Release 2.0.0.RC1

Fixes gh-904

.travis.yml

@@ -1,19 +1,20 @@
 language: java
 
-services:
-  - redis-server
+sudo: required
 
-jdk:
-  - oraclejdk8
+services: docker
 
-os:
-  - linux
+jdk: oraclejdk8
 
 before_cache:
   - rm -f $HOME/.gradle/caches/modules-2/modules-2.lock
+  - rm -fr $HOME/.gradle/caches/*/plugin-resolution/
+
 cache:
   directories:
     - $HOME/.gradle/caches/
     - $HOME/.gradle/wrapper/
 
-script: ./gradlew build
+install: true
+
+script: ./gradlew clean build --refresh-dependencies --no-daemon

Jenkinsfile

@@ -24,21 +24,6 @@ try {
 			}
 		}
 	},
-	sonar: {
-		stage('Sonar') {
-			node {
-				checkout scm
-				withCredentials([string(credentialsId: 'spring-sonar.login', variable: 'SONAR_LOGIN')]) {
-					try {
-						sh "./gradlew clean sonarqube -PexcludeProjects='**/samples/**' -Dsonar.host.url=$SPRING_SONAR_HOST_URL -Dsonar.login=$SONAR_LOGIN --refresh-dependencies --no-daemon"
-					} catch(Exception e) {
-						currentBuild.result = 'FAILED: sonar'
-						throw e
-					}
-				}
-			}
-		}
-	},
 	springio: {
 		stage('Spring IO') {
 			node {
@@ -95,7 +80,7 @@ try {
 					subject: subject,
 					body: details,
 					recipientProviders: RECIPIENTS,
-					to: "$SPRING_SECURITY_TEAM_EMAILS"
+					to: "$SPRING_SESSION_TEAM_EMAILS"
 				)
 			}
 		}

build.gradle

@@ -1,11 +1,10 @@
 buildscript {
 	dependencies {
-		classpath 'io.spring.gradle:spring-build-conventions:0.0.2.RELEASE'
+		classpath 'io.spring.gradle:spring-build-conventions:0.0.5.RELEASE'
 		classpath "org.springframework.boot:spring-boot-gradle-plugin:$springBootVersion"
 	}
 	repositories {
-		maven { url 'https://repo.spring.io/libs-snapshot' }
-		maven { url 'https://repo.spring.io/plugins-snapshot' }
+		maven { url 'https://repo.spring.io/plugins-release' }
 	}
 }
 apply plugin: 'io.spring.convention.root'

docs/spring-session-docs.gradle

@@ -2,8 +2,10 @@ apply plugin: 'io.spring.convention.docs'
 apply plugin: 'io.spring.convention.spring-test'
 
 dependencies {
-	testCompile project(':spring-session')
+	testCompile project(':spring-session-core')
 	testCompile project(':spring-session-data-redis')
+	testCompile project(':spring-session-hazelcast')
+	testCompile project(':spring-session-jdbc')
 	testCompile "org.springframework:spring-jdbc"
 	testCompile "org.springframework:spring-messaging"
 	testCompile "org.springframework:spring-webmvc"
@@ -39,5 +41,5 @@ asciidoctor {
 			'docs-test-dir' : rootProject.projectDir.path + '/docs/src/test/java/',
 			'docs-test-resources-dir' : rootProject.projectDir.path + '/docs/src/test/resources/',
 			'samples-dir' : rootProject.projectDir.path + '/samples/',
-			'session-main-resources-dir' : rootProject.projectDir.path + '/spring-session/src/main/resources/'
+			'session-jdbc-main-resources-dir' : project(':spring-session-jdbc').projectDir.path + '/src/main/resources/'
 }

docs/src/docs/asciidoc/guides/boot-findbyusername.adoc

@@ -109,7 +109,8 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 [NOTE]
 ====
 For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
-Alternatively, you can update the `JedisConnectionFactory` to point to a Redis server.
+Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
+Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
 
 ----

docs/src/docs/asciidoc/guides/boot-redis.adoc

@@ -92,7 +92,8 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 [NOTE]
 ====
 For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
-Alternatively, you can update the `JedisConnectionFactory` to point to a Redis server.
+Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
+Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
 
 ----

docs/src/docs/asciidoc/guides/boot-websocket.adoc

@@ -84,7 +84,8 @@ server.session.timeout=60
 [NOTE]
 ====
 For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
-Alternatively, you can update the `LettuceConnectionFactory` to point to a Redis server.
+Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
+Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
 
 ----

docs/src/docs/asciidoc/guides/grails3.adoc

@@ -85,7 +85,8 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 [NOTE]
 ====
 For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
-Alternatively, you can update the `JedisConnectionFactory` to point to a Redis server.
+Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
+Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
 
 ----
@@ -127,3 +128,6 @@ Alternatively, you can also delete the explicit key. Enter the following into yo
 	$ redis-cli del spring:session:sessions:7e8383a4-082c-4ffe-a4bc-c40fd3363c5e
 
 Now visit the application at http://localhost:8080/test/index and observe that we are no longer authenticated.
+
+NOTE: Spring Session will not work with grails flash scope without additional work. +
+See this answer for an explanation: https://stackoverflow.com/a/43311427

docs/src/docs/asciidoc/guides/java-custom-cookie.adoc

@@ -79,7 +79,8 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 [NOTE]
 ====
 For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
-Alternatively, you can update the `LettuceConnectionFactory` to point to a Redis server.
+Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
+Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
 
 ----

docs/src/docs/asciidoc/guides/java-redis.adoc

@@ -126,7 +126,8 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 [NOTE]
 ====
 For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
-Alternatively, you can update the `LettuceConnectionFactory` to point to a Redis server.
+Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
+Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
 
 ----

docs/src/docs/asciidoc/guides/java-rest.adoc

@@ -127,7 +127,8 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 [NOTE]
 ====
 For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
-Alternatively, you can update the `LettuceConnectionFactory` to point to a Redis server.
+Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
+Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
 
 ----

docs/src/docs/asciidoc/guides/java-security.adoc

@@ -131,7 +131,8 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 [NOTE]
 ====
 For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
-Alternatively, you can update the `LettuceConnectionFactory` to point to a Redis server.
+Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
+Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
 
 ----

docs/src/docs/asciidoc/guides/java-users.adoc

@@ -1,161 +0,0 @@
-= Spring Session - Multiple Sessions
-Rob Winch
-:toc:
-
-This guide describes how to use Spring Session to manage multiple simultaneous browser sessions (i.e Google Accounts).
-
-== Integrating with Spring Session
-
-The steps to integrate with Spring Session are exactly the same as those outline in the link:httpsession.html[HttpSession Guide], so we will skip to running the sample application.
-
-[[users-sample]]
-== users Sample Application
-
-The users application demonstrates how to allow an application to manage multiple simultaneous browser sessions (i.e. Google Accounts).
-
-=== Running the users Sample Application
-
-You can run the sample by obtaining the {download-url}[source code] and invoking the following command:
-
-[NOTE]
-====
-For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
-Alternatively, you can update the `LettuceConnectionFactory` to point to a Redis server.
-====
-
-----
-$ ./gradlew :samples:users:tomcatRun
-----
-
-You should now be able to access the application at http://localhost:8080/
-
-=== Exploring the users Sample Application
-
-Try using the application. Authenticate with the following information:
-
-* **Username** _rob_
-* **Password** _rob_
-
-Now click the **Login** button. You should now be authenticated as the user **rob**.
-
-We can click on links and our user information is preserved.
-
-* Click on the **Link** link in the navigation bar at the top
-* Observe we are still authenticated as **rob**
-
-Let's add an another account.
-
-* Return to the *Home* page
-* Click on the arrow next to *rob* in the upper right hand corner
-* Click **Add Account**
-
-The log in form is displayed again. Authenticate with the following information:
-
-* **Username** _luke_
-* **Password** _luke_
-
-Now click the **Login** button. You should now be authenticated as the user **luke**.
-
-We can click on links and our user information is preserved.
-
-* Click on the **Link** link in the navigation bar at the top
-* Observe we are still authenticated as **luke**
-
-Where did our original user go? Let's switch to our original account.
-
-* Click on the arrow next to *luke* in the upper right hand corner.
-* Click on **Switch Account** -> *rob*
-
-We are now using the session associated with *rob*.
-
-== How does it work?
-
-// tag::how-does-it-work[]
-
-Let's take a look at how Spring Session keeps track of multiple sessions.
-
-=== Managing a Single Session
-
-Spring Session keeps track of the `HttpSession` by adding a value to a cookie named SESSION.
-For example, the SESSION cookie might have a value of:
-
-	7e8383a4-082c-4ffe-a4bc-c40fd3363c5e
-
-=== Adding a Session
-
-We can add another session by requesting a URL that contains a special parameter in it.
-By default the parameter name is *_s*. For example, the following URL would create a new session:
-
-http://localhost:8080/?_s=1
-
-NOTE: The parameter value does not indicate the actual session id.
-This is important because we never want to allow the session id to be determined by a client to avoid https://www.owasp.org/index.php/Session_fixation[session fixation attacks].
-Additionally, we do not want the session id to be leaked since it is sent as a query parameter.
-Remember sensitive information should only be transmitted as a header or in the body of the request.
-
-Rather than creating the URL ourselves, we can utilize the `HttpSessionManager` to do this for us.
-We can obtain the `HttpSessionManager` from the `HttpServletRequest` using the following:
-
-.src/main/java/sample/UserAccountsFilter.java
-[source,java,indent=0]
-----
-include::{samples-dir}javaconfig/users/src/main/java/sample/UserAccountsFilter.java[tags=HttpSessionManager]
-----
-
-We can now use it to create a URL to add another session.
-
-.src/main/java/sample/UserAccountsFilter.java
-[source,java,indent=0]
-----
-include::{samples-dir}javaconfig/users/src/main/java/sample/UserAccountsFilter.java[tags=addAccountUrl]
-----
-
-<1> We have an existing variable named `unauthenticatedAlias`.
-The value is an alias that points to an existing unauthenticated session.
-If no such session exists, the value is null.
-This ensures if we have an existing unauthenticated session that we use it instead of creating a new session.
-<2> If all of our sessions are already associated to a user, we create a new session alias.
-<3> If there is an existing session that is not associated to a user, we use its session alias.
-<4> Finally, we create the add account URL.
-The URL contains a session alias that either points to an existing unauthenticated session or is an alias that is unused thus signaling to create a new session associated to that alias.
-
-Now our SESSION cookie looks something like this:
-
-	0 7e8383a4-082c-4ffe-a4bc-c40fd3363c5e 1 1d526d4a-c462-45a4-93d9-84a39b6d44ad
-
-Such that:
-
-* There is a session with the id *7e8383a4-082c-4ffe-a4bc-c40fd3363c5e*
-** The alias for this session is  *0*.
-For example, if the URL is http://localhost:8080/?_s=0 this alias would be used.
-** This is the default session.
-This means that if no session alias is specified, then this session is used.
-For example, if the URL is http://localhost:8080/ this session would be used.
-* There is a session with the id *1d526d4a-c462-45a4-93d9-84a39b6d44ad*
-** The alias for this session is *1*.
-If the session alias is *1*, then this session is used.
-For example, if the URL is http://localhost:8080/?_s=1 this alias would be used.
-
-=== Automatic Session Alias Inclusion with encodeURL
-
-The nice thing about specifying the session alias in the URL is that we can have multiple tabs open with different active sessions.
-The bad thing is that we need to include the session alias in every URL of our application.
-Fortunately, Spring Session will automatically include the session alias in any URL that passes through http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html#encodeURL(java.lang.String)[HttpServletResponse#encodeURL(java.lang.String)]
-
-This means that if you are using standard tag libraries the session alias is automatically included in the URL.
-For example, if we are currently using the session with the alias of *1*, then the following:
-
-.src/main/webapp/index.jsp
-[source,xml,indent=0]
-----
-include::{samples-dir}javaconfig/users/src/main/webapp/index.jsp[tags=link]
-----
-
-will output a link of:
-
-[source,html]
-----
-<a id="navLink" href="/link.jsp?_s=1">Link</a>
-----
-
-// end::how-does-it-work[]

docs/src/docs/asciidoc/guides/xml-redis.adoc

@@ -134,7 +134,8 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 [NOTE]
 ====
 For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
-Alternatively, you can update the `LettuceConnectionFactory` to point to a Redis server.
+Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
+Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
 
 ----

docs/src/docs/asciidoc/index.adoc

@@ -18,7 +18,6 @@ Spring Session provides an API and implementations for managing a user's session
 * <<httpsession,HttpSession>> - allows replacing the HttpSession in an application container (i.e. Tomcat) neutral way.
 Additional features include:
 ** **Clustered Sessions** - Spring Session makes it trivial to support <<httpsession-redis,clustered sessions>> without being tied to an application container specific solution.
-** **Multiple Browser Sessions** - Spring Session supports <<httpsession-multi,managing multiple users' sessions>> in a single browser instance (i.e. multiple authenticated accounts similar to Google).
 ** **RESTful APIs** - Spring Session allows providing session ids in headers to work with <<httpsession-rest,RESTful APIs>>
 
 * <<websocket,WebSocket>> - provides the ability to keep the `HttpSession` alive when receiving WebSocket messages
@@ -98,10 +97,6 @@ If you are looking to get started with Spring Session, the best place to start i
 | Demonstrates how to use Spring Session in a REST application to support authenticating with a header.
 | link:guides/java-rest.html[REST Guide]
 
-| {gh-samples-url}javaconfig/users[Multiple Users]
-| Demonstrates how to use Spring Session to manage multiple simultaneous browser sessions (i.e Google Accounts).
-| link:guides/java-users.html[Multiple Users Guide]
-
 |===
 
 .Sample Applications using Spring XML based configuration
@@ -144,7 +139,6 @@ This means that developers can switch the `HttpSession` implementation out with
 We have already mentioned that Spring Session provides transparent integration with `HttpSession`, but what benefits do we get out of this?
 
 * **Clustered Sessions** - Spring Session makes it trivial to support <<httpsession-redis,clustered sessions>> without being tied to an application container specific solution.
-* **Multiple Browser Sessions** - Spring Session supports <<httpsession-multi,managing multiple users' sessions>> in a single browser instance (i.e. multiple authenticated accounts similar to Google).
 * **RESTful APIs** - Spring Session allows providing session ids in headers to work with <<httpsession-rest,RESTful APIs>>
 
 [[httpsession-redis]]
@@ -284,17 +278,6 @@ public class SessionRepositoryFilter implements Filter {
 By passing in a custom `HttpServletRequest` implementation into the `FilterChain` we ensure that anything invoked after our `Filter` uses the custom `HttpSession` implementation.
 This highlights why it is important that Spring Session's `SessionRepositoryFilter` must be placed before anything that interacts with the `HttpSession`.
 
-[[httpsession-multi]]
-=== Multiple HttpSessions in Single Browser
-
-Spring Session has the ability to support multiple sessions in a single browser instance.
-This provides the ability to support authenticating with multiple users in the same browser instance (i.e. Google Accounts).
-
-NOTE: The <<samples,Manage Multiple Users Guide>> provides a complete working example of managing multiple users in the same browser instance.
-You can follow the basic steps for integration below, but you are encouraged to follow along with the detailed Manage Multiple Users Guide when integrating with your own application.
-
-include::guides/java-users.adoc[tags=how-does-it-work,leveloffset=+1]
-
 [[httpsession-rest]]
 === HttpSession & RESTful APIs
 
@@ -416,7 +399,7 @@ include::{docs-test-dir}docs/security/SecurityConfiguration.java[tags=class]
 ----
 
 This assumes that you've also configured Spring Session to provide a `FindByIndexNameSessionRepository` that
-returns `ExpiringSession` instances.
+returns `Session` instances.
 
 When using XML configuration, it would look something like this:
 [source,xml,indent=0]
@@ -458,11 +441,7 @@ include::{indexdoc-tests}[tags=repository-demo]
 <5> We retrieve the `Session` from the `SessionRepository`.
 <6> We obtain the persisted `User` from our `Session` without the need for explicitly casting our attribute.
 
-[[api-expiringsession]]
-=== ExpiringSession
-
-An `ExpiringSession` extends a `Session` by providing attributes related to the `Session` instance's expiration.
-If there is no need to interact with the expiration information, prefer using the more simple `Session` API.
+`Session` API also provides attributes related to the `Session` instance's expiration.
 
 Typical usage might look like the following:
 
@@ -471,17 +450,17 @@ Typical usage might look like the following:
 include::{indexdoc-tests}[tags=expire-repository-demo]
 ----
 
-<1> We create a `SessionRepository` instance with a generic type, `S`, that extends `ExpiringSession`. The generic type is defined in our class.
-<2> We create a new `ExpiringSession` using our `SessionRepository` and assign it to a variable of type `S`.
-<3> We interact with the `ExpiringSession`.
-In our example, we demonstrate updating the amount of time the `ExpiringSession` can be inactive before it expires.
-<4> We now save the `ExpiringSession`.
+<1> We create a `SessionRepository` instance with a generic type, `S`, that extends `Session`. The generic type is defined in our class.
+<2> We create a new `Session` using our `SessionRepository` and assign it to a variable of type `S`.
+<3> We interact with the `Session`.
+In our example, we demonstrate updating the amount of time the `Session` can be inactive before it expires.
+<4> We now save the `Session`.
 This is why we needed the generic type `S`.
-The `SessionRepository` only allows saving `ExpiringSession` instances that were created or retrieved using the same `SessionRepository`.
+The `SessionRepository` only allows saving `Session` instances that were created or retrieved using the same `SessionRepository`.
 This allows for the `SessionRepository` to make implementation specific optimizations (i.e. only writing attributes that have changed).
-The last accessed time is automatically updated when the `ExpiringSession` is saved.
-<5> We retrieve the `ExpiringSession` from the `SessionRepository`.
-If the `ExpiringSession` were expired, the result would be null.
+The last accessed time is automatically updated when the `Session` is saved.
+<5> We retrieve the `Session` from the `SessionRepository`.
+If the `Session` were expired, the result would be null.
 
 [[api-sessionrepository]]
 === SessionRepository
@@ -640,7 +619,7 @@ HMSET spring:session:sessions:33fdd1b6-b496-4b33-9f7d-df96679d32fe sessionAttr:a
 [[api-redisoperationssessionrepository-expiration]]
 ===== Session Expiration
 
-An expiration is associated to each session using the EXPIRE command based upon the `ExpiringSession.getMaxInactiveInterval()`.
+An expiration is associated to each session using the EXPIRE command based upon the `Session.getMaxInactiveInterval()`.
 For example:
 
 ----
@@ -653,7 +632,7 @@ An expiration is set on the session itself five minutes after it actually expire
 
 [NOTE]
 ====
-The `SessionRepository.getSession(String)` method ensures that no expired sessions will be returned.
+The `SessionRepository.findById(String)` method ensures that no expired sessions will be returned.
 This means there is no need to check the expiration before using a session.
 ====
 
@@ -670,12 +649,12 @@ EXPIRE spring:session:sessions:expires:33fdd1b6-b496-4b33-9f7d-df96679d32fe 1800
 
 When a session expires key is deleted or expires, the keyspace notification triggers a lookup of the actual session and a SessionDestroyedEvent is fired.
 
-One problem with relying on Redis expiration exclusively is that Redis makes no guarantee of when the expired event will be fired if they key has not been accessed.
+One problem with relying on Redis expiration exclusively is that Redis makes no guarantee of when the expired event will be fired if the key has not been accessed.
 Specifically the background task that Redis uses to clean up expired keys is a low priority task and may not trigger the key expiration.
 For additional details see http://redis.io/topics/notifications[Timing of expired events] section in the Redis documentation.
 
 To circumvent the fact that expired events are not guaranteed to happen we can ensure that each key is accessed when it is expected to expire.
-This means that if the TTL is expired on the key, Redis will remove the key and fire the expired event when we try to access they key.
+This means that if the TTL is expired on the key, Redis will remove the key and fire the expired event when we try to access the key.
 
 For this reason, each session expiration is also tracked to the nearest minute.
 This allows a background task to access the potentially expired sessions to ensure that Redis expired events are fired in a more deterministic fashion.
@@ -687,7 +666,7 @@ EXPIRE spring:session:expirations1439245080000 2100
 ----
 
 The background task will then use these mappings to explicitly request each key.
-By accessing they key, rather than deleting it, we ensure that Redis deletes the key for us only if the TTL is expired.
+By accessing the key, rather than deleting it, we ensure that Redis deletes the key for us only if the TTL is expired.
 
 [NOTE]
 ====
@@ -776,7 +755,7 @@ redis 127.0.0.1:6379> hget spring:session:sessions:4fc39ce3-63b3-4e17-b1c4-5e1ed
 [[api-mapsessionrepository]]
 === MapSessionRepository
 
-The `MapSessionRepository` allows for persisting `ExpiringSession` in a `Map` with the key being the `ExpiringSession` id and the value being the `ExpiringSession`.
+The `MapSessionRepository` allows for persisting `Session` in a `Map` with the key being the `Session` id and the value being the `Session`.
 The implementation can be used with a `ConcurrentHashMap` as a testing or convenience mechanism.
 Alternatively, it can be used with distributed `Map` implementations. For example, it can be used with Hazelcast.
 
@@ -860,14 +839,14 @@ For example, with PostgreSQL database you would use the following schema script:
 
 [source,sql,indent=0]
 ----
-include::{session-main-resources-dir}org/springframework/session/jdbc/schema-postgresql.sql[]
+include::{session-jdbc-main-resources-dir}org/springframework/session/jdbc/schema-postgresql.sql[]
 ----
 
 And with MySQL database:
 
 [source,sql,indent=0]
 ----
-include::{session-main-resources-dir}org/springframework/session/jdbc/schema-mysql.sql[]
+include::{session-jdbc-main-resources-dir}org/springframework/session/jdbc/schema-mysql.sql[]
 ----
 
 ==== Transaction management

docs/src/test/java/docs/HttpSessionConfigurationNoOpConfigureRedisActionXmlTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -21,7 +21,7 @@ import org.junit.runner.RunWith;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.redis.connection.RedisConnectionFactory;
-import org.springframework.session.ExpiringSession;
+import org.springframework.session.Session;
 import org.springframework.session.web.http.SessionRepositoryFilter;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
@@ -38,7 +38,7 @@ import static org.mockito.Mockito.mock;
 @WebAppConfiguration
 public class HttpSessionConfigurationNoOpConfigureRedisActionXmlTests {
 	@Autowired
-	SessionRepositoryFilter<? extends ExpiringSession> filter;
+	SessionRepositoryFilter<? extends Session> filter;
 
 	@Test
 	public void redisConnectionFactoryNotUsedSinceNoValidation() {

docs/src/test/java/docs/IndexDocTests.java

@@ -16,6 +16,9 @@
 
 package docs;
 
+import java.time.Duration;
+import java.util.concurrent.ConcurrentHashMap;
+
 import com.hazelcast.config.Config;
 import com.hazelcast.core.Hazelcast;
 import com.hazelcast.core.HazelcastInstance;
@@ -26,7 +29,6 @@ import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactor
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.jdbc.datasource.DataSourceTransactionManager;
 import org.springframework.mock.web.MockServletContext;
-import org.springframework.session.ExpiringSession;
 import org.springframework.session.MapSession;
 import org.springframework.session.MapSessionRepository;
 import org.springframework.session.Session;
@@ -49,8 +51,8 @@ public class IndexDocTests {
 
 	@Test
 	public void repositoryDemo() {
-		RepositoryDemo<ExpiringSession> demo = new RepositoryDemo<>();
-		demo.repository = new MapSessionRepository();
+		RepositoryDemo<MapSession> demo = new RepositoryDemo<>();
+		demo.repository = new MapSessionRepository(new ConcurrentHashMap<>());
 
 		demo.demo();
 	}
@@ -68,7 +70,7 @@ public class IndexDocTests {
 
 			this.repository.save(toSave); // <4>
 
-			S session = this.repository.getSession(toSave.getId()); // <5>
+			S session = this.repository.findById(toSave.getId()); // <5>
 
 			// <6>
 			User user = session.getAttribute(ATTR_USER);
@@ -81,24 +83,24 @@ public class IndexDocTests {
 
 	@Test
 	public void expireRepositoryDemo() {
-		ExpiringRepositoryDemo<ExpiringSession> demo = new ExpiringRepositoryDemo<>();
-		demo.repository = new MapSessionRepository();
+		ExpiringRepositoryDemo<MapSession> demo = new ExpiringRepositoryDemo<>();
+		demo.repository = new MapSessionRepository(new ConcurrentHashMap<>());
 
 		demo.demo();
 	}
 
 	// tag::expire-repository-demo[]
-	public class ExpiringRepositoryDemo<S extends ExpiringSession> {
+	public class ExpiringRepositoryDemo<S extends Session> {
 		private SessionRepository<S> repository; // <1>
 
 		public void demo() {
 			S toSave = this.repository.createSession(); // <2>
 			// ...
-			toSave.setMaxInactiveIntervalInSeconds(30); // <3>
+			toSave.setMaxInactiveInterval(Duration.ofSeconds(30)); // <3>
 
 			this.repository.save(toSave); // <4>
 
-			S session = this.repository.getSession(toSave.getId()); // <5>
+			S session = this.repository.findById(toSave.getId()); // <5>
 			// ...
 		}
 
@@ -111,7 +113,7 @@ public class IndexDocTests {
 	public void newRedisOperationsSessionRepository() {
 		// tag::new-redisoperationssessionrepository[]
 		LettuceConnectionFactory factory = new LettuceConnectionFactory();
-		SessionRepository<? extends ExpiringSession> repository = new RedisOperationsSessionRepository(
+		SessionRepository<? extends Session> repository = new RedisOperationsSessionRepository(
 				factory);
 		// end::new-redisoperationssessionrepository[]
 	}
@@ -120,7 +122,8 @@ public class IndexDocTests {
 	@SuppressWarnings("unused")
 	public void mapRepository() {
 		// tag::new-mapsessionrepository[]
-		SessionRepository<? extends ExpiringSession> repository = new MapSessionRepository();
+		SessionRepository<? extends Session> repository = new MapSessionRepository(
+				new ConcurrentHashMap<>());
 		// end::new-mapsessionrepository[]
 	}
 
@@ -136,7 +139,7 @@ public class IndexDocTests {
 
 		// ... configure transactionManager ...
 
-		SessionRepository<? extends ExpiringSession> repository =
+		SessionRepository<? extends Session> repository =
 				new JdbcOperationsSessionRepository(jdbcTemplate, transactionManager);
 		// end::new-jdbcoperationssessionrepository[]
 	}

docs/src/test/java/docs/SpringHttpSessionConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,8 @@
 
 package docs;
 
+import java.util.concurrent.ConcurrentHashMap;
+
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.session.MapSessionRepository;
@@ -27,7 +29,7 @@ import org.springframework.session.config.annotation.web.http.EnableSpringHttpSe
 public class SpringHttpSessionConfig {
 	@Bean
 	public MapSessionRepository sessionRepository() {
-		return new MapSessionRepository();
+		return new MapSessionRepository(new ConcurrentHashMap<>());
 	}
 }
 // end::class[]

docs/src/test/java/docs/http/AbstractHttpSessionListenerTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,8 @@
 
 package docs.http;
 
+import java.util.Properties;
+
 import org.junit.Test;
 import org.junit.runner.RunWith;
 
@@ -31,11 +33,13 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.test.context.web.WebAppConfiguration;
 
 import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.ArgumentMatchers.anyString;
 import static org.mockito.BDDMockito.given;
 import static org.mockito.Mockito.mock;
 
 /**
  * @author Rob Winch
+ * @author Mark Paluch
  * @since 1.2
  */
 @RunWith(SpringJUnit4ClassRunner.class)
@@ -63,6 +67,7 @@ public abstract class AbstractHttpSessionListenerTests {
 		RedisConnection connection = mock(RedisConnection.class);
 
 		given(factory.getConnection()).willReturn(connection);
+		given(connection.getConfig(anyString())).willReturn(new Properties());
 		return factory;
 	}
 
@@ -77,6 +82,7 @@ public abstract class AbstractHttpSessionListenerTests {
 		 * @see org.springframework.context.ApplicationListener#onApplicationEvent(org.
 		 * springframework.context.ApplicationEvent)
 		 */
+		@Override
 		public void onApplicationEvent(SessionDestroyedEvent event) {
 			this.event = event;
 		}

docs/src/test/java/docs/security/RememberMeSecurityConfiguration.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,8 @@
 
 package docs.security;
 
+import java.util.concurrent.ConcurrentHashMap;
+
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -67,13 +69,13 @@ public class RememberMeSecurityConfiguration extends WebSecurityConfigurerAdapte
 	public InMemoryUserDetailsManager userDetailsService() {
 		InMemoryUserDetailsManager uds = new InMemoryUserDetailsManager();
 		uds.createUser(
-				User.withUsername("user").password("password").roles("USER").build());
+				User.withUsername("user").password("{noop}password").roles("USER").build());
 		return uds;
 	}
 
 	@Bean
 	MapSessionRepository sessionRepository() {
-		return new MapSessionRepository();
+		return new MapSessionRepository(new ConcurrentHashMap<>());
 	}
 }
 // end::class[]

docs/src/test/java/docs/security/RememberMeSecurityConfigurationTests.java

@@ -16,8 +16,8 @@
 
 package docs.security;
 
+import java.time.Duration;
 import java.util.Base64;
-import java.util.concurrent.TimeUnit;
 
 import javax.servlet.http.Cookie;
 
@@ -26,7 +26,7 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.session.ExpiringSession;
+import org.springframework.session.Session;
 import org.springframework.session.SessionRepository;
 import org.springframework.session.web.http.SessionRepositoryFilter;
 import org.springframework.test.context.ContextConfiguration;
@@ -48,7 +48,7 @@ import static org.springframework.security.test.web.servlet.setup.SecurityMockMv
 @ContextConfiguration(classes = RememberMeSecurityConfiguration.class)
 @WebAppConfiguration
 @SuppressWarnings("rawtypes")
-public class RememberMeSecurityConfigurationTests<T extends ExpiringSession> {
+public class RememberMeSecurityConfigurationTests<T extends Session> {
 	@Autowired
 	WebApplicationContext context;
 	@Autowired
@@ -81,9 +81,9 @@ public class RememberMeSecurityConfigurationTests<T extends ExpiringSession> {
 		Cookie cookie = result.getResponse().getCookie("SESSION");
 		assertThat(cookie.getMaxAge()).isEqualTo(Integer.MAX_VALUE);
 		T session = this.sessions
-				.getSession(new String(Base64.getDecoder().decode(cookie.getValue())));
-		assertThat(session.getMaxInactiveIntervalInSeconds())
-				.isEqualTo((int) TimeUnit.DAYS.toSeconds(30));
+				.findById(new String(Base64.getDecoder().decode(cookie.getValue())));
+		assertThat(session.getMaxInactiveInterval())
+				.isEqualTo(Duration.ofDays(30));
 
 	}
 }

docs/src/test/java/docs/security/RememberMeSecurityConfigurationXmlTests.java

@@ -16,8 +16,8 @@
 
 package docs.security;
 
+import java.time.Duration;
 import java.util.Base64;
-import java.util.concurrent.TimeUnit;
 
 import javax.servlet.http.Cookie;
 
@@ -26,7 +26,7 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.session.ExpiringSession;
+import org.springframework.session.Session;
 import org.springframework.session.SessionRepository;
 import org.springframework.session.web.http.SessionRepositoryFilter;
 import org.springframework.test.context.ContextConfiguration;
@@ -48,7 +48,7 @@ import static org.springframework.security.test.web.servlet.setup.SecurityMockMv
 @ContextConfiguration
 @WebAppConfiguration
 @SuppressWarnings("rawtypes")
-public class RememberMeSecurityConfigurationXmlTests<T extends ExpiringSession> {
+public class RememberMeSecurityConfigurationXmlTests<T extends Session> {
 	@Autowired
 	WebApplicationContext context;
 	@Autowired
@@ -81,9 +81,9 @@ public class RememberMeSecurityConfigurationXmlTests<T extends ExpiringSession>
 		Cookie cookie = result.getResponse().getCookie("SESSION");
 		assertThat(cookie.getMaxAge()).isEqualTo(Integer.MAX_VALUE);
 		T session = this.sessions
-				.getSession(new String(Base64.getDecoder().decode(cookie.getValue())));
-		assertThat(session.getMaxInactiveIntervalInSeconds())
-				.isEqualTo((int) TimeUnit.DAYS.toSeconds(30));
+				.findById(new String(Base64.getDecoder().decode(cookie.getValue())));
+		assertThat(session.getMaxInactiveInterval())
+				.isEqualTo(Duration.ofDays(30));
 
 	}
 }

docs/src/test/java/docs/security/SecurityConfiguration.java

@@ -21,8 +21,8 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.session.ExpiringSession;
 import org.springframework.session.FindByIndexNameSessionRepository;
+import org.springframework.session.Session;
 import org.springframework.session.security.SpringSessionBackedSessionRegistry;
 
 /**
@@ -33,7 +33,7 @@ import org.springframework.session.security.SpringSessionBackedSessionRegistry;
 public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 
 	@Autowired
-	private FindByIndexNameSessionRepository<ExpiringSession> sessionRepository;
+	private FindByIndexNameSessionRepository<Session> sessionRepository;
 
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
@@ -48,8 +48,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 
 	@Bean
 	SpringSessionBackedSessionRegistry sessionRegistry() {
-		return new SpringSessionBackedSessionRegistry<ExpiringSession>(
-				this.sessionRepository);
+		return new SpringSessionBackedSessionRegistry<>(this.sessionRepository);
 	}
 }
 // end::class[]

docs/src/test/java/docs/websocket/WebSocketConfig.java

@@ -32,6 +32,7 @@ import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
 @EnableWebSocketMessageBroker
 public class WebSocketConfig extends AbstractWebSocketMessageBrokerConfigurer {
 
+	@Override
 	public void registerStompEndpoints(StompEndpointRegistry registry) {
 		registry.addEndpoint("/messages").withSockJS();
 	}

docs/src/test/resources/docs/security/RememberMeSecurityConfigurationXmlTests-context.xml

@@ -20,9 +20,13 @@
 
 
 	<security:user-service>
-		<security:user name="user" password="password" authorities="ROLE_USER"/>
+		<security:user name="user" password="{noop}password" authorities="ROLE_USER"/>
 	</security:user-service>
 
 	<bean class="org.springframework.session.config.annotation.web.http.SpringHttpSessionConfiguration"/>
-	<bean id="springSessionRepository" class="org.springframework.session.MapSessionRepository"/>
+	<bean id="springSessionRepository" class="org.springframework.session.MapSessionRepository">
+		<constructor-arg>
+			<bean class="java.util.concurrent.ConcurrentHashMap"/>
+		</constructor-arg>
+	</bean>
 </beans>

etc/checkstyle/suppressions.xml

@@ -4,6 +4,7 @@
 <suppressions>
 	<suppress files=".+Application\.java" checks="HideUtilityClassConstructor"/>
 	<suppress files=".+Configuration\.java" checks="HideUtilityClassConstructor"/>
+	<suppress files=".+SSEFluxWebConfig\.java" checks="RegexpHeader"/>
 
 	<suppress files="[\\/]src[\\/]test[\\/]java[\\/]" checks="Javadoc"/>
 	<suppress files="[\\/]src[\\/]integration-test[\\/]java[\\/]" checks="Javadoc"/>

gradle.properties

@@ -1,2 +1,2 @@
-springBootVersion=2.0.0.M1
-version=2.0.0.M2
+springBootVersion=2.0.0.M5
+version=2.0.0.RC1

gradle/dependency-management.gradle

@@ -1,36 +1,55 @@
 dependencyManagement {
 	imports {
-		mavenBom 'org.springframework:spring-framework-bom:5.0.0.RC2'
-		mavenBom 'org.springframework.data:spring-data-releasetrain:Kay-M4'
-		mavenBom 'org.springframework.security:spring-security-bom:5.0.0.M2'
+		mavenBom 'com.fasterxml.jackson:jackson-bom:2.9.2'
+		mavenBom 'io.projectreactor:reactor-bom:Bismuth-SR3'
+		mavenBom 'org.springframework:spring-framework-bom:5.0.1.RELEASE'
+		mavenBom 'org.springframework.data:spring-data-releasetrain:Kay-SR1'
+		mavenBom 'org.springframework.security:spring-security-bom:5.0.0.RC1'
 	}
+
 	dependencies {
-		dependency 'com.fasterxml.jackson.core:jackson-databind:2.9.0.pr3'
-		dependency 'com.h2database:h2:1.4.195'
-		dependency 'com.hazelcast:hazelcast-client:3.8'
-		dependency 'com.hazelcast:hazelcast:3.8'
+		dependencySet(group: 'com.hazelcast', version: '3.9') {
+			entry 'hazelcast'
+			entry 'hazelcast-client'
+		}
+
+		dependencySet(group: 'org.testcontainers', version: '1.4.3') {
+			entry 'mariadb'
+			entry 'mysql'
+			entry 'postgresql'
+			entry 'testcontainers'
+		}
+
+		dependency 'ch.qos.logback:logback-classic:1.2.3'
+		dependency 'com.h2database:h2:1.4.196'
 		dependency 'com.maxmind.geoip2:geoip2:2.3.1'
-		dependency 'commons-codec:commons-codec:1.10'
+		dependency 'commons-codec:commons-codec:1.11'
 		dependency 'edu.umd.cs.mtc:multithreadedtc:1.01'
-		dependency 'io.lettuce:lettuce-core:5.0.0.M2'
+		dependency 'io.lettuce:lettuce-core:5.0.0.RELEASE'
 		dependency 'javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:1.2.1'
 		dependency 'javax.servlet.jsp:javax.servlet.jsp-api:2.3.2-b02'
 		dependency 'javax.servlet:javax.servlet-api:3.1.0'
 		dependency 'junit:junit:4.12'
-		dependency 'org.apache.derby:derby:10.13.1.1'
+		dependency 'mysql:mysql-connector-java:5.1.44'
+		dependency 'org.apache.derby:derby:10.14.1.0'
 		dependency 'org.apache.httpcomponents:httpclient:4.5.3'
 		dependency 'org.apache.taglibs:taglibs-standard-jstlel:1.2.5'
-		dependency 'org.assertj:assertj-core:3.6.2'
+		dependency 'org.assertj:assertj-core:3.8.0'
 		dependency 'org.hsqldb:hsqldb:2.4.0'
-		dependency 'org.mockito:mockito-core:2.7.22'
-		dependency 'org.seleniumhq.selenium:htmlunit-driver:2.26'
+		dependency 'org.mariadb.jdbc:mariadb-java-client:2.1.2'
+		dependency 'org.mockito:mockito-core:2.11.0'
+		dependency 'org.postgresql:postgresql:42.1.4'
+		dependency 'org.seleniumhq.selenium:htmlunit-driver:2.27'
+		dependency 'org.slf4j:jcl-over-slf4j:1.7.25'
+		dependency 'org.slf4j:log4j-over-slf4j:1.7.25'
+		dependency 'org.thymeleaf.extras:thymeleaf-extras-java8time:3.0.1.RELEASE'
+		dependency 'org.thymeleaf:thymeleaf-spring5:3.0.8.RELEASE'
 		dependency 'org.webjars:bootstrap:2.3.2'
 		dependency 'org.webjars:html5shiv:3.7.3'
-		dependency 'org.webjars:jquery:1.9.0'
+		dependency 'org.webjars:jquery:1.12.4'
 		dependency 'org.webjars:knockout:2.3.0'
 		dependency 'org.webjars:sockjs-client:0.3.4'
 		dependency 'org.webjars:stomp-websocket:2.3.0'
 		dependency 'org.webjars:webjars-taglib:0.3'
-		dependency 'redis.clients:jedis:2.9.0'
 	}
 }

gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,5 @@
-#Wed Jan 11 10:54:44 CST 2017
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-3.5-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-4.2.1-bin.zip

gradlew

@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/usr/bin/env sh
 
 ##############################################################################
 ##
@@ -33,11 +33,11 @@ DEFAULT_JVM_OPTS=""
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD="maximum"
 
-warn ( ) {
+warn () {
     echo "$*"
 }
 
-die ( ) {
+die () {
     echo
     echo "$*"
     echo
@@ -154,16 +154,19 @@ if $cygwin ; then
     esac
 fi
 
-# Split up the JVM_OPTS And GRADLE_OPTS values into an array, following the shell quoting and substitution rules
-function splitJvmOpts() {
-    JVM_OPTS=("$@")
+# Escape application args
+save () {
+    for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
+    echo " "
 }
-eval splitJvmOpts $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS
-JVM_OPTS[${#JVM_OPTS[*]}]="-Dorg.gradle.appname=$APP_BASE_NAME"
+APP_ARGS=$(save "$@")
+
+# Collect all arguments for the java command, following the shell quoting and substitution rules
+eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
 
 # by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong
-if [[ "$(uname)" == "Darwin" ]] && [[ "$HOME" == "$PWD" ]]; then
+if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then
   cd "$(dirname "$0")"
 fi
 
-exec "$JAVACMD" "${JVM_OPTS[@]}" -classpath "$CLASSPATH" org.gradle.wrapper.GradleWrapperMain "$@"
+exec "$JAVACMD" "$@"

samples/boot/findbyusername/spring-session-sample-boot-findbyusername.gradle

@@ -5,6 +5,7 @@ dependencies {
 	compile "org.springframework.boot:spring-boot-starter-web"
 	compile "org.springframework.boot:spring-boot-starter-thymeleaf"
 	compile "org.springframework.boot:spring-boot-starter-security"
+	compile "org.springframework.boot:spring-boot-starter-data-redis"
 	compile "org.springframework.boot:spring-boot-devtools"
 	compile "nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect"
 	compile "org.webjars:bootstrap"
@@ -17,16 +18,5 @@ dependencies {
 	testCompile "org.assertj:assertj-core"
 
 	integrationTestCompile seleniumDependencies
-}
-
-integrationTest {
-	doFirst {
-		systemProperties['spring.session.redis.namespace'] = project.name
-	}
-}
-
-integrationTest {
-	doFirst {
-		systemProperties['spring.session.redis.namespace'] = project.name
-	}
+	integrationTestCompile "org.testcontainers:testcontainers"
 }

samples/boot/findbyusername/src/integration-test/java/sample/FindByUsernameTests.java

@@ -18,9 +18,11 @@ package sample;
 
 import org.junit.After;
 import org.junit.Before;
+import org.junit.ClassRule;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.openqa.selenium.WebDriver;
+import org.testcontainers.containers.GenericContainer;
 import sample.pages.HomePage;
 import sample.pages.LoginPage;
 
@@ -28,6 +30,10 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.boot.test.util.TestPropertyValues;
+import org.springframework.context.ApplicationContextInitializer;
+import org.springframework.context.ConfigurableApplicationContext;
+import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.htmlunit.webdriver.MockMvcHtmlUnitDriverBuilder;
@@ -35,12 +41,20 @@ import org.springframework.test.web.servlet.htmlunit.webdriver.MockMvcHtmlUnitDr
 /**
  * @author Eddú Meléndez
  * @author Rob Winch
+ * @author Vedran Pavic
  */
 @RunWith(SpringRunner.class)
 @AutoConfigureMockMvc
-@SpringBootTest(webEnvironment = WebEnvironment.MOCK)
+@SpringBootTest(classes = FindByUsernameApplication.class, webEnvironment = WebEnvironment.MOCK)
+@ContextConfiguration(initializers = FindByUsernameTests.Initializer.class)
 public class FindByUsernameTests {
 
+	private static final String DOCKER_IMAGE = "redis:4.0.2";
+
+	@ClassRule
+	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
+			.withExposedPorts(6379);
+
 	@Autowired
 	private MockMvc mockMvc;
 
@@ -72,4 +86,18 @@ public class FindByUsernameTests {
 		home.terminateButtonDisabled();
 	}
 
+	static class Initializer
+			implements ApplicationContextInitializer<ConfigurableApplicationContext> {
+
+		@Override
+		public void initialize(
+				ConfigurableApplicationContext configurableApplicationContext) {
+			TestPropertyValues
+					.of("spring.redis.host=" + redisContainer.getContainerIpAddress(),
+							"spring.redis.port=" + redisContainer.getFirstMappedPort())
+					.applyTo(configurableApplicationContext.getEnvironment());
+		}
+
+	}
+
 }

samples/boot/findbyusername/src/main/java/sample/config/SecurityConfig.java

@@ -16,27 +16,47 @@
 
 package sample.config;
 
+import org.springframework.boot.autoconfigure.security.StaticResourceRequest;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 /**
+ * Spring Security configuration.
+ *
  * @author Rob Winch
+ * @author Vedran Pavic
  */
 @Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
+	@Bean
+	@Override
+	public UserDetailsService userDetailsService() {
+		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
+		manager.createUser(
+				User.withUsername("user").password("password").roles("USER").build());
+		return manager;
+	}
+
+	// @formatter:off
 	// tag::config[]
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
 		http
+			.authorizeRequests()
+				.requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()
+				.anyRequest().authenticated()
+				.and()
 			.formLogin()
 				.loginPage("/login")
-				.permitAll()
-				.and()
-			.authorizeRequests()
-				.anyRequest().authenticated();
+				.permitAll();
 	}
 	// end::config[]
+	// @formatter:on
 
 }

samples/boot/findbyusername/src/main/java/sample/mvc/IndexController.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -21,8 +21,8 @@ import java.util.Collection;
 import java.util.Set;
 
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.session.ExpiringSession;
 import org.springframework.session.FindByIndexNameSessionRepository;
+import org.springframework.session.Session;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.PathVariable;
@@ -39,11 +39,11 @@ import org.springframework.web.bind.annotation.RequestMethod;
 public class IndexController {
 	// tag::findbyusername[]
 	@Autowired
-	FindByIndexNameSessionRepository<? extends ExpiringSession> sessions;
+	FindByIndexNameSessionRepository<? extends Session> sessions;
 
 	@RequestMapping("/")
 	public String index(Principal principal, Model model) {
-		Collection<? extends ExpiringSession> usersSessions = this.sessions
+		Collection<? extends Session> usersSessions = this.sessions
 				.findByIndexNameAndIndexValue(
 						FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME,
 						principal.getName())
@@ -60,7 +60,7 @@ public class IndexController {
 				FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME,
 				principal.getName()).keySet();
 		if (usersSessionIds.contains(sessionIdToDelete)) {
-			this.sessions.delete(sessionIdToDelete);
+			this.sessions.deleteById(sessionIdToDelete);
 		}
 
 		return "redirect:/";

samples/boot/findbyusername/src/main/java/sample/session/SessionDetailsFilter.java

@@ -57,6 +57,7 @@ public class SessionDetailsFilter extends OncePerRequestFilter {
 	}
 
 	// tag::dofilterinternal[]
+	@Override
 	public void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
 			FilterChain chain) throws IOException, ServletException {
 		chain.doFilter(request, response);

samples/boot/findbyusername/src/main/resources/application.properties

@@ -1,2 +0,0 @@
-spring.session.store-type=redis
-security.user.password=password

samples/boot/findbyusername/src/main/resources/templates/index.html

@@ -21,8 +21,8 @@
 			<tr th:each="sessionElement : ${sessions}" th:with="details=${sessionElement.getAttribute('SESSION_DETAILS')}">
 				<td th:text="${sessionElement.id.substring(30)}"></td>
 				<td th:text="${details?.location}"></td>
-				<td th:text="${#dates.format(new java.util.Date(sessionElement.creationTime),'dd/MMM/yyyy HH:mm:ss')}"></td>
-				<td th:text="${#dates.format(new java.util.Date(sessionElement.lastAccessedTime),'dd/MMM/yyyy HH:mm:ss')}"></td>
+				<td th:text="${#temporals.format(sessionElement.creationTime.atZone(T(java.time.ZoneId).systemDefault()),'dd/MMM/yyyy HH:mm:ss')}"></td>
+				<td th:text="${#temporals.format(sessionElement.lastAccessedTime.atZone(T(java.time.ZoneId).systemDefault()),'dd/MMM/yyyy HH:mm:ss')}"></td>
 				<td th:text="${details?.accessType}"></td>
 				<td>
 					<form th:action="@{'/sessions/' + ${sessionElement.id}}" th:method="delete">

samples/boot/findbyusername/src/test/java/sample/session/SessionDetailsFilterTests.java

@@ -20,7 +20,6 @@ import com.maxmind.geoip2.DatabaseReader;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
-
 import sample.config.GeoConfig;
 
 import org.springframework.beans.factory.annotation.Autowired;

samples/boot/jdbc/src/main/java/sample/config/SecurityConfig.java

@@ -16,17 +16,34 @@
 
 package sample.config;
 
+import org.springframework.boot.autoconfigure.security.StaticResourceRequest;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 /**
+ * Spring Security configuration.
+ *
  * @author Rob Winch
  * @author Vedran Pavic
  */
 @Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
+	@Bean
+	@Override
+	public UserDetailsService userDetailsService() {
+		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
+		manager.createUser(
+				User.withUsername("user").password("password").roles("USER").build());
+		return manager;
+	}
+
 	// @formatter:off
 	@Override
 	public void configure(WebSecurity web) throws Exception {
@@ -35,4 +52,19 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 	}
 	// @formatter:on
 
+	// @formatter:off
+	// tag::config[]
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http
+			.authorizeRequests()
+				.requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()
+				.anyRequest().authenticated()
+				.and()
+			.formLogin()
+				.permitAll();
+	}
+	// end::config[]
+	// @formatter:on
+
 }

samples/boot/jdbc/src/main/resources/application.properties

@@ -1,3 +1 @@
-spring.session.store-type=jdbc
-security.user.password=password
 spring.h2.console.enabled=true

samples/boot/redis-json/spring-session-sample-boot-redis-json.gradle

@@ -1,18 +1,16 @@
 apply plugin: 'io.spring.convention.spring-sample-boot'
 
 dependencies {
-	compile(project(':spring-session-data-redis')) {
-		exclude module: 'jedis'
-	}
+	compile project(':spring-session-data-redis')
 	compile "org.springframework.boot:spring-boot-starter-web"
 	compile "org.springframework.boot:spring-boot-starter-thymeleaf"
 	compile "org.springframework.boot:spring-boot-starter-security"
+	compile "org.springframework.boot:spring-boot-starter-data-redis"
 	compile "org.springframework.boot:spring-boot-devtools"
 	compile "nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect"
 	compile "org.webjars:bootstrap"
 	compile "org.webjars:html5shiv"
 	compile "org.webjars:webjars-locator"
-	compile "io.lettuce:lettuce-core"
 	compile "org.apache.httpcomponents:httpclient"
 
 	testCompile "org.springframework.boot:spring-boot-starter-test"
@@ -20,4 +18,5 @@ dependencies {
 	testCompile "org.skyscreamer:jsonassert"
 
 	integrationTestCompile seleniumDependencies
+	integrationTestCompile "org.testcontainers:testcontainers"
 }

samples/boot/redis-json/src/integration-test/java/sample/HttpRedisJsonTest.java

@@ -20,9 +20,11 @@ import java.util.List;
 
 import org.junit.After;
 import org.junit.Before;
+import org.junit.ClassRule;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.openqa.selenium.WebDriver;
+import org.testcontainers.containers.GenericContainer;
 import sample.pages.HomePage;
 import sample.pages.HomePage.Attribute;
 import sample.pages.LoginPage;
@@ -31,6 +33,10 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.boot.test.util.TestPropertyValues;
+import org.springframework.context.ApplicationContextInitializer;
+import org.springframework.context.ConfigurableApplicationContext;
+import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.htmlunit.webdriver.MockMvcHtmlUnitDriverBuilder;
@@ -39,12 +45,20 @@ import static org.assertj.core.api.Assertions.assertThat;
 
 /**
  * @author Eddú Meléndez
+ * @author Vedran Pavic
  */
 @RunWith(SpringRunner.class)
-@SpringBootTest(webEnvironment = WebEnvironment.MOCK)
+@SpringBootTest(classes = Application.class, webEnvironment = WebEnvironment.MOCK)
 @AutoConfigureMockMvc
+@ContextConfiguration(initializers = HttpRedisJsonTest.Initializer.class)
 public class HttpRedisJsonTest {
 
+	private static final String DOCKER_IMAGE = "redis:4.0.2";
+
+	@ClassRule
+	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
+			.withExposedPorts(6379);
+
 	@Autowired
 	private MockMvc mockMvc;
 
@@ -96,4 +110,18 @@ public class HttpRedisJsonTest {
 		assertThat(attributes).extracting("attributeValue").contains("Demo Value");
 	}
 
+	static class Initializer
+			implements ApplicationContextInitializer<ConfigurableApplicationContext> {
+
+		@Override
+		public void initialize(
+				ConfigurableApplicationContext configurableApplicationContext) {
+			TestPropertyValues
+					.of("spring.redis.host=" + redisContainer.getContainerIpAddress(),
+							"spring.redis.port=" + redisContainer.getFirstMappedPort())
+					.applyTo(configurableApplicationContext.getEnvironment());
+		}
+
+	}
+
 }

samples/boot/redis-json/src/integration-test/java/sample/RedisSerializerTest.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -13,28 +13,43 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+
 package sample;
 
+import org.junit.ClassRule;
 import org.junit.Test;
 import org.junit.runner.RunWith;
+import org.testcontainers.containers.GenericContainer;
 
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.util.TestPropertyValues;
+import org.springframework.context.ApplicationContextInitializer;
+import org.springframework.context.ConfigurableApplicationContext;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.data.redis.serializer.GenericJackson2JsonRedisSerializer;
+import org.springframework.session.data.redis.config.annotation.SpringSessionRedisOperations;
+import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringRunner;
 
 import static org.assertj.core.api.Assertions.assertThat;
 
 /**
- * @author jitendra on 8/3/16.
+ * @author jitendra
+ * @author Vedran Pavic
  */
 @RunWith(SpringRunner.class)
-@SpringBootTest
+@SpringBootTest(classes = Application.class)
+@ContextConfiguration(initializers = RedisSerializerTest.Initializer.class)
 public class RedisSerializerTest {
 
-	@Autowired
-	RedisTemplate<Object, Object> sessionRedisTemplate;
+	private static final String DOCKER_IMAGE = "redis:4.0.2";
+
+	@ClassRule
+	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
+			.withExposedPorts(6379);
+
+	@SpringSessionRedisOperations
+	private RedisTemplate<Object, Object> sessionRedisTemplate;
 
 	@Test
 	public void testRedisTemplate() {
@@ -43,4 +58,19 @@ public class RedisSerializerTest {
 		assertThat(this.sessionRedisTemplate.getDefaultSerializer())
 				.isInstanceOf(GenericJackson2JsonRedisSerializer.class);
 	}
+
+	static class Initializer
+			implements ApplicationContextInitializer<ConfigurableApplicationContext> {
+
+		@Override
+		public void initialize(
+				ConfigurableApplicationContext configurableApplicationContext) {
+			TestPropertyValues
+					.of("spring.redis.host=" + redisContainer.getContainerIpAddress(),
+							"spring.redis.port=" + redisContainer.getFirstMappedPort())
+					.applyTo(configurableApplicationContext.getEnvironment());
+		}
+
+	}
+
 }

samples/boot/redis-json/src/main/java/sample/config/SecurityConfig.java

@@ -13,28 +13,47 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+
 package sample.config;
 
+import org.springframework.boot.autoconfigure.security.StaticResourceRequest;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 /**
- * @author jitendra on 3/3/16.
+ * Spring Security configuration.
+ *
+ * @author jitendra
+ * @author Vedran Pavic
  */
 @Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
+	@Bean
+	@Override
+	public UserDetailsService userDetailsService() {
+		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
+		manager.createUser(
+				User.withUsername("user").password("password").roles("USER").build());
+		return manager;
+	}
+
 	// @formatter:off
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
 		http
+			.authorizeRequests()
+				.requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()
+				.anyRequest().authenticated()
+				.and()
 			.formLogin()
 				.loginPage("/login")
-				.permitAll()
-				.and()
-			.authorizeRequests()
-				.anyRequest().authenticated();
+				.permitAll();
 	}
 	// @formatter:on
 

samples/boot/redis-json/src/main/java/sample/config/SessionConfig.java

@@ -56,6 +56,7 @@ public class SessionConfig implements BeanClassLoaderAware {
 	 * org.springframework.beans.factory.BeanClassLoaderAware#setBeanClassLoader(java.lang
 	 * .ClassLoader)
 	 */
+	@Override
 	public void setBeanClassLoader(ClassLoader classLoader) {
 		this.loader = classLoader;
 	}

samples/boot/redis-json/src/main/resources/application.properties

@@ -1,2 +0,0 @@
-spring.session.store-type=redis
-security.user.password=password

samples/boot/redis/spring-session-sample-boot-redis.gradle

@@ -5,6 +5,7 @@ dependencies {
 	compile "org.springframework.boot:spring-boot-starter-web"
 	compile "org.springframework.boot:spring-boot-starter-thymeleaf"
 	compile "org.springframework.boot:spring-boot-starter-security"
+	compile "org.springframework.boot:spring-boot-starter-data-redis"
 	compile "org.springframework.boot:spring-boot-devtools"
 	compile "nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect"
 	compile "org.webjars:bootstrap"
@@ -14,4 +15,5 @@ dependencies {
 	testCompile "org.springframework.boot:spring-boot-starter-test"
 
 	integrationTestCompile seleniumDependencies
+	integrationTestCompile "org.testcontainers:testcontainers"
 }

samples/boot/redis/src/integration-test/java/sample/BootTests.java

@@ -18,9 +18,11 @@ package sample;
 
 import org.junit.After;
 import org.junit.Before;
+import org.junit.ClassRule;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.openqa.selenium.WebDriver;
+import org.testcontainers.containers.GenericContainer;
 import sample.pages.HomePage;
 import sample.pages.LoginPage;
 
@@ -28,18 +30,30 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.boot.test.util.TestPropertyValues;
+import org.springframework.context.ApplicationContextInitializer;
+import org.springframework.context.ConfigurableApplicationContext;
+import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.htmlunit.webdriver.MockMvcHtmlUnitDriverBuilder;
 
 /**
  * @author Eddú Meléndez
+ * @author Vedran Pavic
  */
 @RunWith(SpringRunner.class)
 @AutoConfigureMockMvc
-@SpringBootTest(webEnvironment = WebEnvironment.MOCK)
+@SpringBootTest(classes = Application.class, webEnvironment = WebEnvironment.MOCK)
+@ContextConfiguration(initializers = BootTests.Initializer.class)
 public class BootTests {
 
+	private static final String DOCKER_IMAGE = "redis:4.0.2";
+
+	@ClassRule
+	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
+			.withExposedPorts(6379);
+
 	@Autowired
 	private MockMvc mockMvc;
 
@@ -78,4 +92,18 @@ public class BootTests {
 		login.assertAt();
 	}
 
+	static class Initializer
+			implements ApplicationContextInitializer<ConfigurableApplicationContext> {
+
+		@Override
+		public void initialize(
+				ConfigurableApplicationContext configurableApplicationContext) {
+			TestPropertyValues
+					.of("spring.redis.host=" + redisContainer.getContainerIpAddress(),
+							"spring.redis.port=" + redisContainer.getFirstMappedPort())
+					.applyTo(configurableApplicationContext.getEnvironment());
+		}
+
+	}
+
 }

samples/boot/redis/src/main/java/sample/config/SecurityConfig.java

@@ -16,12 +16,46 @@
 
 package sample.config;
 
+import org.springframework.boot.autoconfigure.security.StaticResourceRequest;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 /**
+ * Spring Security configuration.
+ *
  * @author Rob Winch
+ * @author Vedran Pavic
  */
 @Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+	@Bean
+	@Override
+	public UserDetailsService userDetailsService() {
+		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
+		manager.createUser(
+				User.withUsername("user").password("password").roles("USER").build());
+		return manager;
+	}
+
+	// @formatter:off
+	// tag::config[]
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http
+			.authorizeRequests()
+				.requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()
+				.anyRequest().authenticated()
+				.and()
+			.formLogin()
+				.permitAll();
+	}
+	// end::config[]
+	// @formatter:on
+
 }

samples/boot/redis/src/main/resources/application.properties

@@ -1,2 +0,0 @@
-spring.session.store-type=redis
-security.user.password=password

samples/boot/websocket/spring-session-sample-boot-websocket.gradle

@@ -1,13 +1,12 @@
 apply plugin: 'io.spring.convention.spring-sample-boot'
 
 dependencies {
-	compile(project(':spring-session-data-redis')) {
-		exclude module: 'jedis'
-	}
+	compile project(':spring-session-data-redis')
 	compile "org.springframework.boot:spring-boot-starter-web"
 	compile "org.springframework.boot:spring-boot-starter-thymeleaf"
 	compile "org.springframework.boot:spring-boot-starter-security"
 	compile "org.springframework.boot:spring-boot-starter-data-jpa"
+	compile "org.springframework.boot:spring-boot-starter-data-redis"
 	compile "org.springframework.boot:spring-boot-starter-websocket"
 	compile "org.springframework.boot:spring-boot-devtools"
 	compile "org.springframework:spring-websocket"
@@ -20,9 +19,9 @@ dependencies {
 	compile "org.webjars:sockjs-client"
 	compile "org.webjars:stomp-websocket"
 	compile "org.webjars:webjars-locator"
-	compile "io.lettuce:lettuce-core"
 	compile "com.h2database:h2"
 
 	testCompile "org.springframework.boot:spring-boot-starter-test"
 	testCompile "org.springframework.security:spring-security-test"
+	testCompile "org.testcontainers:testcontainers"
 }

samples/boot/websocket/src/main/java/sample/config/WebSecurityConfig.java

@@ -17,25 +17,31 @@
 package sample.config;
 
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.security.StaticResourceRequest;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 @Configuration
 @EnableGlobalMethodSecurity(prePostEnabled = true)
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
-	// @formatter:off
+	@Bean
 	@Override
-	public void configure(WebSecurity web) throws Exception {
-		web
-			.ignoring().antMatchers("/h2-console/**");
+	public UserDetailsService userDetailsService() {
+		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
+		manager.createUser(
+				User.withUsername("user").password("password").roles("USER").build());
+		return manager;
 	}
-	// @formatter:on
 
 	// @formatter:off
 	@Autowired
@@ -47,4 +53,25 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 	}
 	// @formatter:on
 
+	// @formatter:off
+	@Override
+	public void configure(WebSecurity web) throws Exception {
+		web
+			.ignoring().antMatchers("/h2-console/**");
+	}
+	// @formatter:on
+
+	// @formatter:off
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http
+			.authorizeRequests()
+				.requestMatchers(StaticResourceRequest.toCommonLocations()).permitAll()
+				.anyRequest().authenticated()
+				.and()
+			.formLogin()
+				.permitAll();
+	}
+	// @formatter:on
+
 }

samples/boot/websocket/src/main/java/sample/config/WebSocketConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,7 +19,7 @@ package sample.config;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.messaging.simp.config.MessageBrokerRegistry;
 import org.springframework.scheduling.annotation.EnableScheduling;
-import org.springframework.session.ExpiringSession;
+import org.springframework.session.Session;
 import org.springframework.session.web.socket.config.annotation.AbstractSessionWebSocketMessageBrokerConfigurer;
 import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker;
 import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
@@ -29,12 +29,14 @@ import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
 @EnableScheduling
 @EnableWebSocketMessageBroker
 public class WebSocketConfig
-		extends AbstractSessionWebSocketMessageBrokerConfigurer<ExpiringSession> { // <1>
+		extends AbstractSessionWebSocketMessageBrokerConfigurer<Session> { // <1>
 
+	@Override
 	protected void configureStompEndpoints(StompEndpointRegistry registry) { // <2>
 		registry.addEndpoint("/messages").withSockJS();
 	}
 
+	@Override
 	public void configureMessageBroker(MessageBrokerRegistry registry) {
 		registry.enableSimpleBroker("/queue/", "/topic/");
 		registry.setApplicationDestinationPrefixes("/app");

samples/boot/websocket/src/main/java/sample/config/WebSocketHandlersConfig.java

@@ -23,7 +23,7 @@ import sample.websocket.WebSocketDisconnectHandler;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.messaging.simp.SimpMessageSendingOperations;
-import org.springframework.session.ExpiringSession;
+import org.springframework.session.Session;
 
 /**
  * These handlers are separated from WebSocketConfig because they are specific to this
@@ -32,7 +32,7 @@ import org.springframework.session.ExpiringSession;
  * @author Rob Winch
  */
 @Configuration
-public class WebSocketHandlersConfig<S extends ExpiringSession> {
+public class WebSocketHandlersConfig<S extends Session> {
 
 	@Bean
 	public WebSocketConnectHandler<S> webSocketConnectHandler(

samples/boot/websocket/src/main/java/sample/data/User.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -23,9 +23,8 @@ import javax.persistence.Entity;
 import javax.persistence.GeneratedValue;
 import javax.persistence.GenerationType;
 import javax.persistence.Id;
-
-import org.hibernate.validator.constraints.Email;
-import org.hibernate.validator.constraints.NotEmpty;
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotEmpty;
 
 import org.springframework.security.crypto.password.PasswordEncoder;
 

samples/boot/websocket/src/main/java/sample/security/UserRepositoryUserDetailsService.java

@@ -49,6 +49,7 @@ public class UserRepositoryUserDetailsService implements UserDetailsService {
 	 * org.springframework.security.core.userdetails.UserDetailsService#loadUserByUsername
 	 * (java.lang.String)
 	 */
+	@Override
 	public UserDetails loadUserByUsername(String username)
 			throws UsernameNotFoundException {
 		User user = this.userRepository.findByEmail(username);
@@ -64,26 +65,32 @@ public class UserRepositoryUserDetailsService implements UserDetailsService {
 			super(user);
 		}
 
+		@Override
 		public Collection<? extends GrantedAuthority> getAuthorities() {
 			return AuthorityUtils.createAuthorityList("ROLE_USER");
 		}
 
+		@Override
 		public String getUsername() {
 			return getEmail();
 		}
 
+		@Override
 		public boolean isAccountNonExpired() {
 			return true;
 		}
 
+		@Override
 		public boolean isAccountNonLocked() {
 			return true;
 		}
 
+		@Override
 		public boolean isCredentialsNonExpired() {
 			return true;
 		}
 
+		@Override
 		public boolean isEnabled() {
 			return true;
 		}

samples/boot/websocket/src/main/java/sample/websocket/WebSocketConnectHandler.java

@@ -41,6 +41,7 @@ public class WebSocketConnectHandler<S>
 		this.repository = repository;
 	}
 
+	@Override
 	public void onApplicationEvent(SessionConnectEvent event) {
 		MessageHeaders headers = event.getMessage().getHeaders();
 		Principal user = SimpMessageHeaderAccessor.getUser(headers);

samples/boot/websocket/src/main/java/sample/websocket/WebSocketDisconnectHandler.java

@@ -36,6 +36,7 @@ public class WebSocketDisconnectHandler<S>
 		this.repository = repository;
 	}
 
+	@Override
 	public void onApplicationEvent(SessionDisconnectEvent event) {
 		String id = event.getSessionId();
 		if (id == null) {

samples/boot/websocket/src/main/resources/application.properties

@@ -1,3 +1,2 @@
-spring.session.store-type=redis
 #server.session.timeout=60
 spring.h2.console.enabled=true

samples/boot/websocket/src/test/java/sample/ApplicationTests.java

@@ -20,14 +20,21 @@ import java.util.ArrayList;
 import java.util.List;
 import java.util.concurrent.ExecutionException;
 
+import org.junit.ClassRule;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.ExpectedException;
 import org.junit.runner.RunWith;
+import org.testcontainers.containers.GenericContainer;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.boot.test.util.TestPropertyValues;
+import org.springframework.context.ApplicationContextInitializer;
+import org.springframework.context.ConfigurableApplicationContext;
+import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.util.concurrent.ListenableFuture;
 import org.springframework.web.socket.TextMessage;
@@ -41,18 +48,27 @@ import org.springframework.web.socket.sockjs.client.WebSocketTransport;
 
 /**
  * @author Rob Winch
+ * @author Vedran Pavic
  */
 @RunWith(SpringRunner.class)
-@SpringBootTest(classes = Application.class, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+@SpringBootTest(classes = Application.class, webEnvironment = WebEnvironment.RANDOM_PORT)
+@ContextConfiguration(initializers = ApplicationTests.Initializer.class)
 public class ApplicationTests {
+
+	private static final String DOCKER_IMAGE = "redis:4.0.2";
+
+	@ClassRule
+	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
+			.withExposedPorts(6379);
+
 	@Rule
 	public final ExpectedException thrown = ExpectedException.none();
 
 	@Value("${local.server.port}")
-	String port;
+	private String port;
 
 	@Autowired
-	WebSocketHandler webSocketHandler;
+	private WebSocketHandler webSocketHandler;
 
 	@Test
 	public void run() throws Exception {
@@ -67,4 +83,19 @@ public class ApplicationTests {
 		this.thrown.expect(ExecutionException.class);
 		wsSession.get().sendMessage(new TextMessage("a"));
 	}
+
+	static class Initializer
+			implements ApplicationContextInitializer<ConfigurableApplicationContext> {
+
+		@Override
+		public void initialize(
+				ConfigurableApplicationContext configurableApplicationContext) {
+			TestPropertyValues
+					.of("spring.redis.host=" + redisContainer.getContainerIpAddress(),
+							"spring.redis.port=" + redisContainer.getFirstMappedPort())
+					.applyTo(configurableApplicationContext.getEnvironment());
+		}
+
+	}
+
 }

samples/javaconfig/custom-cookie/spring-session-sample-javaconfig-custom-cookie.gradle

@@ -1,15 +1,14 @@
 apply plugin: 'io.spring.convention.spring-sample-war'
 
 dependencies {
-	compile(project(':spring-session-data-redis')) {
-		exclude module: 'jedis'
-	}
+	compile project(':spring-session-data-redis')
 	compile "org.springframework:spring-web"
 	compile "io.lettuce:lettuce-core"
 	compile "org.webjars:bootstrap"
 	compile "org.webjars:webjars-taglib"
 	compile jstlDependencies
 	compile slf4jDependencies
+	compile "org.testcontainers:testcontainers"
 
 	providedCompile "javax.servlet:javax.servlet-api"
 
@@ -18,3 +17,7 @@ dependencies {
 
 	integrationTestCompile seleniumDependencies
 }
+
+gretty {
+	jvmArgs = ['-Dspring.profiles.active=embedded-redis']
+}

samples/javaconfig/custom-cookie/src/main/java/sample/Config.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,11 +17,13 @@
 package sample;
 
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Import;
 import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
 import org.springframework.session.web.http.CookieSerializer;
 import org.springframework.session.web.http.DefaultCookieSerializer;
 
+@Import(EmbeddedRedisConfig.class)
 @EnableRedisHttpSession
 public class Config {
 

samples/javaconfig/custom-cookie/src/main/java/sample/EmbeddedRedisConfig.java

@@ -0,0 +1,59 @@
+/*
+ * Copyright 2014-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample;
+
+import java.io.IOException;
+
+import org.testcontainers.containers.GenericContainer;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.springframework.context.annotation.Profile;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+
+@Configuration
+@Profile("embedded-redis")
+public class EmbeddedRedisConfig {
+
+	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.2";
+
+	@Bean(initMethod = "start")
+	public GenericContainer redisContainer() {
+		return new GenericContainer(REDIS_DOCKER_IMAGE) {
+
+			@Override
+			public void close() {
+				super.close();
+				try {
+					this.dockerClient.close();
+				}
+				catch (IOException ignored) {
+				}
+			}
+
+		}.withExposedPorts(6379);
+	}
+
+	@Bean
+	@Primary
+	public LettuceConnectionFactory redisConnectionFactory() {
+		return new LettuceConnectionFactory(redisContainer().getContainerIpAddress(),
+				redisContainer().getFirstMappedPort());
+	}
+
+}

samples/javaconfig/hazelcast/spring-session-sample-javaconfig-hazelcast.gradle

@@ -1,7 +1,7 @@
 apply plugin: 'io.spring.convention.spring-sample-war'
 
 dependencies {
-	compile project(':spring-session')
+	compile project(':spring-session-hazelcast')
 	compile "org.springframework:spring-web"
 	compile "org.springframework.security:spring-security-config"
 	compile "org.springframework.security:spring-security-web"

samples/javaconfig/hazelcast/src/main/java/sample/ObjectStreamSerializer.java

@@ -36,10 +36,12 @@ import com.hazelcast.nio.serialization.StreamSerializer;
  *
  */
 public class ObjectStreamSerializer implements StreamSerializer<Object> {
+	@Override
 	public int getTypeId() {
 		return 2;
 	}
 
+	@Override
 	public void write(ObjectDataOutput objectDataOutput, Object object)
 			throws IOException {
 		ObjectOutputStream out = new ObjectOutputStream((OutputStream) objectDataOutput);
@@ -47,6 +49,7 @@ public class ObjectStreamSerializer implements StreamSerializer<Object> {
 		out.flush();
 	}
 
+	@Override
 	public Object read(ObjectDataInput objectDataInput) throws IOException {
 		ObjectInputStream in = new ObjectInputStream((InputStream) objectDataInput);
 		try {
@@ -57,6 +60,7 @@ public class ObjectStreamSerializer implements StreamSerializer<Object> {
 		}
 	}
 
+	@Override
 	public void destroy() {
 	}
 

samples/javaconfig/hazelcast/src/main/java/sample/SecurityConfig.java

@@ -16,14 +16,13 @@
 
 package sample;
 
-/**
- * @author Rob Winch
- */
-
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 
+/**
+ * @author Rob Winch
+ */
 @EnableWebSecurity
 public class SecurityConfig {
 	@Autowired

samples/javaconfig/jdbc/src/main/java/sample/H2ConsoleInitializer.java

@@ -24,6 +24,7 @@ import org.springframework.web.WebApplicationInitializer;
 
 public class H2ConsoleInitializer implements WebApplicationInitializer {
 
+	@Override
 	public void onStartup(ServletContext servletContext) throws ServletException {
 		servletContext.addServlet("h2Console", new WebServlet()).addMapping("/h2-console/*");
 	}

samples/javaconfig/redis/spring-session-sample-javaconfig-redis.gradle

@@ -1,15 +1,14 @@
 apply plugin: 'io.spring.convention.spring-sample-war'
 
 dependencies {
-	compile(project(':spring-session-data-redis')) {
-		exclude module: 'jedis'
-	}
+	compile project(':spring-session-data-redis')
 	compile "org.springframework:spring-web"
 	compile "io.lettuce:lettuce-core"
 	compile "org.webjars:bootstrap"
 	compile "org.webjars:webjars-taglib"
 	compile jstlDependencies
 	compile slf4jDependencies
+	compile "org.testcontainers:testcontainers"
 
 	providedCompile "javax.servlet:javax.servlet-api"
 
@@ -18,3 +17,7 @@ dependencies {
 
 	integrationTestCompile seleniumDependencies
 }
+
+gretty {
+	jvmArgs = ['-Dspring.profiles.active=embedded-redis']
+}

samples/javaconfig/redis/src/main/java/sample/Config.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,9 +17,11 @@
 package sample;
 
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Import;
 import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
 
+@Import(EmbeddedRedisConfig.class)
 // tag::class[]
 @EnableRedisHttpSession // <1>
 public class Config {

samples/javaconfig/redis/src/main/java/sample/EmbeddedRedisConfig.java

@@ -0,0 +1,59 @@
+/*
+ * Copyright 2014-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample;
+
+import java.io.IOException;
+
+import org.testcontainers.containers.GenericContainer;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.springframework.context.annotation.Profile;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+
+@Configuration
+@Profile("embedded-redis")
+public class EmbeddedRedisConfig {
+
+	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.2";
+
+	@Bean(initMethod = "start")
+	public GenericContainer redisContainer() {
+		return new GenericContainer(REDIS_DOCKER_IMAGE) {
+
+			@Override
+			public void close() {
+				super.close();
+				try {
+					this.dockerClient.close();
+				}
+				catch (IOException ignored) {
+				}
+			}
+
+		}.withExposedPorts(6379);
+	}
+
+	@Bean
+	@Primary
+	public LettuceConnectionFactory redisConnectionFactory() {
+		return new LettuceConnectionFactory(redisContainer().getContainerIpAddress(),
+				redisContainer().getFirstMappedPort());
+	}
+
+}

samples/javaconfig/rest/spring-session-sample-javaconfig-rest.gradle

@@ -1,9 +1,7 @@
 apply plugin: 'io.spring.convention.spring-sample-war'
 
 dependencies {
-	compile(project(':spring-session-data-redis')) {
-		exclude module: 'jedis'
-	}
+	compile project(':spring-session-data-redis')
 	compile "io.lettuce:lettuce-core"
 	compile "org.springframework:spring-webmvc"
 	compile "org.springframework.security:spring-security-config"
@@ -11,6 +9,7 @@ dependencies {
 	compile "com.fasterxml.jackson.core:jackson-databind"
 	compile jstlDependencies
 	compile slf4jDependencies
+	compile "org.testcontainers:testcontainers"
 
 	providedCompile "javax.servlet:javax.servlet-api"
 
@@ -19,4 +18,10 @@ dependencies {
 	testCompile "org.assertj:assertj-core"
 	testCompile "org.springframework:spring-test"
 	testCompile "commons-codec:commons-codec"
-}
+
+	integrationTestCompile "org.testcontainers:testcontainers"
+}
+
+gretty {
+	jvmArgs = ['-Dspring.profiles.active=embedded-redis']
+}

samples/javaconfig/rest/src/integration-test/java/rest/RestMockMvcTests.java

@@ -17,16 +17,22 @@
 package rest;
 
 import org.junit.Before;
+import org.junit.ClassRule;
 import org.junit.Test;
 import org.junit.runner.RunWith;
-
-import sample.HttpSessionConfig;
+import org.testcontainers.containers.GenericContainer;
 import sample.SecurityConfig;
 import sample.mvc.MvcConfig;
 
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
 import org.springframework.security.test.context.support.WithMockUser;
-import org.springframework.session.ExpiringSession;
+import org.springframework.session.Session;
+import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
+import org.springframework.session.web.http.HeaderHttpSessionIdResolver;
+import org.springframework.session.web.http.HttpSessionIdResolver;
 import org.springframework.session.web.http.SessionRepositoryFilter;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
@@ -44,18 +50,24 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 @RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration(classes = { HttpSessionConfig.class, SecurityConfig.class,
+@ContextConfiguration(classes = { RestMockMvcTests.Config.class, SecurityConfig.class,
 		MvcConfig.class })
 @WebAppConfiguration
 public class RestMockMvcTests {
 
-	@Autowired
-	SessionRepositoryFilter<? extends ExpiringSession> sessionRepositoryFilter;
+	private static final String DOCKER_IMAGE = "redis:4.0.2";
+
+	@ClassRule
+	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
+			.withExposedPorts(6379);
 
 	@Autowired
-	WebApplicationContext context;
+	private SessionRepositoryFilter<? extends Session> sessionRepositoryFilter;
 
-	MockMvc mvc;
+	@Autowired
+	private WebApplicationContext context;
+
+	private MockMvc mvc;
 
 	@Before
 	public void setup() {
@@ -81,4 +93,21 @@ public class RestMockMvcTests {
 				.andExpect(content().string("{\"username\":\"user\"}"));
 	}
 
+	@Configuration
+	@EnableRedisHttpSession
+	static class Config {
+
+		@Bean
+		public LettuceConnectionFactory redisConnectionFactory() {
+			return new LettuceConnectionFactory(redisContainer.getContainerIpAddress(),
+					redisContainer.getFirstMappedPort());
+		}
+
+		@Bean
+		public HttpSessionIdResolver httpSessionIdResolver() {
+			return HeaderHttpSessionIdResolver.xAuthToken();
+		}
+
+	}
+
 }

samples/javaconfig/rest/src/main/java/sample/EmbeddedRedisConfig.java

@@ -0,0 +1,59 @@
+/*
+ * Copyright 2014-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample;
+
+import java.io.IOException;
+
+import org.testcontainers.containers.GenericContainer;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.springframework.context.annotation.Profile;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+
+@Configuration
+@Profile("embedded-redis")
+public class EmbeddedRedisConfig {
+
+	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.2";
+
+	@Bean(initMethod = "start")
+	public GenericContainer redisContainer() {
+		return new GenericContainer(REDIS_DOCKER_IMAGE) {
+
+			@Override
+			public void close() {
+				super.close();
+				try {
+					this.dockerClient.close();
+				}
+				catch (IOException ignored) {
+				}
+			}
+
+		}.withExposedPorts(6379);
+	}
+
+	@Bean
+	@Primary
+	public LettuceConnectionFactory redisConnectionFactory() {
+		return new LettuceConnectionFactory(redisContainer().getContainerIpAddress(),
+				redisContainer().getFirstMappedPort());
+	}
+
+}

samples/javaconfig/rest/src/main/java/sample/HttpSessionConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,11 +18,13 @@ package sample;
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
 import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
-import org.springframework.session.web.http.HeaderHttpSessionStrategy;
-import org.springframework.session.web.http.HttpSessionStrategy;
+import org.springframework.session.web.http.HeaderHttpSessionIdResolver;
+import org.springframework.session.web.http.HttpSessionIdResolver;
 
+@Import(EmbeddedRedisConfig.class)
 // tag::class[]
 @Configuration
 @EnableRedisHttpSession // <1>
@@ -34,8 +36,8 @@ public class HttpSessionConfig {
 	}
 
 	@Bean
-	public HttpSessionStrategy httpSessionStrategy() {
-		return new HeaderHttpSessionStrategy(); // <3>
+	public HttpSessionIdResolver httpSessionIdResolver() {
+		return HeaderHttpSessionIdResolver.xAuthToken(); // <3>
 	}
 }
 // end::class[]

samples/javaconfig/rest/src/main/java/sample/SecurityConfig.java

@@ -45,7 +45,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 	public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
 		auth
 			.inMemoryAuthentication()
-				.withUser("user").password("password").roles("USER");
+				.withUser("user").password("{noop}password").roles("USER");
 	}
 	// @formatter:on
 }

samples/javaconfig/security/spring-session-sample-javaconfig-security.gradle

@@ -1,9 +1,7 @@
 apply plugin: 'io.spring.convention.spring-sample-war'
 
 dependencies {
-	compile(project(':spring-session-data-redis')) {
-		exclude module: 'jedis'
-	}
+	compile project(':spring-session-data-redis')
 	compile "org.springframework:spring-web"
 	compile "org.springframework.security:spring-security-config"
 	compile "org.springframework.security:spring-security-web"
@@ -12,6 +10,7 @@ dependencies {
 	compile "org.webjars:webjars-taglib"
 	compile jstlDependencies
 	compile slf4jDependencies
+	compile "org.testcontainers:testcontainers"
 
 	providedCompile "javax.servlet:javax.servlet-api"
 	providedCompile "javax.servlet.jsp:javax.servlet.jsp-api"
@@ -22,3 +21,7 @@ dependencies {
 
 	integrationTestCompile seleniumDependencies
 }
+
+gretty {
+	jvmArgs = ['-Dspring.profiles.active=embedded-redis']
+}

samples/javaconfig/security/src/main/java/sample/Config.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,9 +18,11 @@ package sample;
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
 import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
 
+@Import(EmbeddedRedisConfig.class)
 // tag::class[]
 @Configuration
 @EnableRedisHttpSession // <1>

samples/javaconfig/security/src/main/java/sample/EmbeddedRedisConfig.java

@@ -0,0 +1,59 @@
+/*
+ * Copyright 2014-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample;
+
+import java.io.IOException;
+
+import org.testcontainers.containers.GenericContainer;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.springframework.context.annotation.Profile;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+
+@Configuration
+@Profile("embedded-redis")
+public class EmbeddedRedisConfig {
+
+	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.2";
+
+	@Bean(initMethod = "start")
+	public GenericContainer redisContainer() {
+		return new GenericContainer(REDIS_DOCKER_IMAGE) {
+
+			@Override
+			public void close() {
+				super.close();
+				try {
+					this.dockerClient.close();
+				}
+				catch (IOException ignored) {
+				}
+			}
+
+		}.withExposedPorts(6379);
+	}
+
+	@Bean
+	@Primary
+	public LettuceConnectionFactory redisConnectionFactory() {
+		return new LettuceConnectionFactory(redisContainer().getContainerIpAddress(),
+				redisContainer().getFirstMappedPort());
+	}
+
+}

samples/javaconfig/security/src/main/java/sample/SecurityConfig.java

@@ -16,18 +16,17 @@
 
 package sample;
 
-/**
- * @author Rob Winch
- */
-
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 
+/**
+ * @author Rob Winch
+ */
 @EnableWebSecurity
 public class SecurityConfig {
 	@Autowired
 	public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
-		auth.inMemoryAuthentication().withUser("user").password("password").roles("USER");
+		auth.inMemoryAuthentication().withUser("user").password("{noop}password").roles("USER");
 	}
 }

samples/javaconfig/users/spring-session-sample-javaconfig-users.gradle

@@ -1,21 +0,0 @@
-apply plugin: 'io.spring.convention.spring-sample-war'
-
-dependencies {
-	compile(project(':spring-session-data-redis')) {
-		exclude module: 'jedis'
-	}
-	compile "org.springframework:spring-web"
-	compile "io.lettuce:lettuce-core"
-	compile "org.webjars:bootstrap"
-	compile "org.webjars:webjars-taglib"
-	compile jstlDependencies
-	compile slf4jDependencies
-
-	providedCompile "javax.servlet:javax.servlet-api"
-
-	testCompile "junit:junit"
-	testCompile "org.springframework:spring-test"
-	testCompile "org.assertj:assertj-core"
-
-	integrationTestCompile seleniumDependencies
-}

samples/javaconfig/users/src/integration-test/java/sample/UserTests.java

@@ -1,236 +0,0 @@
-/*
- * Copyright 2014-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import org.openqa.selenium.WebDriver;
-import org.openqa.selenium.WebElement;
-import org.openqa.selenium.htmlunit.HtmlUnitDriver;
-import sample.pages.HomePage;
-import sample.pages.LinkPage;
-
-import static org.assertj.core.api.Assertions.assertThat;
-
-/**
- * @author Pool Dolorier
- */
-public class UserTests {
-
-	private static final String ROB = "rob";
-	private static final String USERNAME = "username";
-	private static final String LUKE = "luke";
-	private static final String NAV_LINK = "navLink";
-	private static final String HREF = "href";
-	private static final String ADD_ACCOUNT = "addAccount";
-	private static final String UN = "un";
-	private static final String LOGOUT = "logout";
-	private static final String ERROR = "error";
-
-	private WebDriver driver;
-
-	@Before
-	public void setup() {
-		this.driver = new HtmlUnitDriver();
-	}
-
-	@After
-	public void tearDown() {
-		this.driver.quit();
-	}
-
-	@Test
-	public void firstVisitNotAuthenticated() {
-		HomePage homePage = HomePage.go(this.driver);
-		homePage.assertAt();
-		homePage.assertUserNameEmpty();
-	}
-
-	@Test
-	public void invalidLogin() {
-		HomePage homePage = HomePage.go(this.driver);
-		String user = ROB;
-		homePage.login(user, user + "invalid");
-		WebElement errorMessage = homePage.getElementById(ERROR);
-		homePage.assertAt();
-		homePage.assertErrorInvalidAuthentication(errorMessage);
-	}
-
-	@Test
-	public void emptyUsername() {
-		HomePage homePage = HomePage.go(this.driver);
-		homePage.login("", "");
-		WebElement errorMessage = homePage.getElementById(ERROR);
-		homePage.assertAt();
-		homePage.assertErrorInvalidAuthentication(errorMessage);
-	}
-
-	@Test
-	public void loginSingleUser() {
-		loginRob();
-	}
-
-	@Test
-	public void addAccount() {
-		backHomeForAddLukeAccount();
-	}
-
-	@Test
-	public void logInSecondUser() {
-		logInLukeAccount();
-	}
-
-	@Test
-	public void followingLinksKeepsNewSession() {
-		followingLukeLinkSession();
-
-	}
-
-	@Test
-	public void switchAccountRob() {
-		switchAccountRobHomePage();
-	}
-
-	@Test
-	public void followingLinksKeepsOriginalSession() {
-		followingRobLinkSession();
-	}
-
-	@Test
-	public void switchAccountLuke() {
-		switchAccountLukeHomePage();
-	}
-
-	@Test
-	public void logoutLuke() {
-		logoutLukeAccount();
-	}
-
-	@Test
-	public void switchBackRob() {
-		switchBackRobHomePage();
-	}
-
-	@Test
-	public void logoutRob() {
-		logoutRobAccount();
-	}
-
-	private HomePage loginRob() {
-		HomePage home = HomePage.go(this.driver);
-
-		String user = ROB;
-		home.login(user, user);
-		WebElement username = home.getElementById(UN);
-		assertThat(username.getText()).isEqualTo(user);
-		return home;
-	}
-
-	private HomePage backHomeForAddLukeAccount() {
-		HomePage robHome = loginRob();
-
-		String addAccountLink = robHome.getContentAttributeByElementId(ADD_ACCOUNT, HREF);
-		HomePage backHome = robHome.home(this.driver, addAccountLink);
-		WebElement username = backHome.getElementById(USERNAME);
-		assertThat(username.getText()).isEmpty();
-		return backHome;
-	}
-
-	private HomePage logInLukeAccount() {
-		HomePage home = backHomeForAddLukeAccount();
-
-		String secondUser = LUKE;
-		home.login(secondUser, secondUser);
-		WebElement secondUserName = home.getElementById(UN);
-		assertThat(secondUserName.getText()).isEqualTo(secondUser);
-		return home;
-	}
-
-	private LinkPage followingLukeLinkSession() {
-		HomePage lukeHome = logInLukeAccount();
-
-		String navLink = lukeHome.getContentAttributeByElementId(NAV_LINK, HREF);
-		LinkPage lukeLinkPage = lukeHome.linkPage(this.driver, navLink);
-		lukeLinkPage.assertAt();
-		WebElement username = lukeLinkPage.getElementById(UN);
-		assertThat(username.getText()).isEqualTo(LUKE);
-		return lukeLinkPage;
-	}
-
-	private HomePage switchAccountRobHomePage() {
-		LinkPage lukeLinkPage = followingLukeLinkSession();
-
-		String robSwitch = lukeLinkPage.getSwitchElementId(ROB);
-		String switchLink = lukeLinkPage.getContentAttributeByElementId(robSwitch, HREF);
-		HomePage robHome = lukeLinkPage.home(this.driver, switchLink);
-		WebElement username = robHome.getElementById(UN);
-		assertThat(username.getText()).isEqualTo(ROB);
-		return robHome;
-	}
-
-	private LinkPage followingRobLinkSession() {
-		HomePage robHome = switchAccountRobHomePage();
-
-		String navLink = robHome.getContentAttributeByElementId(NAV_LINK, HREF);
-		LinkPage robLinkPage = robHome.linkPage(this.driver, navLink);
-		robLinkPage.assertAt();
-		WebElement username = robLinkPage.getElementById(UN);
-		assertThat(username.getText()).isEqualTo(ROB);
-		return robLinkPage;
-	}
-
-	private HomePage switchAccountLukeHomePage() {
-		LinkPage robLinkPage = followingRobLinkSession();
-
-		String lukeSwitch = robLinkPage.getSwitchElementId(LUKE);
-		String lukeSwitchLink = robLinkPage.getContentAttributeByElementId(lukeSwitch, HREF);
-		HomePage lukeHome = robLinkPage.home(this.driver, lukeSwitchLink);
-		WebElement username = lukeHome.getElementById(UN);
-		assertThat(username.getText()).isEqualTo(LUKE);
-		return lukeHome;
-	}
-
-	private HomePage logoutLukeAccount() {
-		HomePage lukeHome = switchAccountLukeHomePage();
-
-		String logoutLink = lukeHome.getContentAttributeByElementId(LOGOUT, HREF);
-		HomePage home = lukeHome.home(this.driver, logoutLink);
-		home.assertUserNameEmpty();
-		return home;
-	}
-
-	private HomePage switchBackRobHomePage() {
-		HomePage homePage = logoutLukeAccount();
-
-		String robSwitch = homePage.getSwitchElementId(ROB);
-		String robSwitchLink = homePage.getContentAttributeByElementId(robSwitch, HREF);
-		HomePage robHome = homePage.home(this.driver, robSwitchLink);
-		WebElement username = robHome.getElementById(UN);
-		assertThat(username.getText()).isEqualTo(ROB);
-		return robHome;
-	}
-
-	private HomePage logoutRobAccount() {
-		HomePage robHome = switchBackRobHomePage();
-
-		String logoutLink = robHome.getContentAttributeByElementId(LOGOUT, HREF);
-		HomePage home = robHome.home(this.driver, logoutLink);
-		home.assertUserNameEmpty();
-		return home;
-	}
-}

samples/javaconfig/users/src/integration-test/java/sample/pages/BasePage.java

@@ -1,74 +0,0 @@
-/*
- * Copyright 2014-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.pages;
-
-import org.openqa.selenium.By;
-import org.openqa.selenium.WebDriver;
-import org.openqa.selenium.WebElement;
-import org.openqa.selenium.support.PageFactory;
-
-import static org.assertj.core.api.Assertions.assertThat;
-
-/**
- * @author Pool Dolorier
- */
-public abstract class BasePage {
-
-	private WebDriver driver;
-
-	public BasePage(WebDriver driver) {
-		this.driver = driver;
-	}
-
-	public WebDriver getDriver() {
-		return this.driver;
-	}
-
-	public static void get(WebDriver driver, String get) {
-		String baseUrl = "http://localhost:" + System.getProperty("app.port");
-		driver.get(baseUrl + get);
-	}
-
-	public static void getFrom(WebDriver driver, String resourceUrl) {
-		driver.get(resourceUrl);
-	}
-
-	public HomePage home(WebDriver driver, String resourceUrl) {
-		getFrom(driver, resourceUrl);
-		return PageFactory.initElements(driver, HomePage.class);
-	}
-
-	public LinkPage linkPage(WebDriver driver, String resourceUrl) {
-		getFrom(driver, resourceUrl);
-		return PageFactory.initElements(driver, LinkPage.class);
-	}
-
-	public String getSwitchElementId(String user) {
-		return "switchAccount" + user;
-	}
-
-	public WebElement getElementById(String id) {
-		return this.driver.findElement(By.id(id));
-	}
-
-	public String getContentAttributeByElementId(String id, String attribute) {
-		WebElement element = getElementById(id);
-		assertThat(element.getAttribute(attribute)).isNotEmpty();
-		return element.getAttribute(attribute);
-	}
-
-}

samples/javaconfig/users/src/integration-test/java/sample/pages/HomePage.java

@@ -1,66 +0,0 @@
-/*
- * Copyright 2014-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.pages;
-
-import org.openqa.selenium.WebDriver;
-import org.openqa.selenium.WebElement;
-import org.openqa.selenium.support.FindBy;
-import org.openqa.selenium.support.PageFactory;
-
-import static org.assertj.core.api.Assertions.assertThat;
-
-/**
- * @author Pool Dolorier
- */
-public class HomePage extends BasePage {
-
-	@FindBy(name = "username")
-	private WebElement username;
-
-	@FindBy(name = "password")
-	private WebElement password;
-
-	@FindBy(css = "form[method='post']")
-	private WebElement form;
-
-	public HomePage(WebDriver driver) {
-		super(driver);
-	}
-
-	public static HomePage go(WebDriver driver) {
-		get(driver, "/");
-		return PageFactory.initElements(driver, HomePage.class);
-	}
-
-	public void assertAt() {
-		assertThat(getDriver().getTitle()).isEqualTo("Demonstrates Multi User Log In");
-	}
-
-	public void assertUserNameEmpty() {
-		assertThat(this.username.getText()).isEmpty();
-	}
-
-	public void assertErrorInvalidAuthentication(WebElement errorMessage) {
-		assertThat(errorMessage.getText()).isEqualTo("Invalid username / password. Please ensure the username is the same as the password.");
-	}
-
-	public void login(String user, String password) {
-		this.username.sendKeys(user);
-		this.password.sendKeys(password);
-		this.form.submit();
-	}
-}

samples/javaconfig/users/src/main/java/sample/Account.java

@@ -1,45 +0,0 @@
-/*
- * Copyright 2014-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-public class Account {
-	private String username;
-
-	private String logoutUrl;
-
-	private String switchAccountUrl;
-
-	public Account(String username, String logoutUrl, String switchAccountUrl) {
-		super();
-		this.username = username;
-		this.logoutUrl = logoutUrl;
-		this.switchAccountUrl = switchAccountUrl;
-	}
-
-	public String getUsername() {
-		return this.username;
-	}
-
-	public String getLogoutUrl() {
-		return this.logoutUrl;
-	}
-
-	public String getSwitchAccountUrl() {
-		return this.switchAccountUrl;
-	}
-
-}

samples/javaconfig/users/src/main/java/sample/LoginServlet.java

@@ -1,48 +0,0 @@
-/*
- * Copyright 2014-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import java.io.IOException;
-
-import javax.servlet.ServletException;
-import javax.servlet.annotation.WebServlet;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-@WebServlet("/login")
-public class LoginServlet extends HttpServlet {
-
-	@Override
-	protected void doPost(HttpServletRequest req, HttpServletResponse resp)
-			throws ServletException, IOException {
-		String username = req.getParameter("username");
-		String password = req.getParameter("password");
-
-		if (username != null && !"".equals(username) && username.equals(password)) {
-			req.getSession().setAttribute("username", username);
-			String url = resp.encodeRedirectURL(req.getContextPath() + "/");
-			resp.sendRedirect(url);
-		}
-		else {
-			String url = resp.encodeRedirectURL(req.getContextPath() + "/?error");
-			resp.sendRedirect(url);
-		}
-	}
-
-	private static final long serialVersionUID = -8157634860354132501L;
-}

samples/javaconfig/users/src/main/java/sample/LogoutServlet.java

@@ -1,43 +0,0 @@
-/*
- * Copyright 2014-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import java.io.IOException;
-
-import javax.servlet.ServletException;
-import javax.servlet.annotation.WebServlet;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
-@WebServlet("/logout")
-public class LogoutServlet extends HttpServlet {
-
-	@Override
-	protected void doGet(HttpServletRequest req, HttpServletResponse resp)
-			throws ServletException, IOException {
-		HttpSession session = req.getSession(false);
-		if (session != null) {
-			session.invalidate();
-		}
-		String url = resp.encodeRedirectURL(req.getContextPath() + "/");
-		resp.sendRedirect(url);
-	}
-
-	private static final long serialVersionUID = 4061762524521437433L;
-}

samples/javaconfig/users/src/main/java/sample/UserAccountsFilter.java

@@ -1,104 +0,0 @@
-/*
- * Copyright 2014-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-
-import org.springframework.session.Session;
-import org.springframework.session.SessionRepository;
-import org.springframework.session.web.http.HttpSessionManager;
-
-public class UserAccountsFilter implements Filter {
-
-	public void init(FilterConfig filterConfig) throws ServletException {
-	}
-
-	@SuppressWarnings("unchecked")
-	public void doFilter(ServletRequest request, ServletResponse response,
-			FilterChain chain) throws IOException, ServletException {
-		HttpServletRequest httpRequest = (HttpServletRequest) request;
-
-		// tag::HttpSessionManager[]
-		HttpSessionManager sessionManager = (HttpSessionManager) httpRequest
-				.getAttribute(HttpSessionManager.class.getName());
-		// end::HttpSessionManager[]
-		SessionRepository<Session> repo = (SessionRepository<Session>) httpRequest
-				.getAttribute(SessionRepository.class.getName());
-
-		String currentSessionAlias = sessionManager.getCurrentSessionAlias(httpRequest);
-		Map<String, String> sessionIds = sessionManager.getSessionIds(httpRequest);
-		String unauthenticatedAlias = null;
-
-		String contextPath = httpRequest.getContextPath();
-		List<Account> accounts = new ArrayList<>();
-		Account currentAccount = null;
-		for (Map.Entry<String, String> entry : sessionIds.entrySet()) {
-			String alias = entry.getKey();
-			String sessionId = entry.getValue();
-
-			Session session = repo.getSession(sessionId);
-			if (session == null) {
-				continue;
-			}
-
-			String username = session.getAttribute("username");
-			if (username == null) {
-				unauthenticatedAlias = alias;
-				continue;
-			}
-
-			String logoutUrl = sessionManager.encodeURL("./logout", alias);
-			String switchAccountUrl = sessionManager.encodeURL("./", alias);
-			Account account = new Account(username, logoutUrl, switchAccountUrl);
-			if (currentSessionAlias.equals(alias)) {
-				currentAccount = account;
-			}
-			else {
-				accounts.add(account);
-			}
-		}
-
-		// tag::addAccountUrl[]
-		String addAlias = unauthenticatedAlias == null ? // <1>
-				sessionManager.getNewSessionAlias(httpRequest)
-				: // <2>
-				unauthenticatedAlias; // <3>
-		String addAccountUrl = sessionManager.encodeURL(contextPath, addAlias); // <4>
-		// end::addAccountUrl[]
-
-		httpRequest.setAttribute("currentAccount", currentAccount);
-		httpRequest.setAttribute("addAccountUrl", addAccountUrl);
-		httpRequest.setAttribute("accounts", accounts);
-
-		chain.doFilter(request, response);
-	}
-
-	public void destroy() {
-	}
-
-}

samples/javaconfig/users/src/main/webapp/assets/js/ie10-viewport-bug-workaround.js

@@ -1,22 +0,0 @@
-/*!
- * IE10 viewport hack for Surface/desktop Windows 8 bug
- * Copyright 2014 Twitter, Inc.
- * Licensed under the Creative Commons Attribution 3.0 Unported License. For
- * details, see http://creativecommons.org/licenses/by/3.0/.
- */
-
-// See the Getting Started docs for more information:
-// http://getbootstrap.com/getting-started/#support-ie10-width
-
-(function () {
-  'use strict';
-  if (navigator.userAgent.match(/IEMobile\/10\.0/)) {
-    var msViewportStyle = document.createElement('style')
-    msViewportStyle.appendChild(
-      document.createTextNode(
-        '@-ms-viewport{width:auto!important}'
-      )
-    )
-    document.querySelector('head').appendChild(msViewportStyle)
-  }
-})();

samples/javaconfig/users/src/main/webapp/index.jsp

@@ -1,112 +0,0 @@
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<%@ taglib prefix="wj" uri="http://www.webjars.org/tags" %>
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <title>Demonstrates Multi User Log In</title>
-    <wj:locate path="bootstrap.min.css" relativeTo="META-INF/resources" var="bootstrapCssLocation"/>
-    <link rel="stylesheet" href="<c:url value="${bootstrapCssLocation}"/>">
-    <style type="text/css">
-        body {
-            padding: 1em;
-        }
-    </style>
-</head>
-<body>
-    <div class="container">
-      <!-- Static navbar -->
-      <nav class="navbar navbar-default" role="navigation">
-        <div class="container-fluid">
-          <div class="navbar-header">
-            <a class="navbar-brand" href="https://github.com/spring-projects/spring-session/">Spring Session</a>
-          </div>
-          <div id="navbar" class="navbar-collapse collapse">
-            <ul class="nav navbar-nav">
-              <c:url value="/" var="homeUrl"/>
-              <li class="active"><a id="navHome" href="${homeUrl}">Home</a></li>
-              <li>
-                  <!-- tag::link[]
-                  -->
-                <c:url value="/link.jsp" var="linkUrl"/>
-                <a id="navLink" href="${linkUrl}">Link</a>
-              <!-- end::link[]
-                              -->
-              </li>
-            </ul>
-            <c:if test="${currentAccount != null or not empty accounts}">
-                <ul class="nav navbar-nav navbar-right">
-                  <li class="dropdown">
-                    <a id="toggle" href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false"><c:out value="${username}"/> <span class="caret"></span></a>
-                    <ul id="user-menu" class="dropdown-menu" role="menu">
-                      <c:if test="${currentAccount != null}">
-                          <li><a id="logout" href="${currentAccount.logoutUrl}">Log Out</a></li>
-                          <li><a id="addAccount" href="${addAccountUrl}">Add Account</a></li>
-                      </c:if>
-                      <c:if test="${not empty accounts}">
-                          <li class="divider"></li>
-                          <li class="dropdown-header">Switch Account</li>
-                          <li class="divider"></li>
-                      </c:if>
-                      <c:forEach items="${accounts}" var="account">
-                          <c:set var="encodedUsername">
-                            <c:out value="${account.username}"/>
-                          </c:set>
-                          <li><a id="switchAccount${encodedUsername}" href="${account.switchAccountUrl}"><c:out value="${account.username}"/></a></li>
-                      </c:forEach>
-                    </ul>
-                  </li>
-                </ul>
-            </c:if>
-          </div><!--/.nav-collapse -->
-        </div><!--/.container-fluid -->
-      </nav>
-
-        <h1>Description</h1>
-        <p>This application demonstrates how to use Spring Session to authenticate as multiple users at a time. View authenticated users in the upper right corner.</p>
-
-        <c:choose>
-            <c:when test="${username == null}">
-                <h1>Please Log In</h1>
-                <p>You are not currently authenticated with this session. You can authenticate with any username password combination that are equal. A few examples to try:</p>
-                <ul>
-                    <li><b>Username</b> rob and <b>Password</b> rob</li>
-                    <li><b>Username</b> luke and <b>Password</b> luke</li>
-                </ul>
-                <c:if test="${param.error != null}">
-                    <div id="error" class="alert alert-danger">Invalid username / password. Please ensure the username is the same as the password.</div>
-                </c:if>
-                <c:url value="/login" var="loginUrl"/>
-                <form action="${loginUrl}" method="post">
-                    <div class="form-group">
-                        <label for="username">Username</label>
-                        <input id="username" type="text" name="username"/>
-                    </div>
-                    <div class="form-group">
-                        <label for="password">Password</label>
-                        <input id="password" type="password" name="password"/>
-                    </div>
-                    <input type="submit" value="Login"/>
-                </form>
-            </c:when>
-            <c:otherwise>
-                <h1 id="un"><c:out value="${username}"/></h1>
-                <p>You are authenticated as <b><c:out value="${username}"/></b>. Observe that you can <a href="${linkUrl}">navigate links</a> and the correct session is used. Using the links in the upper right corner you can:</p>
-                <ul>
-                    <li>Log Out</li>
-                    <li>Switch Accounts</li>
-                    <li>Add Account</li>
-                   </ul>
-            </c:otherwise>
-        </c:choose>
-    </div>
-    <!-- Bootstrap core JavaScript
-    ================================================== -->
-    <!-- Placed at the end of the document so the pages load faster -->
-    <wj:locate path="jquery.min.js" relativeTo="META-INF/resources" var="jqueryLocation"/>
-    <script src="<c:url value="${jqueryLocation}"/>"></script>
-    <wj:locate path="bootstrap.min.js" relativeTo="META-INF/resources" var="bootstrapJsLocation"/>
-    <script src="<c:url value="${bootstrapJsLocation}"/>"></script>
-    <!-- IE10 viewport hack for Surface/desktop Windows 8 bug -->
-    <script src="<c:url value="/assets/js/ie10-viewport-bug-workaround.js"/>"></script>
-</body>
-</html>

samples/javaconfig/users/src/main/webapp/link.jsp

@@ -1,85 +0,0 @@
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<%@ taglib prefix="wj" uri="http://www.webjars.org/tags" %>
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <title>Linked Page</title>
-    <wj:locate path="bootstrap.min.css" relativeTo="META-INF/resources" var="bootstrapCssLocation"/>
-    <link rel="stylesheet" href="<c:url value="${bootstrapCssLocation}"/>">
-    <style type="text/css">
-        body {
-            padding: 1em;
-        }
-    </style>
-</head>
-<body>
-    <div class="container">
-      <!-- Static navbar -->
-      <nav class="navbar navbar-default" role="navigation">
-        <div class="container-fluid">
-          <div class="navbar-header">
-            <a class="navbar-brand" href="https://github.com/spring-projects/spring-session/">Spring Session</a>
-          </div>
-          <div id="navbar" class="navbar-collapse collapse">
-            <ul class="nav navbar-nav">
-              <c:url value="/" var="homeUrl"/>
-              <li><a id="navHome" href="${homeUrl}">Home</a></li>
-              <c:url value="/link.jsp" var="linkUrl"/>
-              <li class="active"><a id="navLink" href="${linkUrl}">Link</a></li>
-
-            </ul>
-            <c:if test="${currentAccount != null or not empty accounts}">
-                <ul class="nav navbar-nav navbar-right">
-                  <li class="dropdown">
-                    <a id="toggle" href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false"><c:out value="${username}"/> <span class="caret"></span></a>
-                    <ul id="user-menu" class="dropdown-menu" role="menu">
-                      <c:if test="${currentAccount != null}">
-                          <li><a id="logout" href="${currentAccount.logoutUrl}">Log Out</a></li>
-                          <li><a id="addAccount" href="${addAccountUrl}">Add Account</a></li>
-                      </c:if>
-                      <c:if test="${not empty accounts}">
-                          <li class="divider"></li>
-                          <li class="dropdown-header">Switch Account</li>
-                          <li class="divider"></li>
-                      </c:if>
-                      <c:forEach items="${accounts}" var="account">
-                          <li><a id="switchAccount${account.username}" href="${account.switchAccountUrl}"><c:out value="${account.username}"/></a></li>
-                      </c:forEach>
-                    </ul>
-                  </li>
-                </ul>
-            </c:if>
-          </div><!--/.nav-collapse -->
-        </div><!--/.container-fluid -->
-      </nav>
-
-        <h1>Description</h1>
-        <p>This page demonstrates how we keep track of the correct user session between links even when multiple tabs are open. Try opening another tab with a different user and browse. Then come back to the original tab and see the correct user is maintained.</p>
-
-        <c:choose>
-            <c:when test="${username == null}">
-                <h1>Please Log In</h1>
-                <p>You are not currently authenticated with this session. <a href="${homeUrl}">Log In</a></p>
-            </c:when>
-            <c:otherwise>
-                <h1 id="un"><c:out value="${username}"/></h1>
-                <p>You are authenticated as <b><c:out value="${username}"/></b>. Observe that you can <a href="${linkUrl}">navigate links</a> and the correct session is used. Using the links in the upper right corner you can:</p>
-                <ul>
-                    <li>Log Out</li>
-                    <li>Switch Accounts</li>
-                    <li>Add Account</li>
-                   </ul>
-            </c:otherwise>
-        </c:choose>
-    </div>
-    <!-- Bootstrap core JavaScript
-    ================================================== -->
-    <!-- Placed at the end of the document so the pages load faster -->
-    <wj:locate path="jquery.min.js" relativeTo="META-INF/resources" var="jqueryLocation"/>
-    <script src="<c:url value="${jqueryLocation}"/>"></script>
-    <wj:locate path="bootstrap.min.js" relativeTo="META-INF/resources" var="bootstrapJsLocation"/>
-    <script src="<c:url value="${bootstrapJsLocation}"/>"></script>
-    <!-- IE10 viewport hack for Surface/desktop Windows 8 bug -->
-    <script src="<c:url value="/assets/js/ie10-viewport-bug-workaround.js"/>"></script>
-</body>
-</html>

samples/javaconfig/webflux/spring-session-sample-javaconfig-webflux.gradle

@@ -0,0 +1,23 @@
+apply plugin: 'io.spring.convention.spring-sample'
+
+dependencies {
+	compile project(':spring-session-data-redis')
+	compile 'io.lettuce:lettuce-core'
+	compile 'io.netty:netty-buffer'
+	compile 'io.projectreactor.ipc:reactor-netty'
+	compile 'org.springframework:spring-context'
+	compile 'org.springframework:spring-web'
+	compile 'org.springframework:spring-webflux'
+	compile 'org.thymeleaf.extras:thymeleaf-extras-java8time'
+	compile 'org.thymeleaf:thymeleaf-spring5'
+	compile 'org.webjars:bootstrap'
+	compile 'org.webjars:webjars-taglib'
+	compile jstlDependencies
+	compile slf4jDependencies
+	compile 'org.testcontainers:testcontainers'
+
+	testCompile 'junit:junit'
+	testCompile 'org.assertj:assertj-core'
+
+	integrationTestCompile seleniumDependencies
+}

samples/javaconfig/webflux/src/integration-test/java/sample/AttributeTests.java

@@ -0,0 +1,90 @@
+/*
+ * Copyright 2014-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample;
+
+
+import java.util.List;
+
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.openqa.selenium.WebDriver;
+import org.openqa.selenium.htmlunit.HtmlUnitDriver;
+import sample.pages.HomePage;
+import sample.pages.HomePage.Attribute;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+/**
+ * @author Eddú Meléndez
+ * @author Rob Winch
+ */
+@RunWith(SpringRunner.class)
+@ContextConfiguration(classes = HelloWebfluxApplication.class)
+@TestPropertySource(properties = { "spring.profiles.active=embedded-redis", "server.port=0" })
+public class AttributeTests {
+	@Value("#{@nettyContext.address().getPort()}")
+	int port;
+
+	private WebDriver driver;
+
+	@Before
+	public void setup() {
+		this.driver = new HtmlUnitDriver();
+	}
+
+	@After
+	public void tearDown() {
+		this.driver.quit();
+	}
+
+	@Test
+	public void home() {
+		HomePage home = HomePage.go(this.driver, this.port);
+		home.assertAt();
+	}
+
+	@Test
+	public void noAttributes() {
+		HomePage home = HomePage.go(this.driver, this.port);
+		assertThat(home.attributes()).isEmpty();
+	}
+
+	@Test
+	public void createAttribute() {
+		HomePage home = HomePage.go(this.driver, this.port);
+		// @formatter:off
+		home = home.form()
+				.attributeName("a")
+				.attributeValue("b")
+				.submit(HomePage.class);
+		// @formatter:on
+
+		List<Attribute> attributes = home.attributes();
+		assertThat(attributes).hasSize(1);
+		Attribute row = attributes.get(0);
+		assertThat(row.getAttributeName()).isEqualTo("a");
+		assertThat(row.getAttributeValue()).isEqualTo("b");
+	}
+
+}

samples/javaconfig/webflux/src/integration-test/java/sample/pages/HomePage.java

@@ -0,0 +1,135 @@
+/*
+ * Copyright 2014-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample.pages;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.openqa.selenium.SearchContext;
+import org.openqa.selenium.WebDriver;
+import org.openqa.selenium.WebElement;
+import org.openqa.selenium.support.FindBy;
+import org.openqa.selenium.support.PageFactory;
+import org.openqa.selenium.support.pagefactory.DefaultElementLocatorFactory;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+/**
+ * @author Eddú Meléndez
+ * @author Rob Winch
+ */
+public class HomePage {
+
+	private WebDriver driver;
+
+	@FindBy(css = "form")
+	WebElement form;
+
+	@FindBy(css = "table tbody tr")
+	List<WebElement> trs;
+
+	List<Attribute> attributes;
+
+	public HomePage(WebDriver driver) {
+		this.driver = driver;
+		this.attributes = new ArrayList<>();
+	}
+
+	private static void get(WebDriver driver, int port, String get) {
+		String baseUrl = "http://localhost:" + port;
+		driver.get(baseUrl + get);
+	}
+
+	public static HomePage go(WebDriver driver, int port) {
+		get(driver, port, "/");
+		return PageFactory.initElements(driver, HomePage.class);
+	}
+
+	public void assertAt() {
+		assertThat(this.driver.getTitle()).isEqualTo("Session Attributes");
+	}
+
+	public List<Attribute> attributes() {
+		List<Attribute> rows = new ArrayList<>();
+		for (WebElement tr : this.trs) {
+			rows.add(new Attribute(tr));
+		}
+		this.attributes.addAll(rows);
+		return this.attributes;
+	}
+
+	public Form form() {
+		return new Form(this.form);
+	}
+
+	public class Form {
+		@FindBy(name = "attributeName")
+		WebElement attributeName;
+
+		@FindBy(name = "attributeValue")
+		WebElement attributeValue;
+
+		@FindBy(css = "input[type=\"submit\"]")
+		WebElement submit;
+
+		public Form(SearchContext context) {
+			PageFactory.initElements(new DefaultElementLocatorFactory(context), this);
+		}
+
+		public Form attributeName(String text) {
+			this.attributeName.sendKeys(text);
+			return this;
+		}
+
+		public Form attributeValue(String text) {
+			this.attributeValue.sendKeys(text);
+			return this;
+		}
+
+		public <T> T submit(Class<T> page) {
+			this.submit.click();
+			return PageFactory.initElements(HomePage.this.driver, page);
+		}
+	}
+
+	public static class Attribute {
+		@FindBy(xpath = ".//td[1]")
+		WebElement attributeName;
+
+		@FindBy(xpath = ".//td[2]")
+		WebElement attributeValue;
+
+		public Attribute(SearchContext context) {
+			PageFactory.initElements(new DefaultElementLocatorFactory(context), this);
+		}
+
+		/**
+		 * @return the attributeName
+		 */
+		public String getAttributeName() {
+			return this.attributeName.getText();
+		}
+
+		/**
+		 * @return the attributeValue
+		 */
+		public String getAttributeValue() {
+			return this.attributeValue.getText();
+		}
+	}
+
+}

samples/javaconfig/webflux/src/main/java/sample/EmbeddedRedisConfig.java

@@ -0,0 +1,59 @@
+/*
+ * Copyright 2014-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample;
+
+import java.io.IOException;
+
+import org.testcontainers.containers.GenericContainer;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.springframework.context.annotation.Profile;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+
+@Configuration
+@Profile("embedded-redis")
+public class EmbeddedRedisConfig {
+
+	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.2";
+
+	@Bean(initMethod = "start")
+	public GenericContainer redisContainer() {
+		return new GenericContainer(REDIS_DOCKER_IMAGE) {
+
+			@Override
+			public void close() {
+				super.close();
+				try {
+					this.dockerClient.close();
+				}
+				catch (IOException ignored) {
+				}
+			}
+
+		}.withExposedPorts(6379);
+	}
+
+	@Bean
+	@Primary
+	public LettuceConnectionFactory redisConnectionFactory() {
+		return new LettuceConnectionFactory(redisContainer().getContainerIpAddress(),
+				redisContainer().getFirstMappedPort());
+	}
+
+}

samples/javaconfig/webflux/src/main/java/sample/HelloWebfluxApplication.java

@@ -0,0 +1,58 @@
+/*
+ * Copyright 2014-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample;
+
+import reactor.ipc.netty.NettyContext;
+import reactor.ipc.netty.http.server.HttpServer;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.annotation.AnnotationConfigApplicationContext;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.server.reactive.HttpHandler;
+import org.springframework.http.server.reactive.ReactorHttpHandlerAdapter;
+import org.springframework.web.reactive.config.EnableWebFlux;
+import org.springframework.web.server.adapter.WebHttpHandlerBuilder;
+
+/**
+ * @author Rob Winch
+ * @since 5.0
+ */
+@Configuration
+@EnableWebFlux
+@ComponentScan
+public class HelloWebfluxApplication {
+	@Value("${server.port:8080}")
+	private int port = 8080;
+
+	public static void main(String[] args) throws Exception {
+		try (AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext(
+				HelloWebfluxApplication.class)) {
+			context.getBean(NettyContext.class).onClose().block();
+		}
+	}
+
+	@Bean
+	public NettyContext nettyContext(ApplicationContext context) {
+		HttpHandler handler = WebHttpHandlerBuilder.applicationContext(context).build();
+		ReactorHttpHandlerAdapter adapter = new ReactorHttpHandlerAdapter(handler);
+		HttpServer httpServer = HttpServer.create("localhost", this.port);
+		return httpServer.newHandler(adapter).block();
+	}
+}

samples/javaconfig/webflux/src/main/java/sample/HelloWebfluxSessionConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,21 +17,17 @@
 package sample;
 
 import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
 import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
-import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
-
-/**
- * @author Rob Winch
- */
+import org.springframework.session.data.redis.config.annotation.web.server.EnableRedisWebSession;
 
+@Import(EmbeddedRedisConfig.class)
 // tag::class[]
-@Configuration
-@EnableRedisHttpSession
-public class Config {
+@EnableRedisWebSession
+public class HelloWebfluxSessionConfig {
 
 	@Bean
-	public LettuceConnectionFactory connectionFactory() {
+	public LettuceConnectionFactory lettuceConnectionFactory() {
 		return new LettuceConnectionFactory();
 	}
 }