Getting logged out of securesocial on compile and on clustered servers
https://stackoverflow.com/questions/9212657
-
27-04-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianDomanda
I have a quick question about the authentication mechanism itself. How does securesocial manages the login cookie? I have a little problem when I change code in my system and I have been logged in before the code change then I will be logged out and I need to login again. This is true for development. For production we use a cluster system which has 2 machines if i start a request on one machine and the next request is on the other machine then I will be logged out every single time. Does anyone has an idea what this could be or better why this happens ?? we are using securesocial 0.2.2
Best regards Thomas
Soluzione
The module relies on an implementation of the UserService interface to save/find users that are authenticated. SecureSocial comes with a default implementation: DefaultUserService. However this is not suitable for a production environment because it stores everything in a HashMap in memory. This is why you get logged out when the app reloads on DEV mode or you are asked to log in again in a clustered environment.
You need to provide your own implementation of that class and store things in a DB or another backing store. Checkout the javadocs in UserService.
BTW, please upgrade to version 0.2.4. I fixed a bug that prevented some requests to be granted access when they should be redirected to the login page.
