Monday, February 09, 2015

Spring Boot with AngularJS form authentication leveraging Spring Session

In this blog post I would like to show you how you can distribute the session on Heroku via Spring Session. In order to get started quickly I am using Dave Syer's code from the II part of the awesome "Spring and Angular JS" blog series. I highly recommend to read them.

I did some modifications to the initial code, like using npm and bower instead of wro4j to manage front end dependencies. If you would like to jump right to the code, you can find it here.

The http sessions will be stored in a Redis instance, which all web dynos will have access to. This enables to deploy the web application on multiple dyno's and the login will still work. Heroku has a stateless architecture where the routers use a random selection algorithm for HTTP request load balancing across web dynos, there is no sticky session functionality.
I chose Redis Cloud service on Heroku since it gave me a 25MB free data plan. After adding
heroku addons:add rediscloud
The REDISCLOUD_URL environment is available where the connection settings are provided as seen below.

The BUILDPACK_URL was used to configure a multipack build using this library. Basically it allowed to run first the npm install and then the ./gradlew build command.
Via the embedded-redis library it is possible to start a redis server during initialisation. The related Redis configuration can be found below

Running on Heroku we needed another Redis configuration which connects to the previously defined Redis Cloud service.

You can connect to the Redis cloud service also from your localhost via
redis-cli -h hostname -p port -a password
And you will see the created keys which correspond to the value of your SESSION cookie.
Try to increase the dynos for your web application and you will see the login will still work.