Reputation: 3545
how to enable distributed session for spring saml project
I am using spring saml to provide authentication service to the user. But I have met an issue.
We need to deploy spring saml to kubenete for cluster management purpose. Unfortunately, spring saml is not using distributed session solution, instead of that, it requires the saml response to land at the same originating server. Spring saml said we need to use sticky session to let saml server send user back to the originating server.
But once we deploy into kubernete, this is very difficult to implement. Kubenete will send user to any pod randomly, also we do not want to use nginx plus for this purpose.
So I thought if we can use distributed session, this will resolve the whole problem. Can anyone tell me how I can use distributed session solution, such as redis, mongo etc with spring saml project?
Thanks
Upvotes: 1
Views: 857
Answers (1)
Reputation: 15533
Using distributed HttpSessions, e.g. with Hazelcast and Spring Session will work as well as using sticky sessions.
This will be transparent for Spring SAML, as the replication will be provided automatiacally behind the scenes, so there's no need for changes there.
Upvotes: 2
Related Questions
- Spring session for session sharing(clustering) between servers
- Stateless Sessions with Spring Security Saml and SP Application
- Spring - How to implement Single Sign-On with SAML 2.0
- SAML Configuration
- Spring SAML SSO do not share session
- Integration of Spring session with spring security saml
- Spring Security SAML Extension - Load Balancer Support
- Support for non-sticky sessions in spring-security-saml2-core?
- Spring saml - Single logout
- Distributed Session for Spring Security