spring-projects
Session + redis -> Lost data when run many requests
After migration to spring parent 2.5.0 from 3.4.0, the spring data redis lost data the intermittently. I isolated one specific scenario that reproduce in my machine.
Enviroment:
-
I use the default Spring integration
-
I save the object complex in spring session through below code:
-
I use the last version of redis (7.4.1)
Scenario
My aplication execute the endpoint /front/adapters/grouper/23866860
After the response of backend, the front call the requests in parallel
- /front/constraints/list/disabled
- /front/user-requirements/user/forced/dto
- /front/tree
- /front/user-requirements/recommendation/disabled
- /front/tree/nodes/filter/autocomplete
In my secondary user interactive, i call the endpoint /front/drawings-urs[]
My problem: When, i started the application in every firsty execution, the system lost data session in the parallel requests. I created one LoggableDispatcherServlet to log session informations, please follow the file: LoggableDispatcherServlet.txt
In log from LoggableDispatcherServlet, please, check the order of request/response. I converted from table the better visualization
| event | type | - | endpoint | |
|---|---|---|---|---|
| 1 | IN | - | /front/adapters/grouper/23866860-urs[] | |
| 2 | OUT | - | /front/adapters/grouper/23866860-urs[{"id"100,"keyUr":"Project.motor.hasBrake"}] | |
| 3 | IN | - | /front/constraints/list/disabled-urs[] | |
| 4 | IN | - | /front/user-requirements/user/forced/dto-urs[] | |
| 5 | IN | - | /front/tree-urs[] | |
| 6 | IN | - | /front/user-requirements/recommendation/disabled-urs[] | |
| 7 | IN | - | /front/tree/nodes/filter/autocomplete-urs[] | |
| 8 | OUT | - | /front/constraints/list/disabled-urs[] | |
| 9 | OUT | - | /front/user-requirements/user/forced/dto-urs[] | |
| 10 | OUT | - | /front/user-requirements/recommendation/disabled-urs[] | |
| 11 | OUT | - | /front/tree-urs[] | |
| 12 | IN | - | /front/projects/status/allStatus-urs[{"id"100,"keyUr":"Project.motor.hasBrake"}] | |
| 13 | OUT | - | /front/projects/status/allStatus-urs[{"id"100,"keyUr":"Project.motor.hasBrake"}] | |
| 14 | OUT | - | /front/tree/nodes/filter/autocomplete-urs[] | |
| 15 | IN | - | /front/drawings-urs[] |
Check:
- In the line 1, the user call the execution endpoint /front/adapters/grouper/23866860 and not have data in session.
- in the line 2, the system filled data in session ({"id"100,"keyUr":"Project.motor.hasBrake"})
- Lines 3,4,5,6,7 automatic called data from backand, after the response of line 2 and not have the session data in the start.
- Line 12 and 13 have session spring data
- line 15, the next interaction to user, the data was lost.
Please, verify and fix this problem, please. If need more information, please tell me in the response this question.
I have a similar problem with @EnableRedisWebSession in the reactive implementation. The first request has data but after multiple concurrent calls, the logging is:
2024-12-04T10:30:12.620+01:00 DEBUG 7771 --- [a-gateway] [ctor-http-nio-7] o.s.s.w.s.u.m.OrServerWebExchangeMatcher : matched
2024-12-04T10:30:12.620+01:00 DEBUG 7771 --- [a-gateway] [ctor-http-nio-7] a.DelegatingReactiveAuthorizationManager : Checking authorization on '/api/my-path' using org.springframework.security.authorization.AuthenticatedReactiveAuthorizationManager@7ce32811
2024-12-04T10:30:12.620+01:00 DEBUG 7771 --- [a-gateway] [ parallel-8] ebSessionServerSecurityContextRepository : No SecurityContext found in WebSession: 'org.springframework.session.web.server.session.SpringSessionWebSessionStore$SpringSessionWebSession@59238507'
2024-12-04T10:30:12.621+01:00 DEBUG 7771 --- [a-gateway] [ parallel-1] ebSessionServerSecurityContextRepository : No SecurityContext found in WebSession: 'org.springframework.session.web.server.session.SpringSessionWebSessionStore$SpringSessionWebSession@3bc005b0'
2024-12-04T10:30:12.621+01:00 DEBUG 7771 --- [a-gateway] [ parallel-1] o.s.s.w.s.a.AuthorizationWebFilter : Authorization failed: Access Denied
2024-12-04T10:30:12.621+01:00 DEBUG 7771 --- [a-gateway] [ parallel-8] o.s.s.w.s.a.AuthorizationWebFilter : Authorization failed: Access Denied
2024-12-04T10:30:12.624+01:00 DEBUG 7771 --- [a-gateway] [ parallel-1] ebSessionServerSecurityContextRepository : No SecurityContext found in WebSession: 'org.springframework.session.web.server.session.SpringSessionWebSessionStore$SpringSessionWebSession@3bc005b0'
2024-12-04T10:30:12.624+01:00 DEBUG 7771 --- [a-gateway] [ parallel-8] ebSessionServerSecurityContextRepository : No SecurityContext found in WebSession: 'org.springframework.session.web.server.session.SpringSessionWebSessionStore$SpringSessionWebSession@59238507'
I compared it with Spring boot 3.3.5 and what seems to be different is the thread:
2024-12-04T10:34:21.692+01:00 DEBUG 8084 --- [a-gateway] [ioEventLoop-5-1] ebSessionServerSecurityContextRepository : Found SecurityContext 'SecurityContextImpl [Authentication=OAuth2AuthenticationToken [...]]' in WebSession: 'org.springframework.session.web.server.session.SpringSessionWebSessionStore$SpringSessionWebSession@257c99b3'
Maybe a concurrency issue?
