Questions tagged [spring-session]
Spring Session provides a common infrastructure for managing user’s session information.
spring-session
752
questions
0
votes
0
answers
148
views
Spring boot: how to disable session handler for the embedded server?
Our application does not need any session support but Spring adds session handler and a session id managed to the embedded Jetty server. I tried removing the handler in the server customizer but then ...
0
votes
0
answers
194
views
Enhancement request: Add Base64 session ID generator. Deprecate UuidSessionIdGenerationStrategy
Spring Security 3.2 includes PR 2286 for Issue 11 to introduce a new feature for overriding session ID generation. This is a good improvement.
My concern is UUID is still the default strategy here.
I ...
0
votes
0
answers
92
views
Persist session after browser is closed (Spring Boot edition)
This question has already been asked on SO, yet the answers were primarily using Security. I have the following constellations:
I do not use Spring Security
I use Spring Session JDBC
When I restart ...
1
vote
0
answers
103
views
Websocket session is not being persisted in JDBC session store type
Problem: WebSocker session data are not persisted in precreated session tables (SPRING_SESSION, SPRING_SESSION_ATTRIBUTES)
I followed this guide to implement it https://docs.spring.io/spring-session/...
2
votes
0
answers
165
views
Unable to inject SessionRegistry with Spring boot 3.1.1 and Spring Session Redis
I would like to use the removeSessionInformation method on SessionRegistry
I've read that with Spring Boot, the SessionRegistry bean should already be configured and ready to use. However, I don't ...
0
votes
1
answer
426
views
Issue with Spring Boot 3 Spring Session: @EnableRedisIndexedHttpSession annotation sets the default value for Redis namespace
When I tried to use Redis indexing to solve the issue of concurrent control in Spring Security session clustering, I noticed that after adding the @EnableRedisIndexedHttpSession annotation, Spring ...
1
vote
0
answers
200
views
Cannot reconnect/clear out timed out sessions in spring boot websocket server backed with Jdbc and Postgres using java websocket client
I have issues in having sessions properly deleted in my stomp websocket server, when clients are closed or after long inactivity. I attempted with and without spring session but could not achieve the ...
1
vote
0
answers
181
views
Spring Boot session based authentication post login other requests are not getting autheticated
I am trying to create a spring boot app which will expose a set of apis. Initially there will be a call to an authentication api, which sets a session cookie and then subsequent requests will send ...
0
votes
1
answer
183
views
Integrate spring session into websocket for Http session clean up
I have a Spring Boot websocket server deployed on Heroku and need help to properly implement authentication and session management in order to clean up/invalidate the authenticated sessions when the ...
2
votes
0
answers
393
views
Spring Security and Spring Session use different cookies
I was using Spring Security with this configuration:
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.csrf().disable().cors().and()....
0
votes
0
answers
365
views
How to make Spring Boot track HTTP session without authentication?
I have a simple Spring Boot app. I have created a session-scoped class and want for it to store some session related stuff. I want for the HTTP session to be created and tracked via the JSESSIONID ...
3
votes
0
answers
90
views
Should I configure sessionManagement in HttpSecurity if I use Spring Session?
I am trying to understand how Spring Security and Spring Session projects work together.
In my project I want to save sessions into database that's why I am using Spring Session JDBC. But I can't ...
1
vote
0
answers
861
views
How to configure Keycloak 21.0.1 to use redis session store
I'm looking for some guidance on how to configure Keycloak version 21.0.1 to use Redis for session storage. I've searched around and found many answers on this topic, but they all seem to be for ...
1
vote
0
answers
110
views
How to use Basic Auth or JWT in Spring Security to create a session for multi tenancy?
I am not in the context of login authorization, I validate the request using a basic auth header or JWT token. I have an API that validates the authorization using a token that redirects the requests ...
3
votes
2
answers
2k
views
Does setting spring.session.store-type to 'redis' no longer provide a FindByIndexNameSessionRepository bean?
I wrote a little spring security demo some time ago and I used redis for storing user sessions. I've been trying to upgrade it to Spring Boot 3 and Spring Security 6 but after raising project versions ...