Close User Sessions

mihai.maranduca · July 23, 2024, 8:55am

Hello to everyone

Wonder if someone, please, can help me

The scenario is 1 Server -- X Clients, Server is 1.5.5 Jmix ver and the clients are using the latest one.
All those clients are creating entities in the server via REST. so every POST creates a new user session on the server side. Here is where I have the problem:
1 - How can I increase the maximum user sessions for the same user? I think default is 100 but I need more.
2- Here is the code on the client side that make the POST request:

public HttpStatus sendToPolux(WebClientParams wcp, AutenticationApi auth, String bodyValue){
        return wcp.webClientRecolector().post()
                .headers(h -> {
                    h.setBearerAuth(auth.getToken());
                })
                .bodyValue(bodyValue)
                .exchangeToMono(response -> {
                            HttpStatus responseStatus = (HttpStatus) response.statusCode();
                            return response.releaseBody().thenReturn(responseStatus);
                        }
                )
                .onErrorReturn(HttpStatus.INTERNAL_SERVER_ERROR)
                .block();
    }

the return response.releaseBody().thenReturn(responseStatus);
ignore the body and return status code so WebClient must close the connection but it doesn´t.

I have allways 100 user sessions which closes a random one only when a new one is trying to connect. So it is a problem. I want to know how user sessions works on Jmix maybe I have missed something.
A solution could be an increase of maximum user sessions and programatically close those connections which have more than 3 min on idle but honestly I don´t like this approach.

Thank you in advance.

p.aleksandrov · July 25, 2024, 10:41am

Hi, Mihai!

Jmix uses Spring autentification and sessions management mechanism so you can try to use this article to solve your problem Concurrent Sessions Control :: Spring Security

Best regards.

krivopustov · July 29, 2024, 12:17pm

You can increase the maximum number of sessions per user (which is 100 by default) using the following property:

jmix.core.session.maximum-sessions-per-user = 1000

Also, if you don’t add the io.jmix.sessions:jmix-sessions-starter dependency to your project, REST requests will not create sessions at all.

Regards,
Konstantin

mihai.maranduca · August 8, 2024, 11:34am

Hello. Sorry for late response but I was on vacation.

jmix.core.session.maximum-sessions-per-user = 1000

works perfectly. I need this but also I must control sessions that opens when every client make REST request. I don´t have io.jmix.sessions:jmix-sessions-starter dependency as you can see:

dependencies {
    implementation 'io.jmix.core:jmix-core-starter'
    implementation 'io.jmix.data:jmix-eclipselink-starter'
    implementation 'io.jmix.ui:jmix-ui-starter'
    implementation 'io.jmix.ui:jmix-ui-data-starter'
    implementation 'io.jmix.ui:jmix-ui-themes-compiled'
    implementation 'io.jmix.ui:jmix-ui-widgets-compiled'
    implementation 'io.jmix.security:jmix-security-starter'
    implementation 'io.jmix.security:jmix-security-ui-starter'
    implementation 'io.jmix.security:jmix-security-data-starter'
    implementation 'io.jmix.localfs:jmix-localfs-starter'
    implementation 'io.jmix.datatools:jmix-datatools-starter'
    implementation 'io.jmix.datatools:jmix-datatools-ui-starter'
    implementation 'org.webjars.npm:object-fit-images:3.2.3'
    implementation 'org.springframework.boot:spring-boot-starter-web'
    implementation 'org.springframework.boot:spring-boot-starter-webflux'
    implementation 'com.sun.mail:jakarta.mail:2.0.1'

    testImplementation('org.springframework.boot:spring-boot-starter-test') {
        exclude group: 'org.junit.vintage', module: 'junit-vintage-engine'
    }

    testImplementation 'io.jmix.ui:jmix-ui-test-assist'
    implementation 'io.jmix.appsettings:jmix-appsettings-starter'
    implementation 'io.jmix.appsettings:jmix-appsettings-ui-starter'
    implementation 'io.jmix.audit:jmix-audit-ui-starter'
    implementation 'io.jmix.audit:jmix-audit-starter'
    implementation 'io.jmix.gridexport:jmix-gridexport-ui-starter'
    implementation 'io.jmix.quartz:jmix-quartz-ui-starter'
    implementation 'io.jmix.quartz:jmix-quartz-starter'
    implementation 'org.postgresql:postgresql'

    implementation 'io.jmix.rest:jmix-rest-starter'
    implementation 'io.jmix.security:jmix-security-oauth2-starter'

    implementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-xml:2.17.1'
    implementation 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.17.1'

}

Neither on client side.

I´m working on some code that use cookies on headers to reuse the connection but it is not that straight forward as I thought since I think it can cause connection problems.

Thank you