Posted on

How Spring Security Concurrent Session Control Works: Part 1

Introduction

Spring security provides a mechanism to control and limit the maximum number of single-user open sessions. This mechanism prevents users from exceeding the number of allowed simultaneous connections. For example, Netflix limits the number of screens you can watch at the same time according to your subscription plan.

In part 1, we will understand how this mechanism works, how to use it, and being aware of the default spring security implementation limitations. In part 2, we will see how to overcome those limitations in a clustered environment.

Posted on

Spring Cloud Stream Channel Interceptor

Introduction

A Channel Interceptor is a means to capture a message before being sent or received in order to view it or modify it. The channel interceptor allows having a structured code when we want to add extra message processing or embed additional data that are basically related to a technical aspect without affecting the business code.

The Message Interceptor is used in frameworks like Spring Cloud Sleuth and Spring Security to propagate tracing and security context through message queue by adding headers to message in the producer part, then reading them and restoring the context in the consumer part.

Posted on

How To Propagate Context Information Throw Spring Batch

Introduction

While developing applications using Spring batch, we sometimes face one or most of the following cases:

  • The necessity of getting the security context to call methods or perform processing that requires security authorization.
  • Propagating the trace Id and Span Id required by Sleuth in micro-service context.
  • Getting the user Locale (i18n) in order to generate internationalized output.
  • Printing MDC information.

Those cases can be resolved by passing the context information as job parameters and restoring them before the job or step runs using JobExecutionListener or StepExecutionListener, respectively, according to the execution configuration made (One thread per job or thread pool that).