Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ReactiveFindByIndexNameSessionRepository #914

Closed
rwinch opened this issue Nov 1, 2017 · 9 comments
Closed

Add ReactiveFindByIndexNameSessionRepository #914

rwinch opened this issue Nov 1, 2017 · 9 comments
Assignees
@marcusdacoregio
Labels
in: core type: enhancement A general enhancement
Milestone
3.3.0-M1

Comments

@rwinch
Copy link
Member

rwinch commented Nov 1, 2017

A reactive equivalent to FindByIndexNameSessionRepository
@rwinch rwinch added the reactive label Nov 1, 2017
@rwinch rwinch modified the milestones: 2.1.0, 2.1.0.M Nov 1, 2017
@rwinch rwinch mentioned this issue Nov 1, 2017
Closed
@vpavic vpavic modified the milestones: 2.1.0.M1, 2.1.0.M2 Jul 17, 2018
@vpavic vpavic modified the milestones: 2.1.0.M2, 2.1.0.M3 Aug 18, 2018
@vpavic vpavic mentioned this issue Sep 4, 2018
Closed
@vpavic vpavic modified the milestones: 2.1.0.M3, 2.1.0.RC1 Sep 10, 2018
@ayudovin ayudovin mentioned this issue Sep 20, 2018
Closed
@vpavic vpavic modified the milestones: 2.1.0.RC1, General Backlog Sep 21, 2018
@rwinch rwinch removed the reactive label May 22, 2019
@vpavic vpavic added the type: enhancement A general enhancement label Jun 3, 2019
@goosmurf
Copy link

Could this issue be prioritised given that it has security implications?

Consider that if a user's account is compromised (e.g. through cookie or other credential theft) it's typically expected that a password change would also have the effect of (optionally) invalidating all existing sessions.

Without this interface it's difficult to properly address session hijacking.

@eleftherias eleftherias self-assigned this Feb 26, 2020
@igorbolic
Copy link

Are there any plans of when ReactiveFindByIndexNameSessionRepository will be available?
Are there any guidelines of how someone could achieve the same functionality (invalidation & cleanup of all principal sessions) before this is released?

@yangdq1
Copy link

yangdq1 commented Dec 30, 2021
edited

Are there any plans of this issue? @vpavic @rwinch

@rwinch
Copy link
Member Author

rwinch commented Dec 31, 2021

Not at this time

@adamalexandru4
Copy link

Could anyone please provide at least a workaround in the meantime ?

@chhch chhch mentioned this issue Sep 7, 2022
Closed
@HJK181
Copy link

HJK181 commented Sep 26, 2022

5 years, and still nothing.

@rwinch rwinch removed this from the General Backlog milestone Nov 15, 2022
@DidierLoiseau DidierLoiseau mentioned this issue Jan 4, 2023
Open
@ChiragMoradiya
Copy link

We also encountered this issue. All of our micro-services are on Webflux, and we can't use this feature to invalidate all sessions of a User, when needed.

@marcusdacoregio
Copy link
Collaborator

Hi everyone, I'll be revisiting this issue as soon as spring-projects/spring-security#6192 is complete in order to integrate Spring Session WebFlux with the concurrent sessions control.

@marcusdacoregio marcusdacoregio self-assigned this Jul 27, 2023
@marcusdacoregio marcusdacoregio mentioned this issue Oct 16, 2023
Open
@marcusdacoregio marcusdacoregio mentioned this issue Dec 12, 2023
Merged
@marcusdacoregio marcusdacoregio mentioned this issue Dec 19, 2023
Closed
@marcusdacoregio
Copy link
Collaborator

Hi everyone, this has been closed via #2700.
This first implementation is based on Redis, please try it out and report any bugs or improvements suggestions.

@marcusdacoregio marcusdacoregio added this to the 3.3.0-M1 milestone Dec 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@marcusdacoregio marcusdacoregio

Labels
in: core type: enhancement A general enhancement
Projects
Spring Security Team
Archived in project
Milestone
3.3.0-M1
Development

No branches or pull requests
10 participants
@goosmurf @rwinch @vpavic @ChiragMoradiya @eleftherias @HJK181 @marcusdacoregio @igorbolic @yangdq1 @adamalexandru4