These are chat archives for spring-cloud/spring-cloud

9th
Apr 2016
pakizito
@pakizito
Apr 09 2016 15:15
Hi Guys, I have a doubt that is echoing in my mind and I cannot find the solution... I have a zull as proxy/reverse proxy and after it I have 2 instances of a portal... building zuul with Angel.SR6 when i go through zuul after login with a form based security, I get redirected to the instance port of the portal... this is ok if the port of the portal is open, but this is not the case... so I investigated and the X-Forward-Host is the only filled attr when building with SR6... but for example with Brixton.M5 other X-Forward-* attrs are being filled and when I login I stay within the zuul port but then a strange thing happens, if I have 2 instances of the portal it forwards me to the portal but to the login page, and I further investigated and ribbon seems to loadbalance to the other instance and that's why the authorization doesn't work... and until now I have no idea how to do to stay in the zuul port and ribbon only use the server he tries to login the first time... since it's a loadbalancer I guess this is the correct behavior... but how can I do this? is this possible? thank you very much in advance and sorry for the question, but I cannot stop thinking about this and it's killing me... maybe my approach is wrong, I don't know...
Dave Syer
@dsyer
Apr 09 2016 15:19
If you have a session cookie with the backend app you obviously need to send requests back to the same instance. Ribbon could do that, but it doesn't out of the box (you'd have to write some code). It's much easier really to handle sticky sessions in a front end load balancer.
pakizito
@pakizito
Apr 09 2016 15:20
like apache?
thank you Syer for the quick response...
Dave Syer
@dsyer
Apr 09 2016 15:20
Yes, for instance.
Or use a PaaS (cloudfoundry, Heroku etc)
pakizito
@pakizito
Apr 09 2016 15:21
I actually tried that, but my knowledge is limited regarding apache and I'm getting a too much redirects going directly to the portal instances...
this must be deployed in house of the client
no cloud yet... for security reasons I guess
how could I do it via Ribbon? is there some example anywhere Syer?
I was thinking about create a zuul filter also...
maybe it's easier
pakizito
@pakizito
Apr 09 2016 15:26
but moving to the new version of cloud, shouldn't this situation be taken into account? I guess this will be quite common and with zuul as proxy with multiple instances behind it and form based security is quite common, how will ribbon behave then? shouldn't it be aware of sessions?
shouldn't this situation be addressed in the future?
Dave Syer
@dsyer
Apr 09 2016 15:29
It might be better to handle cookies and authentication in the gateway
But it's really common to use a front end lb
It's basically a commodity (anyone can set one up)
There are some open issues in Spring Cloud Security to do with cookie handling
Another option is to share the session between the backend instances (eg spring session)
pakizito
@pakizito
Apr 09 2016 15:32
thank you very much Syer... I was going crazy :)
like Redis?
Dave Syer
@dsyer
Apr 09 2016 15:32
Redis is one option out of the box with spring session
pakizito
@pakizito
Apr 09 2016 15:34
ok... I've read so many things that I got lost now :)... do you have one example you think explains perfectly the shared sessions?
one of your tutorials
Dave Syer
@dsyer
Apr 09 2016 15:40
There's a section in the angular tutorial on spring session. But there's also the user guide and spring boot samples.
The tutorial is more complicated than you need here (this is just vanilla shared sessions - with spring boot all you need is redis and spring session on the classpath)
pakizito
@pakizito
Apr 09 2016 15:42
thanks, going to try it... in windows I couldn't in the past because the windows version port is an old version...
Dave Syer
@dsyer
Apr 09 2016 15:59
I guess you can use docker to start redis
pakizito
@pakizito
Apr 09 2016 21:01
there's a new port of redis for windows... tryed redis and it works perfectly.... how easy is to setup 2 nodes of redis, one in each vm I have? can the portal know about the 2 if one is down? like eureka with a comma separated list...
Dave Syer
@dsyer
Apr 09 2016 21:08
Redis has some cluster features. Look it up in the docs (not Spring).
pakizito
@pakizito
Apr 09 2016 21:08
thanks...
will look
thank you very much for all the help!!