> Hope we all come on to conclusion here.
>>>
>>> Thanks,
>>>
>>> On Fri, May 19, 2017 at 3:57 PM, Dmitriy Setrakyan <
>>> dsetrakyan@apache.org>
>>> wrote:
>>>
>>> > Hi Rishi,
>>> >
>>> > I think the best way is to file a ticket in Ignite Jira with your
>>> > findings. This ticket does not seem tremendously difficult, so
>>> hopefully
>>> > someone from the community will pick it up. All we need to do is to
>>> take
>>> > our existing Web Session Clustering [1][2] code and port it to work
>>> with
>>> > Spring Boot.
>>> >
>>> > BTW, feel free to contribute it yourself if you have time.
>>> >
>>> > [1] https://ignite.apache.org/use-cases/caching/web-session-
>>> > clustering.html
>>> > [2] https://apacheignite-mix.readme.io/docs/web-session-clustering
>>> >
>>> > D.
>>> >
>>> > On Fri, May 19, 2017 at 11:43 AM, Rishi Yagnik <ri...@gmail.com>
>>> > wrote:
>>> >
>>> >> Hello Val,
>>> >>
>>> >> I tested out the session replication on spring boot cluster and here
>>> is
>>> >> the
>>> >> result.
>>> >>
>>> >> My finding were as follows with Ignite 2.0 on session replication and
>>> hope
>>> >> that helps the team –
>>> >>
>>> >> - Spring Security Filters requires context to be set with
>>> >> Authentication
>>> >> object, later on when user authentication object is set on the
>>> ignite
>>> >> filter from Ignite cache, the spring security treat that as a new
>>> >> session
>>> >> just to prevent session fixation issue.
>>> >> - As spring security creates a new session and since there is no
>>> way to
>>> >> tell Ignite that user session has been changed, the user session
>>> is no
>>> >> good
>>> >> here despite the fact that user session holds by the ignite is a
>>> true
>>> >> session for that user.
>>> >> - Configuring web session filter does not work OOTB in spring boot
>>> >> platform, it require some additional tweaking in the code to make
>>> it
>>> >> work.
>>> >>
>>> >>
>>> >> So in the nutshell, I would think having spring session on ignite
>>> platform
>>> >> would support full session replication with spring boot platform.
>>> >>
>>> >>
>>> >> Please note that we have 2 SB instances, serving request round robin
>>> via
>>> >> F5
>>> >> ( load balancers) supported by 2 node ignite cluster.
>>> >>
>>> >> Any suggestions on how we want to conquer the issue ?
>>> >>
>>> >> Thanks,
>>> >>
>>> >> --
>>> >> Rishi Yagnik
>>> >>
>>> >
>>> >
>>>
>>>
>>> --
>>> Rishi Yagnik
>>>
>>
>>
>
>
> --
> Rishi Yagnik
>
Re: Session Replication Update on spring boot platform
Posted by Rishi Yagnik <ri...@gmail.com>.
Hello Val,
As I discussed earlier, the problem arises in the cluster environment.
we have 2 SB staleless instance backed by Ignite data store.
The local environment is working fine and I am able to see the user
sessions are being stored correctly.
I could not make session replication working with Ignite 2.0 in cluster
environment so my fixes are of no use.
IMO,The web filter approach is very intrusive approach with spring security
and that is why I thought we need to come up with the solution which sits
on top of spring security.
The possible solution could be spring session.
The example which I posted can be tested on cluster as well. Would Ignite
team try out the clustering ?
Looking for your inputs / suggestions on the issue.
Thank you for all your help,
Rishi
On Mon, May 22, 2017 at 1:02 PM, Valentin Kulichenko <
valentin.kulichenko@gmail.com> wrote:
> Hi Rishi,
>
> I'm not sure I understand what the issue is. Can you elaborate a bit more
> and provide exact examples of what is not working? What code tweaks are
> required and how critical are they? Also I recall that your example was
> working fine after the latest fixes in 1.9 (if I'm not mistaken). Did you
> make any changes after that?
>
> -Val
>
> On Fri, May 19, 2017 at 11:34 PM, Rishi Yagnik <ri...@gmail.com>
> wrote:
>
>> Hello Dmitriy,
>>
>> Thank you for the response, I would await for Val's feedback.
>>
>> I would like to discuss the possible approach for implementation here, and
>> it could be one of this -
>>
>> https://issues.apache.org/jira/browse/IGNITE-2741
>>
>> Hope we all come on to conclusion here.
>>
>> Thanks,
>>
>> On Fri, May 19, 2017 at 3:57 PM, Dmitriy Setrakyan <dsetrakyan@apache.org
>> >
>> wrote:
>>
>> > Hi Rishi,
>> >
>> > I think the best way is to file a ticket in Ignite Jira with your
>> > findings. This ticket does not seem tremendously difficult, so hopefully
>> > someone from the community will pick it up. All we need to do is to take
>> > our existing Web Session Clustering [1][2] code and port it to work with
>> > Spring Boot.
>> >
>> > BTW, feel free to contribute it yourself if you have time.
>> >
>> > [1] https://ignite.apache.org/use-cases/caching/web-session-
>> > clustering.html
>> > [2] https://apacheignite-mix.readme.io/docs/web-session-clustering
>> >
>> > D.
>> >
>> > On Fri, May 19, 2017 at 11:43 AM, Rishi Yagnik <ri...@gmail.com>
>> > wrote:
>> >
>> >> Hello Val,
>> >>
>> >> I tested out the session replication on spring boot cluster and here is
>> >> the
>> >> result.
>> >>
>> >> My finding were as follows with Ignite 2.0 on session replication and
>> hope
>> >> that helps the team –
>> >>
>> >> - Spring Security Filters requires context to be set with
>> >> Authentication
>> >> object, later on when user authentication object is set on the
>> ignite
>> >> filter from Ignite cache, the spring security treat that as a new
>> >> session
>> >> just to prevent session fixation issue.
>> >> - As spring security creates a new session and since there is no
>> way to
>> >> tell Ignite that user session has been changed, the user session is
>> no
>> >> good
>> >> here despite the fact that user session holds by the ignite is a
>> true
>> >> session for that user.
>> >> - Configuring web session filter does not work OOTB in spring boot
>> >> platform, it require some additional tweaking in the code to make it
>> >> work.
>> >>
>> >>
>> >> So in the nutshell, I would think having spring session on ignite
>> platform
>> >> would support full session replication with spring boot platform.
>> >>
>> >>
>> >> Please note that we have 2 SB instances, serving request round robin
>> via
>> >> F5
>> >> ( load balancers) supported by 2 node ignite cluster.
>> >>
>> >> Any suggestions on how we want to conquer the issue ?
>> >>
>> >> Thanks,
>> >>
>> >> --
>> >> Rishi Yagnik
>> >>
>> >
>> >
>>
>>
>> --
>> Rishi Yagnik
>>
>
>
--
Rishi Yagnik
Re: Session Replication Update on spring boot platform
Posted by Valentin Kulichenko <va...@gmail.com>.
Hi Rishi,
I'm not sure I understand what the issue is. Can you elaborate a bit more
and provide exact examples of what is not working? What code tweaks are
required and how critical are they? Also I recall that your example was
working fine after the latest fixes in 1.9 (if I'm not mistaken). Did you
make any changes after that?
-Val
On Fri, May 19, 2017 at 11:34 PM, Rishi Yagnik <ri...@gmail.com>
wrote:
> Hello Dmitriy,
>
> Thank you for the response, I would await for Val's feedback.
>
> I would like to discuss the possible approach for implementation here, and
> it could be one of this -
>
> https://issues.apache.org/jira/browse/IGNITE-2741
>
> Hope we all come on to conclusion here.
>
> Thanks,
>
> On Fri, May 19, 2017 at 3:57 PM, Dmitriy Setrakyan <ds...@apache.org>
> wrote:
>
> > Hi Rishi,
> >
> > I think the best way is to file a ticket in Ignite Jira with your
> > findings. This ticket does not seem tremendously difficult, so hopefully
> > someone from the community will pick it up. All we need to do is to take
> > our existing Web Session Clustering [1][2] code and port it to work with
> > Spring Boot.
> >
> > BTW, feel free to contribute it yourself if you have time.
> >
> > [1] https://ignite.apache.org/use-cases/caching/web-session-
> > clustering.html
> > [2] https://apacheignite-mix.readme.io/docs/web-session-clustering
> >
> > D.
> >
> > On Fri, May 19, 2017 at 11:43 AM, Rishi Yagnik <ri...@gmail.com>
> > wrote:
> >
> >> Hello Val,
> >>
> >> I tested out the session replication on spring boot cluster and here is
> >> the
> >> result.
> >>
> >> My finding were as follows with Ignite 2.0 on session replication and
> hope
> >> that helps the team –
> >>
> >> - Spring Security Filters requires context to be set with
> >> Authentication
> >> object, later on when user authentication object is set on the ignite
> >> filter from Ignite cache, the spring security treat that as a new
> >> session
> >> just to prevent session fixation issue.
> >> - As spring security creates a new session and since there is no way
> to
> >> tell Ignite that user session has been changed, the user session is
> no
> >> good
> >> here despite the fact that user session holds by the ignite is a true
> >> session for that user.
> >> - Configuring web session filter does not work OOTB in spring boot
> >> platform, it require some additional tweaking in the code to make it
> >> work.
> >>
> >>
> >> So in the nutshell, I would think having spring session on ignite
> platform
> >> would support full session replication with spring boot platform.
> >>
> >>
> >> Please note that we have 2 SB instances, serving request round robin via
> >> F5
> >> ( load balancers) supported by 2 node ignite cluster.
> >>
> >> Any suggestions on how we want to conquer the issue ?
> >>
> >> Thanks,
> >>
> >> --
> >> Rishi Yagnik
> >>
> >
> >
>
>
> --
> Rishi Yagnik
>
Re: Session Replication Update on spring boot platform
Posted by Rishi Yagnik <ri...@gmail.com>.
Hello Dmitriy,
Thank you for the response, I would await for Val's feedback.
I would like to discuss the possible approach for implementation here, and
it could be one of this -
https://issues.apache.org/jira/browse/IGNITE-2741
Hope we all come on to conclusion here.
Thanks,
On Fri, May 19, 2017 at 3:57 PM, Dmitriy Setrakyan <ds...@apache.org>
wrote:
> Hi Rishi,
>
> I think the best way is to file a ticket in Ignite Jira with your
> findings. This ticket does not seem tremendously difficult, so hopefully
> someone from the community will pick it up. All we need to do is to take
> our existing Web Session Clustering [1][2] code and port it to work with
> Spring Boot.
>
> BTW, feel free to contribute it yourself if you have time.
>
> [1] https://ignite.apache.org/use-cases/caching/web-session-
> clustering.html
> [2] https://apacheignite-mix.readme.io/docs/web-session-clustering
>
> D.
>
> On Fri, May 19, 2017 at 11:43 AM, Rishi Yagnik <ri...@gmail.com>
> wrote:
>
>> Hello Val,
>>
>> I tested out the session replication on spring boot cluster and here is
>> the
>> result.
>>
>> My finding were as follows with Ignite 2.0 on session replication and hope
>> that helps the team –
>>
>> - Spring Security Filters requires context to be set with
>> Authentication
>> object, later on when user authentication object is set on the ignite
>> filter from Ignite cache, the spring security treat that as a new
>> session
>> just to prevent session fixation issue.
>> - As spring security creates a new session and since there is no way to
>> tell Ignite that user session has been changed, the user session is no
>> good
>> here despite the fact that user session holds by the ignite is a true
>> session for that user.
>> - Configuring web session filter does not work OOTB in spring boot
>> platform, it require some additional tweaking in the code to make it
>> work.
>>
>>
>> So in the nutshell, I would think having spring session on ignite platform
>> would support full session replication with spring boot platform.
>>
>>
>> Please note that we have 2 SB instances, serving request round robin via
>> F5
>> ( load balancers) supported by 2 node ignite cluster.
>>
>> Any suggestions on how we want to conquer the issue ?
>>
>> Thanks,
>>
>> --
>> Rishi Yagnik
>>
>
>
--
Rishi Yagnik
Re: Session Replication Update on spring boot platform
Posted by Dmitriy Setrakyan <ds...@apache.org>.
Hi Rishi,
I think the best way is to file a ticket in Ignite Jira with your findings.
This ticket does not seem tremendously difficult, so hopefully someone from
the community will pick it up. All we need to do is to take our existing
Web Session Clustering [1][2] code and port it to work with Spring Boot.
BTW, feel free to contribute it yourself if you have time.
[1] https://ignite.apache.org/use-cases/caching/web-session-clustering.html
[2] https://apacheignite-mix.readme.io/docs/web-session-clustering
D.
On Fri, May 19, 2017 at 11:43 AM, Rishi Yagnik <ri...@gmail.com>
wrote:
> Hello Val,
>
> I tested out the session replication on spring boot cluster and here is the
> result.
>
> My finding were as follows with Ignite 2.0 on session replication and hope
> that helps the team –
>
> - Spring Security Filters requires context to be set with Authentication
> object, later on when user authentication object is set on the ignite
> filter from Ignite cache, the spring security treat that as a new
> session
> just to prevent session fixation issue.
> - As spring security creates a new session and since there is no way to
> tell Ignite that user session has been changed, the user session is no
> good
> here despite the fact that user session holds by the ignite is a true
> session for that user.
> - Configuring web session filter does not work OOTB in spring boot
> platform, it require some additional tweaking in the code to make it
> work.
>
>
> So in the nutshell, I would think having spring session on ignite platform
> would support full session replication with spring boot platform.
>
>
> Please note that we have 2 SB instances, serving request round robin via F5
> ( load balancers) supported by 2 node ignite cluster.
>
> Any suggestions on how we want to conquer the issue ?
>
> Thanks,
>
> --
> Rishi Yagnik
>