0

We have a CMS running in one tomcat container, that is not a spring application. We also have multiple applications running on separate tc server instances that contain our custom code (account management, cart, etc.). These are all spring 4.0.x applications and are secured with Spring Security.

I would like to enable Spring Session between all of these environments. Do you foresee any issues using Spring Session in an environment such as this?

dmfrey
  • 1,230
  • 1
  • 17
  • 33

1 Answers1

0

Spring Session should work on projects that are not otherwise Spring. If you take a look at the HttpSession Sample listed in the Samples section of the reference and you will see it works just fine with a standard servlet too.

In fact, depending on how you choose to integrate, Spring Session requires no additional dependencies on Spring at all. For example, the Hazelcast sample demonstrates how you don't need any Spring dependencies (other than Spring Session itself).

The possible problems I'd foresee:

  • If your CMS uses session very heavily, then the IO of retrieving your Session on every request can slow down things significantly
  • The SESSION cookie is how the session is stored in the browser and then passed back to the application. Spring Session by default writes this in a cookie with the path of the context root. This means that the SESSION cookie will not be visible to all of the applications. You can customize this with your own implementation. You can follow issue 87 for progress on making this available by default.
Rob Winch
  • 21,440
  • 2
  • 59
  • 76