Session Replication Update on spring boot platform

> Hello Val,
>
> I tested out the session replication on spring boot cluster and here is the
> result.
>
> My finding were as follows with Ignite 2.0 on session replication and hope
> that helps the team –
>
>    - Spring Security Filters requires context to be set with Authentication
>    object, later on when user authentication object is set on the ignite
>    filter from Ignite cache, the spring security treat that as a new
> session
>    just to prevent session fixation issue.
>    - As spring security creates a new session and since there is no way to
>    tell Ignite that user session has been changed, the user session is no
> good
>    here despite the fact that user session holds by the ignite is a true
>    session for that user.
>    - Configuring web session filter does not work OOTB in spring boot
>    platform, it require some additional tweaking in the code to make it
> work.
>
>
> So in the nutshell, I would think having spring session on ignite platform
> would support full session replication with spring boot platform.
>
>
> Please note that we have 2 SB instances, serving request round robin via F5
> ( load balancers) supported by 2 node ignite cluster.
>
> Any suggestions on how we want to conquer the issue ?
>
> Thanks,
>
> --
> Rishi Yagnik
>

> Hi Rishi,
>
> I think the best way is to file a ticket in Ignite Jira with your
> findings. This ticket does not seem tremendously difficult, so hopefully
> someone from the community will pick it up. All we need to do is to take
> our existing Web Session Clustering [1][2] code and port it to work with
> Spring Boot.
>
> BTW, feel free to contribute it yourself if you have time.
>
> [1] https://ignite.apache.org/use-cases/caching/web-session-
> clustering.html
> [2] https://apacheignite-mix.readme.io/docs/web-session-clustering
>
> D.
>
> On Fri, May 19, 2017 at 11:43 AM, Rishi Yagnik <[hidden email]>
> wrote:
>
>> Hello Val,
>>
>> I tested out the session replication on spring boot cluster and here is
>> the
>> result.
>>
>> My finding were as follows with Ignite 2.0 on session replication and hope
>> that helps the team –
>>
>>    - Spring Security Filters requires context to be set with
>> Authentication
>>    object, later on when user authentication object is set on the ignite
>>    filter from Ignite cache, the spring security treat that as a new
>> session
>>    just to prevent session fixation issue.
>>    - As spring security creates a new session and since there is no way to
>>    tell Ignite that user session has been changed, the user session is no
>> good
>>    here despite the fact that user session holds by the ignite is a true
>>    session for that user.
>>    - Configuring web session filter does not work OOTB in spring boot
>>    platform, it require some additional tweaking in the code to make it
>> work.
>>
>>
>> So in the nutshell, I would think having spring session on ignite platform
>> would support full session replication with spring boot platform.
>>
>>
>> Please note that we have 2 SB instances, serving request round robin via
>> F5
>> ( load balancers) supported by 2 node ignite cluster.
>>
>> Any suggestions on how we want to conquer the issue ?
>>
>> Thanks,
>>
>> --
>> Rishi Yagnik
>>
>
>

> Hello Dmitriy,
>
> Thank you for the response, I would await for Val's feedback.
>
> I would like to discuss the possible approach for implementation here, and
> it could be one of this -
>
> https://issues.apache.org/jira/browse/IGNITE-2741
>
> Hope we all come on to conclusion here.
>
> Thanks,
>
> On Fri, May 19, 2017 at 3:57 PM, Dmitriy Setrakyan <[hidden email]>
> wrote:
>
> > Hi Rishi,
> >
> > I think the best way is to file a ticket in Ignite Jira with your
> > findings. This ticket does not seem tremendously difficult, so hopefully
> > someone from the community will pick it up. All we need to do is to take
> > our existing Web Session Clustering [1][2] code and port it to work with
> > Spring Boot.
> >
> > BTW, feel free to contribute it yourself if you have time.
> >
> > [1] https://ignite.apache.org/use-cases/caching/web-session-
> > clustering.html
> > [2] https://apacheignite-mix.readme.io/docs/web-session-clustering
> >
> > D.
> >
> > On Fri, May 19, 2017 at 11:43 AM, Rishi Yagnik <[hidden email]>
> > wrote:
> >
> >> Hello Val,
> >>
> >> I tested out the session replication on spring boot cluster and here is
> >> the
> >> result.
> >>
> >> My finding were as follows with Ignite 2.0 on session replication and
> hope
> >> that helps the team –
> >>
> >>    - Spring Security Filters requires context to be set with
> >> Authentication
> >>    object, later on when user authentication object is set on the ignite
> >>    filter from Ignite cache, the spring security treat that as a new
> >> session
> >>    just to prevent session fixation issue.
> >>    - As spring security creates a new session and since there is no way
> to
> >>    tell Ignite that user session has been changed, the user session is
> no
> >> good
> >>    here despite the fact that user session holds by the ignite is a true
> >>    session for that user.
> >>    - Configuring web session filter does not work OOTB in spring boot
> >>    platform, it require some additional tweaking in the code to make it
> >> work.
> >>
> >>
> >> So in the nutshell, I would think having spring session on ignite
> platform
> >> would support full session replication with spring boot platform.
> >>
> >>
> >> Please note that we have 2 SB instances, serving request round robin via
> >> F5
> >> ( load balancers) supported by 2 node ignite cluster.
> >>
> >> Any suggestions on how we want to conquer the issue ?
> >>
> >> Thanks,
> >>
> >> --
> >> Rishi Yagnik
> >>
> >
> >
>
>
> --
> Rishi Yagnik
>

> Hi Rishi,
>
> I'm not sure I understand what the issue is. Can you elaborate a bit more
> and provide exact examples of what is not working? What code tweaks are
> required and how critical are they? Also I recall that your example was
> working fine after the latest fixes in 1.9 (if I'm not mistaken). Did you
> make any changes after that?
>
> -Val
>
> On Fri, May 19, 2017 at 11:34 PM, Rishi Yagnik <[hidden email]>
> wrote:
>
>> Hello Dmitriy,
>>
>> Thank you for the response, I would await for Val's feedback.
>>
>> I would like to discuss the possible approach for implementation here, and
>> it could be one of this -
>>
>> https://issues.apache.org/jira/browse/IGNITE-2741
>>
>> Hope we all come on to conclusion here.
>>
>> Thanks,
>>
>> On Fri, May 19, 2017 at 3:57 PM, Dmitriy Setrakyan <[hidden email]
>> >
>> wrote:
>>
>> > Hi Rishi,
>> >
>> > I think the best way is to file a ticket in Ignite Jira with your
>> > findings. This ticket does not seem tremendously difficult, so hopefully
>> > someone from the community will pick it up. All we need to do is to take
>> > our existing Web Session Clustering [1][2] code and port it to work with
>> > Spring Boot.
>> >
>> > BTW, feel free to contribute it yourself if you have time.
>> >
>> > [1] https://ignite.apache.org/use-cases/caching/web-session-
>> > clustering.html
>> > [2] https://apacheignite-mix.readme.io/docs/web-session-clustering
>> >
>> > D.
>> >
>> > On Fri, May 19, 2017 at 11:43 AM, Rishi Yagnik <[hidden email]>
>> > wrote:
>> >
>> >> Hello Val,
>> >>
>> >> I tested out the session replication on spring boot cluster and here is
>> >> the
>> >> result.
>> >>
>> >> My finding were as follows with Ignite 2.0 on session replication and
>> hope
>> >> that helps the team –
>> >>
>> >>    - Spring Security Filters requires context to be set with
>> >> Authentication
>> >>    object, later on when user authentication object is set on the
>> ignite
>> >>    filter from Ignite cache, the spring security treat that as a new
>> >> session
>> >>    just to prevent session fixation issue.
>> >>    - As spring security creates a new session and since there is no
>> way to
>> >>    tell Ignite that user session has been changed, the user session is
>> no
>> >> good
>> >>    here despite the fact that user session holds by the ignite is a
>> true
>> >>    session for that user.
>> >>    - Configuring web session filter does not work OOTB in spring boot
>> >>    platform, it require some additional tweaking in the code to make it
>> >> work.
>> >>
>> >>
>> >> So in the nutshell, I would think having spring session on ignite
>> platform
>> >> would support full session replication with spring boot platform.
>> >>
>> >>
>> >> Please note that we have 2 SB instances, serving request round robin
>> via
>> >> F5
>> >> ( load balancers) supported by 2 node ignite cluster.
>> >>
>> >> Any suggestions on how we want to conquer the issue ?
>> >>
>> >> Thanks,
>> >>
>> >> --
>> >> Rishi Yagnik
>> >>
>> >
>> >
>>
>>
>> --
>> Rishi Yagnik
>>
>
>

> Hello Val,
>
> As I discussed earlier, the problem arises in the cluster environment.
>
> we have 2 SB staleless instance backed by Ignite data store.
>
> The local environment is working fine and I am able to see the user
> sessions are being stored correctly.
>
> I could not make session replication working with Ignite 2.0 in cluster
> environment so my fixes are of no use.
>
> IMO,The web filter approach is very intrusive approach with spring
> security and that is why I thought we need to come up with the solution
> which sits on top of spring security.
>
> The possible solution could be spring session.
>
> The example which I posted can be tested on cluster as well. Would Ignite
> team try out the clustering ?
>
> Looking for your inputs / suggestions on the issue.
>
> Thank you for all your help,
> Rishi
>
>
>
>
> On Mon, May 22, 2017 at 1:02 PM, Valentin Kulichenko <
> [hidden email]> wrote:
>
>> Hi Rishi,
>>
>> I'm not sure I understand what the issue is. Can you elaborate a bit more
>> and provide exact examples of what is not working? What code tweaks are
>> required and how critical are they? Also I recall that your example was
>> working fine after the latest fixes in 1.9 (if I'm not mistaken). Did you
>> make any changes after that?
>>
>> -Val
>>
>> On Fri, May 19, 2017 at 11:34 PM, Rishi Yagnik <[hidden email]>
>> wrote:
>>
>>> Hello Dmitriy,
>>>
>>> Thank you for the response, I would await for Val's feedback.
>>>
>>> I would like to discuss the possible approach for implementation here,
>>> and
>>> it could be one of this -
>>>
>>> https://issues.apache.org/jira/browse/IGNITE-2741
>>>
>>> Hope we all come on to conclusion here.
>>>
>>> Thanks,
>>>
>>> On Fri, May 19, 2017 at 3:57 PM, Dmitriy Setrakyan <
>>> [hidden email]>
>>> wrote:
>>>
>>> > Hi Rishi,
>>> >
>>> > I think the best way is to file a ticket in Ignite Jira with your
>>> > findings. This ticket does not seem tremendously difficult, so
>>> hopefully
>>> > someone from the community will pick it up. All we need to do is to
>>> take
>>> > our existing Web Session Clustering [1][2] code and port it to work
>>> with
>>> > Spring Boot.
>>> >
>>> > BTW, feel free to contribute it yourself if you have time.
>>> >
>>> > [1] https://ignite.apache.org/use-cases/caching/web-session-
>>> > clustering.html
>>> > [2] https://apacheignite-mix.readme.io/docs/web-session-clustering
>>> >
>>> > D.
>>> >
>>> > On Fri, May 19, 2017 at 11:43 AM, Rishi Yagnik <[hidden email]>
>>> > wrote:
>>> >
>>> >> Hello Val,
>>> >>
>>> >> I tested out the session replication on spring boot cluster and here
>>> is
>>> >> the
>>> >> result.
>>> >>
>>> >> My finding were as follows with Ignite 2.0 on session replication and
>>> hope
>>> >> that helps the team –
>>> >>
>>> >>    - Spring Security Filters requires context to be set with
>>> >> Authentication
>>> >>    object, later on when user authentication object is set on the
>>> ignite
>>> >>    filter from Ignite cache, the spring security treat that as a new
>>> >> session
>>> >>    just to prevent session fixation issue.
>>> >>    - As spring security creates a new session and since there is no
>>> way to
>>> >>    tell Ignite that user session has been changed, the user session
>>> is no
>>> >> good
>>> >>    here despite the fact that user session holds by the ignite is a
>>> true
>>> >>    session for that user.
>>> >>    - Configuring web session filter does not work OOTB in spring boot
>>> >>    platform, it require some additional tweaking in the code to make
>>> it
>>> >> work.
>>> >>
>>> >>
>>> >> So in the nutshell, I would think having spring session on ignite
>>> platform
>>> >> would support full session replication with spring boot platform.
>>> >>
>>> >>
>>> >> Please note that we have 2 SB instances, serving request round robin
>>> via
>>> >> F5
>>> >> ( load balancers) supported by 2 node ignite cluster.
>>> >>
>>> >> Any suggestions on how we want to conquer the issue ?
>>> >>
>>> >> Thanks,
>>> >>
>>> >> --
>>> >> Rishi Yagnik
>>> >>
>>> >
>>> >
>>>
>>>
>>> --
>>> Rishi Yagnik
>>>
>>
>>
>
>
> --
> Rishi Yagnik
>

> Hi Rishi,
>
> It was working for me in cluster environment after the fix [1] we
> discussed in previous thread [2]. The fix was included in Ignite 2.0.
>
> Can you please reattach the latest version of your app based on Ignite 2.0
> and give a detailed step by step instruction on how to reproduce the issue
> you're having?
>
> [1] https://issues.apache.org/jira/browse/IGNITE-4948
> [2] http://apache-ignite-developers.2346864.n4.nabble.
> com/IGNITE-2741-spring-session-design-td14560.html
>
> -Val
>
> On Mon, May 22, 2017 at 8:35 PM, Rishi Yagnik <[hidden email]>
> wrote:
>
>> Hello Val,
>>
>> As I discussed earlier, the problem arises in the cluster environment.
>>
>> we have 2 SB staleless instance backed by Ignite data store.
>>
>> The local environment is working fine and I am able to see the user
>> sessions are being stored correctly.
>>
>> I could not make session replication working with Ignite 2.0 in cluster
>> environment so my fixes are of no use.
>>
>> IMO,The web filter approach is very intrusive approach with spring
>> security and that is why I thought we need to come up with the solution
>> which sits on top of spring security.
>>
>> The possible solution could be spring session.
>>
>> The example which I posted can be tested on cluster as well. Would Ignite
>> team try out the clustering ?
>>
>> Looking for your inputs / suggestions on the issue.
>>
>> Thank you for all your help,
>> Rishi
>>
>>
>>
>>
>> On Mon, May 22, 2017 at 1:02 PM, Valentin Kulichenko <
>> [hidden email]> wrote:
>>
>>> Hi Rishi,
>>>
>>> I'm not sure I understand what the issue is. Can you elaborate a bit
>>> more and provide exact examples of what is not working? What code tweaks
>>> are required and how critical are they? Also I recall that your example was
>>> working fine after the latest fixes in 1.9 (if I'm not mistaken). Did you
>>> make any changes after that?
>>>
>>> -Val
>>>
>>> On Fri, May 19, 2017 at 11:34 PM, Rishi Yagnik <[hidden email]>
>>> wrote:
>>>
>>>> Hello Dmitriy,
>>>>
>>>> Thank you for the response, I would await for Val's feedback.
>>>>
>>>> I would like to discuss the possible approach for implementation here,
>>>> and
>>>> it could be one of this -
>>>>
>>>> https://issues.apache.org/jira/browse/IGNITE-2741
>>>>
>>>> Hope we all come on to conclusion here.
>>>>
>>>> Thanks,
>>>>
>>>> On Fri, May 19, 2017 at 3:57 PM, Dmitriy Setrakyan <
>>>> [hidden email]>
>>>> wrote:
>>>>
>>>> > Hi Rishi,
>>>> >
>>>> > I think the best way is to file a ticket in Ignite Jira with your
>>>> > findings. This ticket does not seem tremendously difficult, so
>>>> hopefully
>>>> > someone from the community will pick it up. All we need to do is to
>>>> take
>>>> > our existing Web Session Clustering [1][2] code and port it to work
>>>> with
>>>> > Spring Boot.
>>>> >
>>>> > BTW, feel free to contribute it yourself if you have time.
>>>> >
>>>> > [1] https://ignite.apache.org/use-cases/caching/web-session-
>>>> > clustering.html
>>>> > [2] https://apacheignite-mix.readme.io/docs/web-session-clustering
>>>> >
>>>> > D.
>>>> >
>>>> > On Fri, May 19, 2017 at 11:43 AM, Rishi Yagnik <[hidden email]
>>>> >
>>>> > wrote:
>>>> >
>>>> >> Hello Val,
>>>> >>
>>>> >> I tested out the session replication on spring boot cluster and here
>>>> is
>>>> >> the
>>>> >> result.
>>>> >>
>>>> >> My finding were as follows with Ignite 2.0 on session replication
>>>> and hope
>>>> >> that helps the team –
>>>> >>
>>>> >>    - Spring Security Filters requires context to be set with
>>>> >> Authentication
>>>> >>    object, later on when user authentication object is set on the
>>>> ignite
>>>> >>    filter from Ignite cache, the spring security treat that as a new
>>>> >> session
>>>> >>    just to prevent session fixation issue.
>>>> >>    - As spring security creates a new session and since there is no
>>>> way to
>>>> >>    tell Ignite that user session has been changed, the user session
>>>> is no
>>>> >> good
>>>> >>    here despite the fact that user session holds by the ignite is a
>>>> true
>>>> >>    session for that user.
>>>> >>    - Configuring web session filter does not work OOTB in spring boot
>>>> >>    platform, it require some additional tweaking in the code to make
>>>> it
>>>> >> work.
>>>> >>
>>>> >>
>>>> >> So in the nutshell, I would think having spring session on ignite
>>>> platform
>>>> >> would support full session replication with spring boot platform.
>>>> >>
>>>> >>
>>>> >> Please note that we have 2 SB instances, serving request round robin
>>>> via
>>>> >> F5
>>>> >> ( load balancers) supported by 2 node ignite cluster.
>>>> >>
>>>> >> Any suggestions on how we want to conquer the issue ?
>>>> >>
>>>> >> Thanks,
>>>> >>
>>>> >> --
>>>> >> Rishi Yagnik
>>>> >>
>>>> >
>>>> >
>>>>
>>>>
>>>> --
>>>> Rishi Yagnik
>>>>
>>>
>>>
>>
>>
>> --
>> Rishi Yagnik
>>
>
>