Context
Part of the session persistence work for multi-pod deployments (see #136). JDBC and Redis session stores are being implemented first; this issue tracks the MongoDB variant for operators already running MongoDB who do not want to provision a separate JDBC or Redis store.
Approach
Implement a MongoSessionRepository using the existing raw MongoDB driver (already on the classpath) rather than pulling in Spring Data MongoDB as a new dependency. The session schema is simple:
{
_id: string, // session ID
principal: string, // authenticated username
creationTime: long,
lastAccessTime: long,
maxInactiveInterval: int,
attributes: document // serialised session attributes
}
A TTL index on `lastAccessTime` handles session expiry automatically.
The session collection should use a dedicated name (e.g. `http_sessions`) to avoid any conflict with push store collections.
Config
server:
session-store: mongodb # reuses database.url / database.name for connection
No additional connection config needed — the Mongo connection is already established by the push store.
Prerequisites
Context
Part of the session persistence work for multi-pod deployments (see #136). JDBC and Redis session stores are being implemented first; this issue tracks the MongoDB variant for operators already running MongoDB who do not want to provision a separate JDBC or Redis store.
Approach
Implement a
MongoSessionRepositoryusing the existing raw MongoDB driver (already on the classpath) rather than pulling in Spring Data MongoDB as a new dependency. The session schema is simple:A TTL index on `lastAccessTime` handles session expiry automatically.
The session collection should use a dedicated name (e.g. `http_sessions`) to avoid any conflict with push store collections.
Config
No additional connection config needed — the Mongo connection is already established by the push store.
Prerequisites