Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DefaultWebSessionManager requires DefaultWebSession [SPR-15875] #20430

Closed
spring-projects-issues opened this issue Aug 18, 2017 · 2 comments
Closed
Assignees
Labels
in: web type: bug
Milestone

Comments

@spring-projects-issues
Copy link
Collaborator

spring-projects-issues commented Aug 18, 2017

Rob Winch opened SPR-15875 and commented

Given the fact that DefaultWebSessionManager allows injecting a WebSessionStore and WebSessionStore allows any implementation of WebSession to be returned, it seems reasonable that DefaultWebSessionManager would work with a SessionStore that returns a different implementation of WebSession. However, this is not the case because it performs a cast to DefaultWebSession.

This makes it difficult for a custom implementation of WebSessionStore to be provided. This is further compounded by the fact that DefaultWebSession is package scope which means reading from an external data store cannot be performed since DefaultWebSession cannot be instantiated. It also means that a custom implementation of WebSession cannot be provided (which Spring Session needs).

Please make DefaultWebSessionManager able to work with any WebSession implementation being returned from WebSessionStore.


Affects: 5.0 RC3

Issue Links:

Referenced from: pull request #1507, and commits 2fc2dab, 8ad14ae, 8691247

@spring-projects-issues
Copy link
Collaborator Author

spring-projects-issues commented Aug 18, 2017

Rossen Stoyanchev commented

DefaultWebSessionManager is what actually creates new WebSession instances currently. Then WebSessionStore simply does persistence which is why DefaultWebSessionManager assumes it will get back what it saved in the first place.

Perhaps what we need is a way to make DefaultWebSessionManager configurable with some sort of factory for creating sessions? Or introduce an abstract base class, or simply a protected method to create new instances?

The casting to a DefaultWebSession by the way was introduced recently in a refactoring to make it completely immutable, so that lastAccessTime and saveSession action (which needs the current exchange) can be passed as constructor args. I suppose that might also be resolved with a factory of some sort.

@spring-projects-issues
Copy link
Collaborator Author

spring-projects-issues commented Aug 24, 2017

Rob Winch commented

I have a Pull Request that addresses this. It is combined with efforts around #20431 #1507

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
in: web type: bug
Projects
None yet
Development

No branches or pull requests

2 participants