New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Health endpoint fails with Spring Session when redis is down #4560
Comments
I can't reproduce with a Vanilla setup. Could you please provide more details? (a sample would be better). |
You are right. It works fine in "vanilla setup". The missing piece is that I am using Spring Session backed by Redis.
The question is what to do with chicken-egg problem. I would be the best if health endpoint won't be affected by other not working parts. However I understand that Spring Session works as filter and it is hard to do something about that. Any thoughts? |
I hardly see what we could do about it. @rwinch, @wilkinsona any idea? |
One option could be ability to specify "mandatory/optional" URL patterns for Spring Session. Question is what would be the fallback strategy (fallback to anonymous would be fine here but in general?). However such setting could make sense also in different scenarios (web site with public and private (admin) part... I would rather have working public part if my redis fails although I wouldn't be able to manage it via admin) |
The simplest option is to run the actuator on a separate port, for example:
|
The alternative is to take control of the registration of Spring Session's filter and specify the URL patterns to which you want it to be applied. I don't think this is something that Spring Boot can do automatically (there's no way for us to say everything but @Bean
public FilterRegistrationBean sessionFilterRegistration(
SessionRepositoryFilter<?> filter) {
FilterRegistrationBean registration = new FilterRegistrationBean(filter);
registration.setUrlPatterns(Arrays.asList("/foo/*", "/bar/*"));
return registration;
} |
Thank you. I can confirm that the change of management port does not lead to "error page". I still have problem how to access sensitive information in secure way (but I believe this is another problem :)) The other alternative seems problematic for me as I can't simply define URL patterns just to exclude |
Since Spring Session is lazy about looking up the session, you can also avoid invoking |
@rwinch Thanks, but none of the health indicators call Looking at the stacktrace posted above led me to look at It looks as if a nice optimisation, from the perspective of this problem at least, would be to change |
@wilkinsona Keep in mind that |
@wilkinsona The other thing I'd add is that I'd be surprised if the monitoring of the endpoints actually passes in a session id. Since it is usually a background task, it does not track sessions but rather passes in a credential like a username/password over basic authentication for every request. If it does pass in a session id, then perhaps it should not. |
Thanks, @rwinch. @sodik82 The failure will only occur if you send a
You should correct whatever you are using to monitor the health of your application so that it does not send a |
ok, thanks. I will have to adapt my security configuration and I won't be able to use it "directly" from my admin interface but such constraint is acceptable for me. |
Likely obvious, but keep in mind that you run into similar issues if you
|
although it's closed but excluding redis from management did the job for me |
FYI I still found this problem and I had to disable Redis from the health actuator. |
@Alos That's a different problem. This issue is specific to using Spring Session backed by Redis and making a request to the Actuator with a SESSION cookie in the request. While the description talks about the health endpoint, requests to any endpoint would be affected and disabling the Redis health indicator would not make any difference. |
I am still facing this issue.
Will not work because it doesn't prevent this call:
Our SetUp:
|
@Venkat2811 It sounds like you're sending a |
Health endpoint (in my case
/manage/health
) fails when I shut down the redis instance with Whitelabel Error Page and exception:When I try to shut down different resources like mongo or postgres, health endpoint correctly report status "DOWN" for them.
Version: Spring IO 2.0.0.RELEASE (Spring boot 1.3.0) - JDK 1.8
The text was updated successfully, but these errors were encountered: