Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DefaultWebSessionManager requires DefaultWebSession [SPR-15875] #20430

Closed
spring-issuemaster opened this issue Aug 18, 2017 · 2 comments

Comments

Projects
None yet
2 participants
@spring-issuemaster
Copy link
Collaborator

commented Aug 18, 2017

Rob Winch opened SPR-15875 and commented

Given the fact that DefaultWebSessionManager allows injecting a WebSessionStore and WebSessionStore allows any implementation of WebSession to be returned, it seems reasonable that DefaultWebSessionManager would work with a SessionStore that returns a different implementation of WebSession. However, this is not the case because it performs a cast to DefaultWebSession.

This makes it difficult for a custom implementation of WebSessionStore to be provided. This is further compounded by the fact that DefaultWebSession is package scope which means reading from an external data store cannot be performed since DefaultWebSession cannot be instantiated. It also means that a custom implementation of WebSession cannot be provided (which Spring Session needs).

Please make DefaultWebSessionManager able to work with any WebSession implementation being returned from WebSessionStore.


Affects: 5.0 RC3

Issue Links:

  • #20431 Provide hook in DefaultWebSessionManager to support creating custom WebSession implementation

Referenced from: pull request #1507, and commits 2fc2dab, 8ad14ae, 8691247

@spring-issuemaster

This comment has been minimized.

Copy link
Collaborator Author

commented Aug 18, 2017

Rossen Stoyanchev commented

DefaultWebSessionManager is what actually creates new WebSession instances currently. Then WebSessionStore simply does persistence which is why DefaultWebSessionManager assumes it will get back what it saved in the first place.

Perhaps what we need is a way to make DefaultWebSessionManager configurable with some sort of factory for creating sessions? Or introduce an abstract base class, or simply a protected method to create new instances?

The casting to a DefaultWebSession by the way was introduced recently in a refactoring to make it completely immutable, so that lastAccessTime and saveSession action (which needs the current exchange) can be passed as constructor args. I suppose that might also be resolved with a factory of some sort.

@spring-issuemaster

This comment has been minimized.

Copy link
Collaborator Author

commented Aug 24, 2017

Rob Winch commented

I have a Pull Request that addresses this. It is combined with efforts around #20431 #1507

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.