'How to change spring session (redis) cookie name?
We have two projects behind same domain ( zuul proxy in front of them ), both uses spring session project with sessions kept in redis.
Those two sessions should be different, but seems they are overwriting each other id in cookie named 'SESSION'. How to change that name? Is there any easy way to do that through configuration?
Solution 1:[1]
ok, I did not find any property in configuration to change that. I dig in a bit in spring-session source code, and finally do:
@Bean
public <S extends ExpiringSession> SessionRepositoryFilter<? extends ExpiringSession> springSessionRepositoryFilter(SessionRepository<S> sessionRepository, ServletContext servletContext) {
SessionRepositoryFilter<S> sessionRepositoryFilter = new SessionRepositoryFilter<S>(sessionRepository);
sessionRepositoryFilter.setServletContext(servletContext);
CookieHttpSessionStrategy httpSessionStrategy = new CookieHttpSessionStrategy();
httpSessionStrategy.setCookieName("MY_SESSION_NAME");
sessionRepositoryFilter.setHttpSessionStrategy(httpSessionStrategy);
return sessionRepositoryFilter;
}
"SESSION" name is a default set in source of CookieHttpSessionStrategy.
Solution 2:[2]
I know that this is an old question, but I just want to put that this option also works.
You can add server.servlet.session.cookie.name
in your application.yml. Take a look at this spring docs link, it has other cookie properties that you can change as well.
Solution 3:[3]
I found a blog post about this, spring-session??
This post explains how to change session id name with Spring XML.
like following:
<bean class="org.springframework.session.web.http.DefaultCookieSerializer">
<property name="cookieName" value="SYSTEM_SESSION_ID" />
</bean>
And, I actually tested it and it worked.
Solution 4:[4]
@Bean
public CookieSerializer cookieSerializer() {
DefaultCookieSerializer serializer = new DefaultCookieSerializer();
serializer.setCookieName("YOUR_COOKIE");
serializer.setCookiePath("/");
serializer.setDomainNamePattern("^.+?\\.(\\w+\\.[a-z]+)$");
return serializer;
}
Solution 5:[5]
In Spring Boot Web (spring-boot-starter-web
) you have property named server.servlet.session.cookie.name
which work fine, however for me
turns out that the server.servlet.session.cookie.name
property is not working by default for Spring Boot WebFlux (spring-boot-starter-webflux
Spring Boot v2.5.2, Spring v5.3.8). I've created a WebSessionManager
bean which use it:
@Bean
public WebSessionManager webSessionManager(
final ServerProperties serverProperties, final WebFluxProperties webFluxProperties) {
final DefaultWebSessionManager webSessionManager = new DefaultWebSessionManager();
final CookieWebSessionIdResolver webSessionIdResolver = new CookieWebSessionIdResolver();
webSessionIdResolver.setCookieName(
serverProperties.getServlet().getSession().getCookie().getName());
webSessionIdResolver.addCookieInitializer(
(cookie) -> {
cookie.sameSite(webFluxProperties.getSession().getCookie().getSameSite().attribute());
});
webSessionManager.setSessionIdResolver(webSessionIdResolver);
return webSessionManager;
}
Solution 6:[6]
seems like that Spring now supports some yaml properties to set fine-grained properties of cookies and session on webflux / reactive servers (eg. Spring Gateway based applications).
Referring to this request they implemented a dual set of properties:
- spring.webflux.session (to be deprecated in favour to the next one)
- server.reactive.session
I was able to set the cookie name writing this line in the application.yaml:
server.reactive.session.cookie.name: "MYSESSIONID"
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
Solution | Source |
---|---|
Solution 1 | hi_my_name_is |
Solution 2 | theprogrammer |
Solution 3 | hiropon |
Solution 4 | Stephen Rauch |
Solution 5 | |
Solution 6 | Francesco Poli |