Let's Build an API Together - Part 26

Last Update: 01.02.2018. By Jens in API Series | APIs | Newsletter

We will be using Spring Session with a JDBC storage and use the same database as for the rest of the application.

First, we add the dependencies (valid for Spring Boot Milestone 7; they are changing a lot)

<dependency>
    <groupId>org.springframework.session</groupId>
    <artifactId>spring-session-core</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.session</groupId>
    <artifactId>spring-session-jdbc</artifactId>
</dependency>

Then add @EnableJdbcHttpSession to the KanbanApiApplication and configure header usage instead of a session cookie:

@Bean
public HttpSessionIdResolver httpSessionIdResolver() {
    return HeaderHttpSessionIdResolver.xAuthToken();
}

It will now return the Spring Session id in the HTTP header X-Auth-Token and also expects it in the same on each request.

So, when we POST a basic auth request to /login, we will now receive the id in the header.

On step is left before we can happily login. Defining the Spring Session tables by running this SQL in the h2 console or whatever backend you did use.

Search

Online Courses

Spring Security for APIs Essentials Course

Pocket Guides

Build your first Microservice with Spring Boot

4 ways of secure integration for your Spring Boot Microservice with a Single-page Application

Level up with Spring Boot Microservices and Spring Cloud

Contact

Main Topics

Our Tools