Questions tagged [spring-session]
Spring Session provides a common infrastructure for managing user’s session information.
spring-session
753
questions
3
votes
2
answers
2k
views
Does setting spring.session.store-type to 'redis' no longer provide a FindByIndexNameSessionRepository bean?
I wrote a little spring security demo some time ago and I used redis for storing user sessions. I've been trying to upgrade it to Spring Boot 3 and Spring Security 6 but after raising project versions ...
1
vote
1
answer
2k
views
Upgrade spring boot app from 2 to 3, fail to 'Set-Cookie' on auth
I'm attempting to upgrade my angular spring boot 2.x.x app to spring boot 3.x.x. I am seeing my authentication REST call to my user endpoint NOT return the 'Set-Cookie' header after it authenticates ...
0
votes
1
answer
370
views
How to set the provider for OAuth2ClientAuthenticationToken in Spring Authorization Server
How can I set the provider class for OAuth2ClientAuthenticationToken object.
I am working on springboot using spring security 5 and Spring Authorization Server ver 0.3.1
I already make the ...
0
votes
0
answers
1k
views
Spring security HttpSessionRequestCache saved request not persisted between requests
I'm building a new authentication filter to use with spring authorization server and have copied the code from FormLoginConfigurer to configure my filter.
When I run the code using .formLogin(), the ...
0
votes
1
answer
416
views
Spring session with Hazelcast is still stored in InMemoryWebSessionStore
I'm developing spring boot application. I want to store my session to Hazelcast. I followed this guide. Since I already have hazelcast standalone, I want to use Hazelcast client instead of the ...
1
vote
0
answers
292
views
Unable to get SessionRepository while integrating Spring Session using JDBC with Grails3
I am unable to integrate Spring Session with Grails-3.3.15 application using JDBC to persist HttpSession in PostgreSQL db. I get BeanCreationException upon startup of the application.
Background:
I ...
0
votes
1
answer
677
views
Spring authorization server authenticate for each client
I'm trying to build an Identity Provider using Spring authorization-server that third party applications are going to use for FIM (federated identity management).
We want each OAuth client to require ...
0
votes
0
answers
73
views
Ready for use with Spring Boot 3.x?
In GitHub, I see that Spring Session 3.0.0 has been released: https://github.com/spring-projects/spring-session/releases/tag/3.0.0
However, on Spring.io, I see that it is marked pre-release (still RC2)...
2
votes
0
answers
555
views
Spring 6: Problem Storing Session Attributes and invalidate Session
While migrating to spring 6 and spring boot 3, we have two problems:
The session attributes are not stored in the database anymore
The session is not invalidated correctly on logoff.
In Spring 5 we ...
0
votes
1
answer
780
views
How can I increase the in memory session store to maximum
Please note this is not about concurrent user session. This is about the total sessions can be stored in the in memory.
Here is the log :
java.lang.IllegalStateException: Max sessions limit reached: ...
3
votes
1
answer
13k
views
Spring boot 3 multiple security filter chains doesn't work
I am using Spring Boot 3.0.1. In my WebSecurityConfig class, I want to filter 2 types of api urls.
So I have 2 SecurityFilterChains. This is what I want to achieve.
1.) Login api: This one, I want to ...
2
votes
1
answer
2k
views
Spring Boot 3 migration for JDBC session and Spring Security does not work
This is a question for Spring Boot version 3.0.1.
This is working perfectly fine for version 2.7.5.
My app is using Spring Security and a JDBC session. So I get X-Auth-Token saved in spring_session ...
2
votes
1
answer
659
views
Vue/SpringBoot: Why does my JSESSIONID keeps changing
I have a vue app with a Spring Boot 3.0.1 backend and I want to use CSRF. The Vue Frontend and the Spring Boot Backend are served by different systems. I intend to use a nginx reverse proxy to ease ...
0
votes
0
answers
50
views
Exposing REST API only for a short period of time
I am working on a project which is already using spring-security Jwt for authentication of every incoming request. I need to add another REST controller in the same module with different path like /...
0
votes
1
answer
409
views
How to enable CookieCsrfTokenRepository.withHttpOnlyFalse() and @EnableJdbcHttpSession?
I have a Spring boot application with Spring Authorization Server (the new 4.0.1 package Spring Authorization)
The server is in a cluster of servers thus it needs to save the session in a DB so I use @...