All Questions
Tagged with spring-session spring-security
270
questions
0
votes
0
answers
22
views
session management in Spring Security 6.3.0 not working [duplicate]
I'm using Spring Boot 3.3.0. I have a custom provider and filter. The very first request from a user contains the credentials with which to authenticate. I can get my provider to successfully ...
- 131
-1
votes
1
answer
63
views
What's the relationship between Keycloak SSO Session Idle Time and Spring Session Timeout?
I am referencing following tutorials to combine Keycloak OAuth2 and Spring Boot+Spring Gateway+Spring Security+Spring Session to save http session in Redis:
https://www.baeldung.com/spring-cloud-...
- 2,441
0
votes
1
answer
38
views
Getting HazelcastSerializationException when starting the spring boot application
Can someone tell me what could be a possible resolution for the below exception ?
2024-06-10 07:00:24,459 WARNING [catalina] [com.hazelcast.spi.impl.proxyservice.ProxyService] [10.6.7.136]:5701 [nev-...
- 89
0
votes
0
answers
33
views
SpringSession and redis always rename sessionKey in redis
i am using the SpringSecurity,SpringSession and redis
When I logged into three accounts, SpringSession added three pieces of data to Redis
But the previous account was renamed by the later account
i ...
- 1
0
votes
2
answers
69
views
Spring SessionRepositoryFilter is not applied to forwarded requests
I'm using Hazelcast to store user sessions. Requests pass through the SessionRepositoryFilter, but if there's an error then the request is forwarded to /error. The forwarded request does not pass ...
- 3,761
0
votes
0
answers
39
views
Max session doesn't work when I set it in Spring Security
I am trying to secure my application with Spring security and spring session but setting max_session as 1 doesn't work.
@Configuration
@EnableWebSecurity
public class SecurityConfig {
private ...
- 1,026
0
votes
1
answer
376
views
Spring security - maximumSessions() - not working
I have a project in Spring boot, with Spring security and spring session. I wanted to persist my session in a database so I specified it in application.properties:
spring.session.store-type=jdbc
I ...
0
votes
0
answers
53
views
Is there a required order for the execution of logout handlers?
Im using Spring Security reactive with Spring Session Redis.
For custom logout handler, I read Spring Security doc.
new DelegatingServerLogoutHandler(
new WebSessionServerLogoutHandler(), new ...
- 11
0
votes
1
answer
559
views
Infinite loop when using spring boot oauth2 client with spring-session xAuthToken session ID resolver
I tried to add spring-session with xAuthToken ID resolver to spring-authorization demo client, but after authenticating the user on the OAuth2 server, the browser stuck in an infinite redirection loop....
- 1
1
vote
1
answer
588
views
springboot 3.1.3 problem with customfilter extending AbstractAuthenticationProcessingFilter
So I have observed that when I am trying to use custom filter in security chain, i am not getting session cookie... Why i am doing that ? Because i want to send username and password in JSON not in ...
- 13
0
votes
0
answers
194
views
Enhancement request: Add Base64 session ID generator. Deprecate UuidSessionIdGenerationStrategy
Spring Security 3.2 includes PR 2286 for Issue 11 to introduce a new feature for overriding session ID generation. This is a good improvement.
My concern is UUID is still the default strategy here.
I ...
- 667
0
votes
1
answer
426
views
Issue with Spring Boot 3 Spring Session: @EnableRedisIndexedHttpSession annotation sets the default value for Redis namespace
When I tried to use Redis indexing to solve the issue of concurrent control in Spring Security session clustering, I noticed that after adding the @EnableRedisIndexedHttpSession annotation, Spring ...
- 1
1
vote
0
answers
200
views
Cannot reconnect/clear out timed out sessions in spring boot websocket server backed with Jdbc and Postgres using java websocket client
I have issues in having sessions properly deleted in my stomp websocket server, when clients are closed or after long inactivity. I attempted with and without spring session but could not achieve the ...
- 149
1
vote
0
answers
181
views
Spring Boot session based authentication post login other requests are not getting autheticated
I am trying to create a spring boot app which will expose a set of apis. Initially there will be a call to an authentication api, which sets a session cookie and then subsequent requests will send ...
- 483