Skip to content

Session ID generation strategy #1547

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 10 commits into from
Closed

Session ID generation strategy #1547

wants to merge 10 commits into from

Conversation

zapp88
Copy link

@zapp88 zapp88 commented Nov 14, 2019

After creating PR : #1545 I became aware of long ongoing disscusion about
session generation strategy mainly : #204 which has merge conflicts and author is not present for quite a while, and a general issue #11 going back to 3 Jul 2014.

I tought i would try to takle the problem myself with the strategy approach (differently than in #1545). This PR is my attempt at assimilating strategy based way of controlling id generation process.

While I still prefer #1545 way of doing things 'this' PR is closer the expected behaviour of #11.
But not without a few pros and cons.

#1545 is less invasive - it provides means of controlling session id without changing too much. #1545 doesn't break any existing functionality - especially it doesn't remove any existing methodes - it only adds new.

At the same time this PR while gives us more elegant way of handling session id. It requires us to change a few things , mainly :

  • Session creation is not session class reponsibility - it is session-repository reponsibility and as a result - MapSession should get valid id from session-repository instead of creating it by itself. While this is easly guaranteed by removal of no-args constructor in MapSession it requires us to modify changeId methode signature in MapSession. The new id for session should be provided to session externally.

  • Existing session repository implementations should provide a way of changing session generation strategy and as a result all session repository should implement additional method "changeSessionId".

Additionally since spring-session is a library - we don't want to introduce any new unwanted behaviour to projects rellying on it. Thats why i additionaly introduce UUIDSessionIdStrategy which is a default go-to behaviour for all session repositories if no strategy is provided.

  • As a additional feature it would be nice to expand configuration with a means to customize session id strategy . For example add additional config field to EnableHazelcastHttpSession.

For now i dont want this PR to grow to large or out of scope so I willy probably try to add the aformentioned feature as a separate PR if this gets accepted.

Jakub Maciej added 3 commits November 13, 2019 15:07
Session id handling via id-generation-strategy
ff4a9cd 
* Session id creation and id change is now session repo responsibility
* Created default UUID based id generation strategy
* Unless specified otherwise UUID is used as default id creation method
* Add capability to change generation strategy for most repo-impl
Simplify naming.
64913b2
Flush session after id change if necessary
e714129
@zapp88 zapp88 mentioned this pull request Nov 14, 2019
Closed
@zapp88 zapp88 changed the title Feature/id with strategy Session ID generation strategy Nov 14, 2019
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Nov 14, 2019
@zapp88 zapp88 mentioned this pull request Nov 14, 2019
Closed
@zapp88 zapp88 changed the title Session ID generation strategy WIP:Session ID generation strategy Nov 14, 2019
@zapp88
Copy link
Author

zapp88 commented Nov 14, 2019

This feature is a work in progress untill i can fix integration tests.

@zapp88 zapp88 changed the title WIP:Session ID generation strategy Session ID generation strategy Nov 17, 2019
@zapp88
Copy link
Author

zapp88 commented Nov 17, 2019

Integration erros have been resolved

@barryspearce
Copy link

I have a multiple concurrent file uploader which suffers from deadlocks on the session table with alarming frequency, resulting in the data having to be resent.

Does this change resolve the issue of deadlocks occuring where multiple requests are received for the same session using mariadb and innodb tables?

For instance would this let me change the spring session table to the strategy used by the rest of my database which is db generated integer IDs?

If so is there any plan for including this in a release? I am sure a lot of people are keen to resolve the deadlock issue.

@quaff
Copy link
Contributor

quaff commented Feb 24, 2023

@zapp88 I've created similar PR 2251, could you take a look at that.

This was referenced Mar 28, 2023
Open
Closed
Closed
@marcusdacoregio
Copy link
Contributor

Closing in favor of #2286

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
status: waiting-for-triage An issue we've not yet triaged
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@zapp88 @barryspearce @quaff @marcusdacoregio @spring-projects-issues