https://github.com/chexagon/redis-session-manager

A tomcat8 session manager providing session replication via persistence to redis
https://github.com/chexagon/redis-session-manager

Last synced: 2 days ago
JSON representation

A tomcat8 session manager providing session replication via persistence to redis

• Host: GitHub
• URL: https://github.com/chexagon/redis-session-manager
• Owner: chexagon
• License: apache-2.0
• Created: 2015-05-21T22:16:32.000Z (over 10 years ago)
• Default Branch: master
• Last Pushed: 2023-12-19T14:28:39.000Z (about 2 years ago)
• Last Synced: 2023-12-19T17:49:03.349Z (about 2 years ago)
• Language: Java
• Size: 125 KB
• Stars: 103
• Watchers: 11
• Forks: 58
• Open Issues: 3
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-java - Redis Session Manager

README

          
# Redis Session Manager for Tomcat 8.5

Tomcat 8.5 / Java 8 session manager to store sessions in Redis.

## Goals

* Support for Lettuce and Redisson redis clients

* JDK serialization

* Session save configuration to allow persistence [after a request|when an attribute changes]

* Ignore certain requests (e.g. for static resources)

## Usage

* Decide if you're going to use either Lettuce or Redisson as the redis client.

* After building, copy `rsm-[redisson|lettuce]-with-dependencies-VERSION.jar` to tomcat/lib

* Note `master` pom defines Tomcat 8.5.x; use branch `tomcat8` for Tomcat 8.0.x

## Common Configuration

```

```

* _sessionKeyPrefix_: prefix for redis keys. Useful for situations where 1 redis cluster serves multiple application clusters with potentially conflicting session IDs.

* _saveOnChange_: if _true_, the session will be persisted to redis immediately when any attribute is modified. When _false_, a modified session is persisted to redis when the request is complete.

* _forceSaveAfterRequest_: if _true_, the session will be persisted to redis when the request completes regardless of whether the session has detected a change to its state.

* _dirtyOnMutation_: see "Notes on object mutation" below.

* _ignorePattern_: Java Pattern String to be matched against the request URI (_does not include the query string_). If matched, the request will not be processed by the redis session manager.

* _maxSessionAttributeSize_: if not -1 (RedisSessionManager#DO_NOT_CHECK) specifies a maximum _encoded_ size for a session attribute value. Attributes larger than this size will be logged and will not be stored in the session.

* _maxSessionSize_: if not -1 (RedisSessionManager#DO_NOT_CHECK) specifies a maximum _encoded_ size for the entire session. Sessions larger than this size will be logged and will not be persisted to redis.

* _allowOversizedSessions_: if _true_ will allow sessions exceeding the configurations in _maxSessionAttributeSize_ and _maxSessionSize_ to be saved. An error will still be logged for any sessions exceeding the size. This attribute has no effect if neither _maxSessionAttributeSize_ nor _maxSessionSize_ are specified.

Note: A session can be persisted immediately to redis in the web application by setting the RedisSession#SAVE_IMMEDIATELY_ATTR) attribute to any value.

## Lettuce

* Default configuration: (communicates with redis on localhost:6379)

```

```

Multiple nodes can be configured with the `nodes` parameter (this includes AWS Elasticache config):

```

```

See https://github.com/lettuce-io/lettuce-core/wiki/Redis-URI-and-connection-details for more information on 

URI format and specifying timeouts, etc.

## Redisson

* Default configuration: (communicates with redis on localhost:6379)

```

```

* Full configuration (showing default values):

```

```

* _endpoint_: hostname:port of the redis server. Must be a primary endpoint (read/write) and not a read replicate (read-only).

### Redisson AWS ElastiCache usage

Version 2.0.0 added additional support for ElastiCache Replication Groups. Applicable configuration:

```

```

_nodes_ is a space-separated list of all nodes in the replication group. There is no default value; failure to specify this will result in a failure to start.

_nodePollInterval_ is the interval for polling each node in the group to determine if it is the master or a slave.

	

## Notes on object mutation

* TL;DR: avoid mutation of objects pulled from the session. If you must do this, read on.

* Changes made directly to an object in the session without mutating the session will not be persisted to redis. E.g. `session.getAttribute("anObject").setFoo("bar")` will not result in the session being marked dirty. _forceSaveAfterRequest_ can be used as a workaround, but this is inefficient. A dirty workaround would be to mark the session as dirty by `session.removeAttribute("nonExistentKey")` 

* It is possible for an object to be mutated and `session.setAttribute("anObject")` invoked without the session being marked as dirty due to the session object and mutated object being references to the same actual object. _dirtyOnMutation_ will mark the session as dirty whenever `setAttribute()` is invoked. This is generally safe but is disabled by default to avoid unnecessary persists.