Using Abstract prefix follows conventions for abstract classes
beginning with Abstract. This also opens up the door to introduce
a MongoSessionConverter interface in the future.
Issue gh-17
This commit provides implementation of SessionRepository based
on Spring's JdbcOperations interface.
@EnableJdbcHttpSession annotation is provided to ease the
configuration, together with spring-session-jdbc BOM and schema
creation scripts for all major databases.
Fixes gh-364
Previously a null Cookie value was returned by DefaultCookieSerializer
readCookieValues(). This could cause NullPointerExeptions later on.
This commit ignores cookies with a null value.
Fixes gh-392
Applies @DirtiesContext to all Spring Session Data GemFire integration
tests to ensure that no lingering GemFire (peer or client) cache
instances cause conflicts on downstream tests.
Fixes gh-396
Tasks executors used by redisMessageListenerContainer can now optionally
be overriden with beans named springSessionRedisTaskExecutor and/or
springSessionRedisSubscriptionExecutor.
Fixes gh-314
Fixes GH PR #148 and PR #308 implementing a GemFire Adapter to support
clustered HttpSessions in Spring Session.
* Resolve SGF-373 - Implement a Spring Session Adapter for GemFire backing
a HttpSession similar to the Redis support.
* Add Spring Session annotation to enable GemFire support with
@EnableGemFireHttpSession.
* Add extesion of SpringHttpSessionConfiguration to configure GemFire using
GemFireHttpSessionConfiguration.
* Add implementation of SessionRepository to access clustered, replicated
HttpSession state in GemFire with GemFireOperationsSessionRepository.
* Utilize GemFire Data Serialization framework to both replicate
HttpSession state information as well as handle deltas.
* Utilize GemFire OQL query to lookup arbitrary Session attributes by name,
and in particular the user authenticated principal name.
* Implment unit and integration tests, and in particular, tests for both
peer-to-peer (p2p) and client/server topologies.
* Set initial Spring Data GemFire version to 1.7.2.RELEASE, which depends
on Pivotal GemFire 8.1.0.
* Add documentation, Javadoc and samples along with additional Integration
Tests.
Fixes gh-148
Ensure that the session is only modified if it is accessed. This allows for
optimizations to ensure that for things like static resources there is
no need for hitting a data store.
Expiration time is rounded up, so in case of many request per second from a
single session we can skip sending of delete event to reduce the traffic.
This is good because actually at the moment the redis repository is subscribed
for this events, even though it ignores them.
Fix gh-315
Previously SessionRepository had to update the lastAccessTime when it was
loaded. This prevented inspecting the last access time. For example,
listing all the sessions for a specific user. Furthermore, it is
unintuitive that a read operation would update attributes on the domain
model.
This change introduces ExpiringSession setLastAccessedTime to allow setting
the expiration on the interface. This means that the SessionRepositoryFilter
can update the last accessed time.
Fixes gh-272
Previously RedisOperationsSessionRepository incorrectly:
* Deleted the session
* Added the session
* Set the expiration to be 0
This commit ensures that if the expiration is 0 that the sesson is only
deleted.
Fixes gh-292
Previously when creating a MapSession from an existing session required
that UUID.randomUUID() be invoked. This could slow down the system
since it requires entropy.
MapSession now has a constructor that accepts the id which prevents
Secure random from being used when the session is already known.
Fixes gh-271
If SessionRepositoryRequestWrapper.commitSession() is invoked twice
when a new session is created, then CookieHttpSessionStrategy will
add the same cookie twice. A couple examples of how this could happen:
* The response is committed and
SessionRepositoryResponseWrapper.onResponseCommitted() invokes
SessionRepositoryRequestWrapper.commitSession(). Then the finally
block in SessionRepositoryFilter invokes
SessionRepositoryRequestWrapper.commitSession() again.
* The new session is initialized and an Exception is thrown (i.e.
gh-229). The SessionRepositoryFilter invokes
SessionRepositoryRequestWrapper.commitSession() in the REQUEST
dispatch. Then in the ERROR dispatch SessionRepositoryFilter invokes
SessionRepositoryRequestWrapper.commitSession() invokes it again.
This commit ensures if the same Session is passed into
CookieHttpSessionStrategy multiple times within the same HttpServletRequest
it is only written once by keeping track of the sessions on a request
attribute.
Fixes gh-251
Previously, if the following happened:
* New Session Created
* Exception thrown
* Exception processed by error handler within Servlet
* Error Handler used a session
The result would be two sessions were created. This means the
data from the first session was also lost. This happend
because ERROR dispatch is a separate Filter invocation where
the request is no longer wrapped.
This commit ensures that currentSession is saved on a
HttpServletRequest attribute so that the ERROR dispatch sees
that a session was already created.
Fixes: gh-229