Release 2.0.0.RELEASE

Closes gh-842

LICENSE.txt

@@ -0,0 +1,202 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

README.adoc

@@ -1,26 +1,32 @@
-image:https://badges.gitter.im/spring-projects/spring-session.svg[link="https://gitter.im/spring-projects/spring-session?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge"]
-
-image:https://travis-ci.org/spring-projects/spring-session.svg?branch=master["Build Status", link="https://travis-ci.org/spring-projects/spring-session"]
-
 = Spring Session
-Rob Winch
 
-Spring Session aims to provide a common infrastructure for managing sessions. This provides many benefits including:
+image:https://travis-ci.org/spring-projects/spring-session.svg?branch=master["Build Status", link="https://travis-ci.org/spring-projects/spring-session"] image:https://badges.gitter.im/spring-projects/spring-session.svg[link="https://gitter.im/spring-projects/spring-session?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge"]
 
-* Accessing a session from any environment (i.e. web, messaging infrastructure, etc)
-* In a web environment
-** Support for clustering in a vendor neutral way
-** Pluggable strategy for determining the session id
-** Easily keep the HttpSession alive when a WebSocket is active
+Spring Session provides an API and implementations for managing a user's session information, while also making it trivial to support clustered sessions without being tied to an application container specific solution.
+It also provides transparent integration with:
+
+* `HttpSession` - allows replacing the `HttpSession` in an application container (i.e. Tomcat) neutral way, with support for providing session IDs in headers to work with RESTful APIs.
+* `WebSocket` - provides the ability to keep the `HttpSession` alive when receiving WebSocket messages
+* `WebSession` - allows replacing the Spring WebFlux's `WebSession` in an application container neutral way.
+
+== Modules
+
+Spring Session consists of the following modules:
+
+* Spring Session Core - provides core Spring Session functionalities and APIs
+* Spring Session Data Redis - provides `SessionRepository` and `ReactiveSessionRepository` implementation backed by Redis and configuration support
+* Spring Session JDBC - provides `SessionRepository` implementation backed by a relational database and configuration support
+* Spring Session Hazelcast - provides `SessionRepository` implementation backed by Hazelcast and configuration support
 
 == Code of Conduct
+
 This project adheres to the Contributor Covenant link:CODE_OF_CONDUCT.adoc[code of conduct].
 By participating, you  are expected to uphold this code. Please report unacceptable behavior to spring-code-of-conduct@pivotal.io.
 
-= Spring Session Project Site
+== Spring Session Project Site
 
 You can find the documentation, issue management, support, samples, and guides for using Spring Session at http://projects.spring.io/spring-session/
 
-= License
+== License
 
 Spring Session is Open Source software released under the http://www.apache.org/licenses/LICENSE-2.0.html[Apache 2.0 license].

build.gradle

@@ -1,6 +1,6 @@
 buildscript {
 	dependencies {
-		classpath 'io.spring.gradle:spring-build-conventions:0.0.4.RELEASE'
+		classpath 'io.spring.gradle:spring-build-conventions:0.0.8.RELEASE'
 		classpath "org.springframework.boot:spring-boot-gradle-plugin:$springBootVersion"
 	}
 	repositories {

docs/spring-session-docs.gradle

@@ -6,20 +6,20 @@ dependencies {
 	testCompile project(':spring-session-data-redis')
 	testCompile project(':spring-session-hazelcast')
 	testCompile project(':spring-session-jdbc')
-	testCompile "org.springframework:spring-jdbc"
-	testCompile "org.springframework:spring-messaging"
-	testCompile "org.springframework:spring-webmvc"
-	testCompile "org.springframework:spring-websocket"
-	testCompile "org.springframework.security:spring-security-config"
-	testCompile "org.springframework.security:spring-security-web"
-	testCompile "org.springframework.security:spring-security-test"
-	testCompile "junit:junit"
-	testCompile "org.mockito:mockito-core"
-	testCompile "org.springframework:spring-test"
-	testCompile "org.assertj:assertj-core"
-	testCompile "com.hazelcast:hazelcast"
-	testCompile "io.lettuce:lettuce-core"
-	testCompile "javax.servlet:javax.servlet-api"
+	testCompile 'org.springframework:spring-jdbc'
+	testCompile 'org.springframework:spring-messaging'
+	testCompile 'org.springframework:spring-webmvc'
+	testCompile 'org.springframework:spring-websocket'
+	testCompile 'org.springframework.security:spring-security-config'
+	testCompile 'org.springframework.security:spring-security-web'
+	testCompile 'org.springframework.security:spring-security-test'
+	testCompile 'junit:junit'
+	testCompile 'org.mockito:mockito-core'
+	testCompile 'org.springframework:spring-test'
+	testCompile 'org.assertj:assertj-core'
+	testCompile 'com.hazelcast:hazelcast'
+	testCompile 'io.lettuce:lettuce-core'
+	testCompile 'javax.servlet:javax.servlet-api'
 }
 
 def versions = dependencyManagement.managedVersions
@@ -27,19 +27,22 @@ def versions = dependencyManagement.managedVersions
 asciidoctor {
 	def ghTag = snapshotBuild ? 'master' : project.version
 	def ghUrl = "https://github.com/spring-projects/spring-session/tree/$ghTag"
-	attributes	'version-snapshot': snapshotBuild,
+
+	attributes 'docs-itest-dir': "$rootProject.projectDir.path/docs/src/integration-test/java/",
+			'docs-test-dir': "$rootProject.projectDir.path/docs/src/test/java/",
+			'docs-test-resources-dir': "$rootProject.projectDir.path/docs/src/test/resources/",
+			'download-url': "https://github.com/spring-projects/spring-session/archive/${ghTag}.zip",
+			'gh-samples-url': "$ghUrl/samples/",
+			'gh-url': ghUrl,
+			'hazelcast-version': versions['com.hazelcast:hazelcast'],
+			'lettuce-version': versions['io.lettuce:lettuce-core'],
+			'samples-dir': "$rootProject.projectDir.path/samples/",
+			'session-jdbc-main-resources-dir': "${project(':spring-session-jdbc').projectDir.path}/src/main/resources/",
+			'spring-data-redis-version': versions['org.springframework.data:spring-data-redis'],
+			'spring-framework-version': versions['org.springframework:spring-core'],
+			'spring-security-version': versions['org.springframework.security:spring-security-core'],
+			'spring-session-version': project.version,
 			'version-milestone': milestoneBuild,
 			'version-release': releaseBuild,
-			'gh-url': ghUrl,
-			'gh-samples-url': "$ghUrl/samples/",
-			'download-url' : "https://github.com/spring-projects/spring-session/archive/${ghTag}.zip",
-			'spring-session-version' : version,
-			'spring-version' : versions['org.springframework:spring-core'],
-			'lettuce-version' : versions['io.lettuce:lettuce-core'],
-			'hazelcast-version' : versions['com.hazelcast:hazelcast'],
-			'docs-itest-dir' : rootProject.projectDir.path + '/docs/src/integration-test/java/',
-			'docs-test-dir' : rootProject.projectDir.path + '/docs/src/test/java/',
-			'docs-test-resources-dir' : rootProject.projectDir.path + '/docs/src/test/resources/',
-			'samples-dir' : rootProject.projectDir.path + '/samples/',
-			'session-jdbc-main-resources-dir' : project(':spring-session-jdbc').projectDir.path + '/src/main/resources/'
+			'version-snapshot': snapshotBuild
 }

docs/src/docs/asciidoc/guides/boot-findbyusername.adoc

@@ -108,7 +108,7 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 
 [NOTE]
 ====
-For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
+For the sample to work, you must https://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
 Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
 Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====

docs/src/docs/asciidoc/guides/boot-jdbc.adoc

@@ -54,7 +54,7 @@ spring.session.jdbc.schema=classpath:org/springframework/session/jdbc/schema-@@p
 spring.session.jdbc.table-name=SPRING_SESSION # Name of database table used to store sessions.
 ----
 
-For more information, refer to http://docs.spring.io/spring-boot/docs/{spring-boot-version}/reference/htmlsingle/#boot-features-session[Spring Session] portion of the Spring Boot documentation.
+For more information, refer to https://docs.spring.io/spring-boot/docs/{spring-boot-version}/reference/htmlsingle/#boot-features-session[Spring Session] portion of the Spring Boot documentation.
 
 [[httpsession-jdbc-boot-configuration]]
 == Configuring the DataSource
@@ -70,7 +70,7 @@ spring.datasource.username=myapp
 spring.datasource.password=secret
 ----
 
-For more information, refer to http://docs.spring.io/spring-boot/docs/{spring-boot-version}/reference/htmlsingle/#boot-features-configure-datasource[Configure a DataSource] portion of the Spring Boot documentation.
+For more information, refer to https://docs.spring.io/spring-boot/docs/{spring-boot-version}/reference/htmlsingle/#boot-features-configure-datasource[Configure a DataSource] portion of the Spring Boot documentation.
 
 [[httpsession-jdbc-boot-servlet-configuration]]
 == Servlet Container Initialization
@@ -120,7 +120,7 @@ Spring Session replaces the `HttpSession` with an implementation that is backed
 When Spring Security's `SecurityContextPersistenceFilter` saves the `SecurityContext` to the `HttpSession` it is then persisted into H2 database.
 
 When a new `HttpSession` is created, Spring Session creates a cookie named SESSION in your browser that contains the id of your session.
-Go ahead and view the cookies (click for help with https://developer.chrome.com/devtools/docs/resources#cookies[Chrome] or https://getfirebug.com/wiki/index.php/Cookies_Panel#Cookies_List[Firefox]).
+Go ahead and view the cookies (click for help with https://developers.google.com/web/tools/chrome-devtools/manage-data/cookies[Chrome] or https://developer.mozilla.org/en-US/docs/Tools/Storage_Inspector[Firefox]).
 
 If you like, you can easily remove the session using H2 web console available at: http://localhost:8080/h2-console/ (use `jdbc:h2:mem:testdb` for JDBC URL)
 

docs/src/docs/asciidoc/guides/boot-redis.adoc

@@ -51,7 +51,7 @@ spring.session.redis.flush-mode= # Sessions flush mode.
 spring.session.redis.namespace= # Namespace for keys used to store sessions.
 ----
 
-For more information, refer to http://docs.spring.io/spring-boot/docs/{spring-boot-version}/reference/htmlsingle/#boot-features-session[Spring Session] portion of the Spring Boot documentation.
+For more information, refer to https://docs.spring.io/spring-boot/docs/{spring-boot-version}/reference/htmlsingle/#boot-features-session[Spring Session] portion of the Spring Boot documentation.
 
 [[boot-redis-configuration]]
 == Configuring the Redis Connection
@@ -67,7 +67,7 @@ spring.redis.password=secret
 spring.redis.port=6379
 ----
 
-For more information, refer to http://docs.spring.io/spring-boot/docs/{spring-boot-version}/reference/htmlsingle/#boot-features-connecting-to-redis[Connecting to Redis] portion of the Spring Boot documentation.
+For more information, refer to https://docs.spring.io/spring-boot/docs/{spring-boot-version}/reference/htmlsingle/#boot-features-connecting-to-redis[Connecting to Redis] portion of the Spring Boot documentation.
 
 [[boot-servlet-configuration]]
 == Servlet Container Initialization
@@ -91,7 +91,7 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 
 [NOTE]
 ====
-For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
+For the sample to work, you must https://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
 Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
 Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
@@ -122,13 +122,13 @@ Spring Session replaces the `HttpSession` with an implementation that is backed
 When Spring Security's `SecurityContextPersistenceFilter` saves the `SecurityContext` to the `HttpSession` it is then persisted into Redis.
 
 When a new `HttpSession` is created, Spring Session creates a cookie named SESSION in your browser that contains the id of your session.
-Go ahead and view the cookies (click for help with https://developer.chrome.com/devtools/docs/resources#cookies[Chrome] or https://getfirebug.com/wiki/index.php/Cookies_Panel#Cookies_List[Firefox]).
+Go ahead and view the cookies (click for help with https://developers.google.com/web/tools/chrome-devtools/manage-data/cookies[Chrome] or https://developer.mozilla.org/en-US/docs/Tools/Storage_Inspector[Firefox]).
 
 If you like, you can easily remove the session using redis-cli. For example, on a Linux based system you can type:
 
 	$ redis-cli keys '*' | xargs redis-cli del
 
-TIP: The Redis documentation has instructions for http://redis.io/topics/quickstart[installing redis-cli].
+TIP: The Redis documentation has instructions for https://redis.io/topics/quickstart[installing redis-cli].
 
 Alternatively, you can also delete the explicit key. Enter the following into your terminal ensuring to replace `7e8383a4-082c-4ffe-a4bc-c40fd3363c5e` with the value of your SESSION cookie:
 

docs/src/docs/asciidoc/guides/boot-websocket.adoc

@@ -83,7 +83,7 @@ server.session.timeout=60
 
 [NOTE]
 ====
-For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
+For the sample to work, you must https://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
 Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
 Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====

docs/src/docs/asciidoc/guides/grails3.adoc

@@ -70,7 +70,7 @@ spring:
     port: 6397
 ----
 
-For more information, refer to http://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#boot-features-connecting-to-redis[Connecting to Redis] portion of the Spring Boot documentation.
+For more information, refer to https://docs.spring.io/spring-boot/docs/{spring-boot-version}/reference/htmlsingle/#boot-features-connecting-to-redis[Connecting to Redis] portion of the Spring Boot documentation.
 
 [[grails3-sample]]
 == Grails 3 Sample Application
@@ -84,7 +84,7 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 
 [NOTE]
 ====
-For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
+For the sample to work, you must https://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
 Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
 Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
@@ -115,13 +115,13 @@ Spring Session replaces the `HttpSession` with an implementation that is backed
 When Spring Security's `SecurityContextPersistenceFilter` saves the `SecurityContext` to the `HttpSession` it is then persisted into Redis.
 
 When a new `HttpSession` is created, Spring Session creates a cookie named SESSION in your browser that contains the id of your session.
-Go ahead and view the cookies (click for help with https://developer.chrome.com/devtools/docs/resources#cookies[Chrome] or https://getfirebug.com/wiki/index.php/Cookies_Panel#Cookies_List[Firefox]).
+Go ahead and view the cookies (click for help with https://developers.google.com/web/tools/chrome-devtools/manage-data/cookies[Chrome] or https://developer.mozilla.org/en-US/docs/Tools/Storage_Inspector[Firefox]).
 
 If you like, you can easily remove the session using redis-cli. For example, on a Linux based system you can type:
 
 	$ redis-cli keys '*' | xargs redis-cli del
 
-TIP: The Redis documentation has instructions for http://redis.io/topics/quickstart[installing redis-cli].
+TIP: The Redis documentation has instructions for https://redis.io/topics/quickstart[installing redis-cli].
 
 Alternatively, you can also delete the explicit key. Enter the following into your terminal ensuring to replace `7e8383a4-082c-4ffe-a4bc-c40fd3363c5e` with the value of your SESSION cookie:
 

docs/src/docs/asciidoc/guides/java-custom-cookie.adoc

@@ -78,7 +78,7 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 
 [NOTE]
 ====
-For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
+For the sample to work, you must https://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
 Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
 Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====

docs/src/docs/asciidoc/guides/java-hazelcast.adoc

@@ -26,7 +26,7 @@ If you are using Maven, ensure to add the following dependencies:
 	<dependency>
 		<groupId>org.springframework</groupId>
 		<artifactId>spring-web</artifactId>
-		<version>{spring-version}</version>
+		<version>{spring-framework-version}</version>
 	</dependency>
 </dependencies>
 ----
@@ -85,7 +85,7 @@ In this instance Spring Session is backed by Hazelcast.
 Spring Session provides `PrincipalNameExtractor` for this purpose.
 <3> We create a `HazelcastInstance` that connects Spring Session to Hazelcast.
 By default, an embedded instance of Hazelcast is started and connected to by the application.
-For more information on configuring Hazelcast, refer to the http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#hazelcast-configuration[reference documentation].
+For more information on configuring Hazelcast, refer to the http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#hazelcast-configuration[reference documentation].
 
 == Servlet Container Initialization
 
@@ -130,7 +130,7 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 ====
 Hazelcast will run in embedded mode with your application by default, but if you want to connect
 to a stand alone instance instead, you can configure it by following the instructions in the
-http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#hazelcast-configuration[reference documentation].
+http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#hazelcast-configuration[reference documentation].
 ====
 
 ----
@@ -157,13 +157,13 @@ Spring Session replaces the `HttpSession` with an implementation that is backed
 When Spring Security's `SecurityContextPersistenceFilter` saves the `SecurityContext` to the `HttpSession` it is then persisted into Hazelcast.
 
 When a new `HttpSession` is created, Spring Session creates a cookie named SESSION in your browser that contains the id of your session.
-Go ahead and view the cookies (click for help with https://developer.chrome.com/devtools/docs/resources#cookies[Chrome] or https://getfirebug.com/wiki/index.php/Cookies_Panel#Cookies_List[Firefox]).
+Go ahead and view the cookies (click for help with https://developers.google.com/web/tools/chrome-devtools/manage-data/cookies[Chrome] or https://developer.mozilla.org/en-US/docs/Tools/Storage_Inspector[Firefox]).
 
 === Interact with the data store
 
-If you like, you can remove the session using http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#hazelcast-java-client[a Java client],
-http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#other-client-implementations[one of the other clients], or the
-http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#management-center[management center].
+If you like, you can remove the session using http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#hazelcast-java-client[a Java client],
+http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#other-client-implementations[one of the other clients], or the
+http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#management-center[management center].
 
 ==== Using the console
 
@@ -172,7 +172,7 @@ For example, using the management center console after connecting to your Hazelc
 	default> ns spring:session:sessions
 	spring:session:sessions> m.clear
 
-TIP: The Hazelcast documentation has instructions for http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#executing-console-commands[the console].
+TIP: The Hazelcast documentation has instructions for http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#executing-console-commands[the console].
 
 Alternatively, you can also delete the explicit key. Enter the following into the console ensuring to replace `7e8383a4-082c-4ffe-a4bc-c40fd3363c5e` with the value of your SESSION cookie:
 
@@ -183,7 +183,7 @@ Now visit the application at http://localhost:8080/ and observe that we are no l
 ==== Using the REST API
 
 As described in the other clients section of the documentation, there is a 
-http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#rest-client[REST API]
+http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#rest-client[REST API]
 provided by the Hazelcast node(s).
 
 For example, you could delete an individual key as follows (replacing `7e8383a4-082c-4ffe-a4bc-c40fd3363c5e` with the value of your SESSION cookie):

docs/src/docs/asciidoc/guides/java-jdbc.adoc

@@ -26,7 +26,7 @@ If you are using Maven, ensure to add the following dependencies:
 	<dependency>
 		<groupId>org.springframework</groupId>
 		<artifactId>spring-web</artifactId>
-		<version>{spring-version}</version>
+		<version>{spring-framework-version}</version>
 	</dependency>
 </dependencies>
 ----
@@ -85,7 +85,7 @@ In this instance Spring Session is backed by a relational database.
 We configure the H2 database to create database tables using the SQL script which is included in Spring Session.
 <3> We create a `transactionManager` that manages transactions for previously configured `dataSource`.
 
-For additional information on how to configure data access related concerns, please refer to the http://docs.spring.io/spring/docs/current/spring-framework-reference/html/spring-data-tier.html[Spring Framework Reference Documentation].
+For additional information on how to configure data access related concerns, please refer to the https://docs.spring.io/spring/docs/{spring-framework-version}/spring-framework-reference/data-access.html[Spring Framework Reference Documentation].
 
 == Java Servlet Container Initialization
 
@@ -145,7 +145,7 @@ include::{samples-dir}javaconfig/jdbc/src/main/java/sample/SessionServlet.java[t
 
 Instead of using Tomcat's `HttpSession`, we are actually persisting the values in H2 database.
 Spring Session creates a cookie named SESSION in your browser that contains the id of your session.
-Go ahead and view the cookies (click for help with https://developer.chrome.com/devtools/docs/resources#cookies[Chrome] or https://getfirebug.com/wiki/index.php/Cookies_Panel#Cookies_List[Firefox]).
+Go ahead and view the cookies (click for help with https://developers.google.com/web/tools/chrome-devtools/manage-data/cookies[Chrome] or https://developer.mozilla.org/en-US/docs/Tools/Storage_Inspector[Firefox]).
 
 If you like, you can easily remove the session using H2 web console available at: http://localhost:8080/h2-console/ (use `jdbc:h2:mem:testdb` for JDBC URL)
 

docs/src/docs/asciidoc/guides/java-redis.adoc

@@ -31,7 +31,7 @@ If you are using Maven, ensure to add the following dependencies:
 	<dependency>
 		<groupId>org.springframework</groupId>
 		<artifactId>spring-web</artifactId>
-		<version>{spring-version}</version>
+		<version>{spring-framework-version}</version>
 	</dependency>
 </dependencies>
 ----
@@ -88,7 +88,7 @@ The filter is what is in charge of replacing the `HttpSession` implementation to
 In this instance Spring Session is backed by Redis.
 <2> We create a `RedisConnectionFactory` that connects Spring Session to the Redis Server.
 We configure the connection to connect to localhost on the default port (6379)
-For more information on configuring Spring Data Redis, refer to the http://docs.spring.io/spring-data/data-redis/docs/current/reference/html/[reference documentation].
+For more information on configuring Spring Data Redis, refer to the https://docs.spring.io/spring-data/data-redis/docs/{spring-data-redis-version}/reference/html/[reference documentation].
 
 == Java Servlet Container Initialization
 
@@ -125,7 +125,7 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 
 [NOTE]
 ====
-For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
+For the sample to work, you must https://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
 Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
 Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
@@ -157,13 +157,13 @@ include::{samples-dir}javaconfig/redis/src/main/java/sample/SessionServlet.java[
 
 Instead of using Tomcat's `HttpSession`, we are actually persisting the values in Redis.
 Spring Session creates a cookie named SESSION in your browser that contains the id of your session.
-Go ahead and view the cookies (click for help with https://developer.chrome.com/devtools/docs/resources#cookies[Chrome] or https://getfirebug.com/wiki/index.php/Cookies_Panel#Cookies_List[Firefox]).
+Go ahead and view the cookies (click for help with https://developers.google.com/web/tools/chrome-devtools/manage-data/cookies[Chrome] or https://developer.mozilla.org/en-US/docs/Tools/Storage_Inspector[Firefox]).
 
 If you like, you can easily remove the session using redis-cli. For example, on a Linux based system you can type:
 
 	$ redis-cli keys '*' | xargs redis-cli del
 
-TIP: The Redis documentation has instructions for http://redis.io/topics/quickstart[installing redis-cli].
+TIP: The Redis documentation has instructions for https://redis.io/topics/quickstart[installing redis-cli].
 
 Alternatively, you can also delete the explicit key. Enter the following into your terminal ensuring to replace `7e8383a4-082c-4ffe-a4bc-c40fd3363c5e` with the value of your SESSION cookie:
 

docs/src/docs/asciidoc/guides/java-rest.adoc

@@ -31,7 +31,7 @@ If you are using Maven, ensure to add the following dependencies:
 	<dependency>
 		<groupId>org.springframework</groupId>
 		<artifactId>spring-web</artifactId>
-		<version>{spring-version}</version>
+		<version>{spring-framework-version}</version>
 	</dependency>
 </dependencies>
 ----
@@ -88,7 +88,7 @@ The filter is what is in charge of replacing the `HttpSession` implementation to
 In this instance Spring Session is backed by Redis.
 <2> We create a `RedisConnectionFactory` that connects Spring Session to the Redis Server.
 We configure the connection to connect to localhost on the default port (6379)
-For more information on configuring Spring Data Redis, refer to the http://docs.spring.io/spring-data/data-redis/docs/current/reference/html/[reference documentation].
+For more information on configuring Spring Data Redis, refer to the https://docs.spring.io/spring-data/data-redis/docs/{spring-data-redis-version}/reference/html/[reference documentation].
 <3> We customize Spring Session's HttpSession integration to use HTTP headers to convey the current session information instead of cookies.
 
 == Servlet Container Initialization
@@ -126,7 +126,7 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 
 [NOTE]
 ====
-For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
+For the sample to work, you must https://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
 Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
 Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
@@ -209,7 +209,7 @@ Now remove the session using redis-cli. For example, on a Linux based system you
 
 	$ redis-cli keys '*' | xargs redis-cli del
 
-TIP: The Redis documentation has instructions for http://redis.io/topics/quickstart[installing redis-cli].
+TIP: The Redis documentation has instructions for https://redis.io/topics/quickstart[installing redis-cli].
 
 Alternatively, you can also delete the explicit key. Enter the following into your terminal ensuring to replace `7e8383a4-082c-4ffe-a4bc-c40fd3363c5e` with the value of your SESSION cookie:
 

docs/src/docs/asciidoc/guides/java-security.adoc

@@ -32,7 +32,7 @@ If you are using Maven, ensure to add the following dependencies:
 	<dependency>
 		<groupId>org.springframework</groupId>
 		<artifactId>spring-web</artifactId>
-		<version>{spring-version}</version>
+		<version>{spring-framework-version}</version>
 	</dependency>
 </dependencies>
 ----
@@ -87,7 +87,7 @@ The filter is what is in charge of replacing the `HttpSession` implementation to
 In this instance Spring Session is backed by Redis.
 <2> We create a `RedisConnectionFactory` that connects Spring Session to the Redis Server.
 We configure the connection to connect to localhost on the default port (6379)
-For more information on configuring Spring Data Redis, refer to the http://docs.spring.io/spring-data/data-redis/docs/current/reference/html/[reference documentation].
+For more information on configuring Spring Data Redis, refer to the https://docs.spring.io/spring-data/data-redis/docs/{spring-data-redis-version}/reference/html/[reference documentation].
 
 == Servlet Container Initialization
 
@@ -130,7 +130,7 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 
 [NOTE]
 ====
-For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
+For the sample to work, you must https://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
 Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
 Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
@@ -159,13 +159,13 @@ Spring Session replaces the `HttpSession` with an implementation that is backed
 When Spring Security's `SecurityContextPersistenceFilter` saves the `SecurityContext` to the `HttpSession` it is then persisted into Redis.
 
 When a new `HttpSession` is created, Spring Session creates a cookie named SESSION in your browser that contains the id of your session.
-Go ahead and view the cookies (click for help with https://developer.chrome.com/devtools/docs/resources#cookies[Chrome] or https://getfirebug.com/wiki/index.php/Cookies_Panel#Cookies_List[Firefox]).
+Go ahead and view the cookies (click for help with https://developers.google.com/web/tools/chrome-devtools/manage-data/cookies[Chrome] or https://developer.mozilla.org/en-US/docs/Tools/Storage_Inspector[Firefox]).
 
 If you like, you can easily remove the session using redis-cli. For example, on a Linux based system you can type:
 
 	$ redis-cli keys '*' | xargs redis-cli del
 
-TIP: The Redis documentation has instructions for http://redis.io/topics/quickstart[installing redis-cli].
+TIP: The Redis documentation has instructions for https://redis.io/topics/quickstart[installing redis-cli].
 
 Alternatively, you can also delete the explicit key. Enter the following into your terminal ensuring to replace `7e8383a4-082c-4ffe-a4bc-c40fd3363c5e` with the value of your SESSION cookie:
 

docs/src/docs/asciidoc/guides/java-users.adoc

@@ -1,162 +0,0 @@
-= Spring Session - Multiple Sessions
-Rob Winch
-:toc:
-
-This guide describes how to use Spring Session to manage multiple simultaneous browser sessions (i.e Google Accounts).
-
-== Integrating with Spring Session
-
-The steps to integrate with Spring Session are exactly the same as those outline in the link:httpsession.html[HttpSession Guide], so we will skip to running the sample application.
-
-[[users-sample]]
-== users Sample Application
-
-The users application demonstrates how to allow an application to manage multiple simultaneous browser sessions (i.e. Google Accounts).
-
-=== Running the users Sample Application
-
-You can run the sample by obtaining the {download-url}[source code] and invoking the following command:
-
-[NOTE]
-====
-For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
-Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
-Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
-====
-
-----
-$ ./gradlew :samples:users:tomcatRun
-----
-
-You should now be able to access the application at http://localhost:8080/
-
-=== Exploring the users Sample Application
-
-Try using the application. Authenticate with the following information:
-
-* **Username** _rob_
-* **Password** _rob_
-
-Now click the **Login** button. You should now be authenticated as the user **rob**.
-
-We can click on links and our user information is preserved.
-
-* Click on the **Link** link in the navigation bar at the top
-* Observe we are still authenticated as **rob**
-
-Let's add an another account.
-
-* Return to the *Home* page
-* Click on the arrow next to *rob* in the upper right hand corner
-* Click **Add Account**
-
-The log in form is displayed again. Authenticate with the following information:
-
-* **Username** _luke_
-* **Password** _luke_
-
-Now click the **Login** button. You should now be authenticated as the user **luke**.
-
-We can click on links and our user information is preserved.
-
-* Click on the **Link** link in the navigation bar at the top
-* Observe we are still authenticated as **luke**
-
-Where did our original user go? Let's switch to our original account.
-
-* Click on the arrow next to *luke* in the upper right hand corner.
-* Click on **Switch Account** -> *rob*
-
-We are now using the session associated with *rob*.
-
-== How does it work?
-
-// tag::how-does-it-work[]
-
-Let's take a look at how Spring Session keeps track of multiple sessions.
-
-=== Managing a Single Session
-
-Spring Session keeps track of the `HttpSession` by adding a value to a cookie named SESSION.
-For example, the SESSION cookie might have a value of:
-
-	7e8383a4-082c-4ffe-a4bc-c40fd3363c5e
-
-=== Adding a Session
-
-We can add another session by requesting a URL that contains a special parameter in it.
-By default the parameter name is *_s*. For example, the following URL would create a new session:
-
-http://localhost:8080/?_s=1
-
-NOTE: The parameter value does not indicate the actual session id.
-This is important because we never want to allow the session id to be determined by a client to avoid https://www.owasp.org/index.php/Session_fixation[session fixation attacks].
-Additionally, we do not want the session id to be leaked since it is sent as a query parameter.
-Remember sensitive information should only be transmitted as a header or in the body of the request.
-
-Rather than creating the URL ourselves, we can utilize the `HttpSessionManager` to do this for us.
-We can obtain the `HttpSessionManager` from the `HttpServletRequest` using the following:
-
-.src/main/java/sample/UserAccountsFilter.java
-[source,java,indent=0]
-----
-include::{samples-dir}javaconfig/users/src/main/java/sample/UserAccountsFilter.java[tags=HttpSessionManager]
-----
-
-We can now use it to create a URL to add another session.
-
-.src/main/java/sample/UserAccountsFilter.java
-[source,java,indent=0]
-----
-include::{samples-dir}javaconfig/users/src/main/java/sample/UserAccountsFilter.java[tags=addAccountUrl]
-----
-
-<1> We have an existing variable named `unauthenticatedAlias`.
-The value is an alias that points to an existing unauthenticated session.
-If no such session exists, the value is null.
-This ensures if we have an existing unauthenticated session that we use it instead of creating a new session.
-<2> If all of our sessions are already associated to a user, we create a new session alias.
-<3> If there is an existing session that is not associated to a user, we use its session alias.
-<4> Finally, we create the add account URL.
-The URL contains a session alias that either points to an existing unauthenticated session or is an alias that is unused thus signaling to create a new session associated to that alias.
-
-Now our SESSION cookie looks something like this:
-
-	0 7e8383a4-082c-4ffe-a4bc-c40fd3363c5e 1 1d526d4a-c462-45a4-93d9-84a39b6d44ad
-
-Such that:
-
-* There is a session with the id *7e8383a4-082c-4ffe-a4bc-c40fd3363c5e*
-** The alias for this session is  *0*.
-For example, if the URL is http://localhost:8080/?_s=0 this alias would be used.
-** This is the default session.
-This means that if no session alias is specified, then this session is used.
-For example, if the URL is http://localhost:8080/ this session would be used.
-* There is a session with the id *1d526d4a-c462-45a4-93d9-84a39b6d44ad*
-** The alias for this session is *1*.
-If the session alias is *1*, then this session is used.
-For example, if the URL is http://localhost:8080/?_s=1 this alias would be used.
-
-=== Automatic Session Alias Inclusion with encodeURL
-
-The nice thing about specifying the session alias in the URL is that we can have multiple tabs open with different active sessions.
-The bad thing is that we need to include the session alias in every URL of our application.
-Fortunately, Spring Session will automatically include the session alias in any URL that passes through http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html#encodeURL(java.lang.String)[HttpServletResponse#encodeURL(java.lang.String)]
-
-This means that if you are using standard tag libraries the session alias is automatically included in the URL.
-For example, if we are currently using the session with the alias of *1*, then the following:
-
-.src/main/webapp/index.jsp
-[source,xml,indent=0]
-----
-include::{samples-dir}javaconfig/users/src/main/webapp/index.jsp[tags=link]
-----
-
-will output a link of:
-
-[source,html]
-----
-<a id="navLink" href="/link.jsp?_s=1">Link</a>
-----
-
-// end::how-does-it-work[]

docs/src/docs/asciidoc/guides/xml-jdbc.adoc

@@ -26,7 +26,7 @@ If you are using Maven, ensure to add the following dependencies:
 	<dependency>
 		<groupId>org.springframework</groupId>
 		<artifactId>spring-web</artifactId>
-		<version>{spring-version}</version>
+		<version>{spring-framework-version}</version>
 	</dependency>
 </dependencies>
 ----
@@ -87,7 +87,7 @@ In this instance Spring Session is backed by a relational database.
 We configure the H2 database to create database tables using the SQL script which is included in Spring Session.
 <3> We create a `transactionManager` that manages transactions for previously configured `dataSource`.
 
-For additional information on how to configure data access related concerns, please refer to the http://docs.spring.io/spring/docs/current/spring-framework-reference/html/spring-data-tier.html[Spring Framework Reference Documentation].
+For additional information on how to configure data access related concerns, please refer to the https://docs.spring.io/spring/docs/{spring-framework-version}/spring-framework-reference/data-access.html[Spring Framework Reference Documentation].
 
 == XML Servlet Container Initialization
 
@@ -105,7 +105,7 @@ include::{samples-dir}xml/jdbc/src/main/webapp/WEB-INF/web.xml[tags=context-para
 include::{samples-dir}xml/jdbc/src/main/webapp/WEB-INF/web.xml[tags=listeners]
 ----
 
-The http://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/#context-create[ContextLoaderListener] reads the contextConfigLocation and picks up our session.xml configuration.
+The https://docs.spring.io/spring/docs/{spring-framework-version}/spring-framework-reference/core.html#context-create[ContextLoaderListener] reads the contextConfigLocation and picks up our session.xml configuration.
 
 Last we need to ensure that our Servlet Container (i.e. Tomcat) uses our `springSessionRepositoryFilter` for every request.
 The following snippet performs this last step for us:
@@ -116,7 +116,7 @@ The following snippet performs this last step for us:
 include::{samples-dir}xml/jdbc/src/main/webapp/WEB-INF/web.xml[tags=springSessionRepositoryFilter]
 ----
 
-The http://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/web/filter/DelegatingFilterProxy.html[DelegatingFilterProxy] will look up a Bean by the name of `springSessionRepositoryFilter` and cast it to a `Filter`.
+The https://docs.spring.io/spring-framework/docs/{spring-framework-version}/javadoc-api/org/springframework/web/filter/DelegatingFilterProxy.html[DelegatingFilterProxy] will look up a Bean by the name of `springSessionRepositoryFilter` and cast it to a `Filter`.
 For every request that `DelegatingFilterProxy` is invoked, the `springSessionRepositoryFilter` will be invoked.
 
 // end::config[]
@@ -155,7 +155,7 @@ include::{samples-dir}xml/jdbc/src/main/java/sample/SessionServlet.java[tags=cla
 
 Instead of using Tomcat's `HttpSession`, we are actually persisting the values in H2 database.
 Spring Session creates a cookie named SESSION in your browser that contains the id of your session.
-Go ahead and view the cookies (click for help with https://developer.chrome.com/devtools/docs/resources#cookies[Chrome] or https://getfirebug.com/wiki/index.php/Cookies_Panel#Cookies_List[Firefox]).
+Go ahead and view the cookies (click for help with https://developers.google.com/web/tools/chrome-devtools/manage-data/cookies[Chrome] or https://developer.mozilla.org/en-US/docs/Tools/Storage_Inspector[Firefox]).
 
 If you like, you can easily remove the session using H2 web console available at: http://localhost:8080/h2-console/ (use `jdbc:h2:mem:testdb` for JDBC URL)
 

docs/src/docs/asciidoc/guides/xml-redis.adoc

@@ -31,7 +31,7 @@ If you are using Maven, ensure to add the following dependencies:
 	<dependency>
 		<groupId>org.springframework</groupId>
 		<artifactId>spring-web</artifactId>
-		<version>{spring-version}</version>
+		<version>{spring-framework-version}</version>
 	</dependency>
 </dependencies>
 ----
@@ -90,7 +90,7 @@ The filter is what is in charge of replacing the `HttpSession` implementation to
 In this instance Spring Session is backed by Redis.
 <2> We create a `RedisConnectionFactory` that connects Spring Session to the Redis Server.
 We configure the connection to connect to localhost on the default port (6379)
-For more information on configuring Spring Data Redis, refer to the http://docs.spring.io/spring-data/data-redis/docs/current/reference/html/[reference documentation].
+For more information on configuring Spring Data Redis, refer to the https://docs.spring.io/spring-data/data-redis/docs/{spring-data-redis-version}/reference/html/[reference documentation].
 
 == XML Servlet Container Initialization
 
@@ -108,7 +108,7 @@ include::{samples-dir}xml/redis/src/main/webapp/WEB-INF/web.xml[tags=context-par
 include::{samples-dir}xml/redis/src/main/webapp/WEB-INF/web.xml[tags=listeners]
 ----
 
-The http://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/#context-create[ContextLoaderListener] reads the contextConfigLocation and picks up our session.xml configuration.
+The https://docs.spring.io/spring/docs/{spring-framework-version}/spring-framework-reference/core.html#context-create[ContextLoaderListener] reads the contextConfigLocation and picks up our session.xml configuration.
 
 Last we need to ensure that our Servlet Container (i.e. Tomcat) uses our `springSessionRepositoryFilter` for every request.
 The following snippet performs this last step for us:
@@ -119,7 +119,7 @@ The following snippet performs this last step for us:
 include::{samples-dir}xml/redis/src/main/webapp/WEB-INF/web.xml[tags=springSessionRepositoryFilter]
 ----
 
-The http://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/web/filter/DelegatingFilterProxy.html[DelegatingFilterProxy] will look up a Bean by the name of `springSessionRepositoryFilter` and cast it to a `Filter`.
+The https://docs.spring.io/spring-framework/docs/{spring-framework-version}/javadoc-api/org/springframework/web/filter/DelegatingFilterProxy.html[DelegatingFilterProxy] will look up a Bean by the name of `springSessionRepositoryFilter` and cast it to a `Filter`.
 For every request that `DelegatingFilterProxy` is invoked, the `springSessionRepositoryFilter` will be invoked.
 
 // end::config[]
@@ -133,7 +133,7 @@ You can run the sample by obtaining the {download-url}[source code] and invoking
 
 [NOTE]
 ====
-For the sample to work, you must http://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
+For the sample to work, you must https://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
 Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
 Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
 ====
@@ -165,13 +165,13 @@ include::{samples-dir}xml/redis/src/main/java/sample/SessionServlet.java[tags=cl
 
 Instead of using Tomcat's `HttpSession`, we are actually persisting the values in Redis.
 Spring Session creates a cookie named SESSION in your browser that contains the id of your session.
-Go ahead and view the cookies (click for help with https://developer.chrome.com/devtools/docs/resources#cookies[Chrome] or https://getfirebug.com/wiki/index.php/Cookies_Panel#Cookies_List[Firefox]).
+Go ahead and view the cookies (click for help with https://developers.google.com/web/tools/chrome-devtools/manage-data/cookies[Chrome] or https://developer.mozilla.org/en-US/docs/Tools/Storage_Inspector[Firefox]).
 
 If you like, you can easily remove the session using redis-cli. For example, on a Linux based system you can type:
 
 	$ redis-cli keys '*' | xargs redis-cli del
 
-TIP: The Redis documentation has instructions for http://redis.io/topics/quickstart[installing redis-cli].
+TIP: The Redis documentation has instructions for https://redis.io/topics/quickstart[installing redis-cli].
 
 Alternatively, you can also delete the explicit key. Enter the following into your terminal ensuring to replace `7e8383a4-082c-4ffe-a4bc-c40fd3363c5e` with the value of your SESSION cookie:
 

docs/src/docs/asciidoc/index.adoc

@@ -1,6 +1,5 @@
-
 = Spring Session
-Rob Winch, Vedran Pavić, Jakub Kubrynski
+Rob Winch, Vedran Pavić
 :doctype: book
 :indexdoc-tests: {docs-test-dir}docs/IndexDocTests.java
 :websocketdoc-test-dir: {docs-test-dir}docs/websocket/
@@ -13,30 +12,31 @@ Spring Session provides an API and implementations for managing a user's session
 [[introduction]]
 == Introduction
 
-Spring Session provides an API and implementations for managing a user's session information. It also provides transparent integration with:
-
-* <<httpsession,HttpSession>> - allows replacing the HttpSession in an application container (i.e. Tomcat) neutral way.
-Additional features include:
-** **Clustered Sessions** - Spring Session makes it trivial to support <<httpsession-redis,clustered sessions>> without being tied to an application container specific solution.
-** **Multiple Browser Sessions** - Spring Session supports <<httpsession-multi,managing multiple users' sessions>> in a single browser instance (i.e. multiple authenticated accounts similar to Google).
-** **RESTful APIs** - Spring Session allows providing session ids in headers to work with <<httpsession-rest,RESTful APIs>>
+Spring Session provides an API and implementations for managing a user's session information, while also making it trivial to support clustered sessions without being tied to an application container specific solution.
+It also provides transparent integration with:
 
+* <<httpsession,HttpSession>> - allows replacing the `HttpSession` in an application container (i.e. Tomcat) neutral way, with support for providing session IDs in headers to work with RESTful APIs.
 * <<websocket,WebSocket>> - provides the ability to keep the `HttpSession` alive when receiving WebSocket messages
+* <<websession,WebSession>> - allows replacing the Spring WebFlux's `WebSession` in an application container neutral way.
 
-== What's New in 1.3
+== What's New in 2.0
 
-Below are the highlights of what is new in Spring Session 1.3. You can find a complete list of what's new by referring to the changelogs of
-https://github.com/spring-projects/spring-session/milestone/6?closed=1[1.3.0.M1],
-https://github.com/spring-projects/spring-session/milestone/18?closed=1[1.3.0.M2],
-https://github.com/spring-projects/spring-session/milestone/16?closed=1[1.3.0.RC1], and
-https://github.com/spring-projects/spring-session/milestone/19?closed=1[1.3.0.RELEASE].
+Below are the highlights of what is new in Spring Session 2.0. You can find a complete list of what's new by referring to the changelogs of
+https://github.com/spring-projects/spring-session/milestone/17?closed=1[2.0.0.M1],
+https://github.com/spring-projects/spring-session/milestone/22?closed=1[2.0.0.M2],
+https://github.com/spring-projects/spring-session/milestone/23?closed=1[2.0.0.M3],
+https://github.com/spring-projects/spring-session/milestone/24?closed=1[2.0.0.M4],
+https://github.com/spring-projects/spring-session/milestone/25?closed=1[2.0.0.M5],
+https://github.com/spring-projects/spring-session/milestone/26?closed=1[2.0.0.RC1],
+https://github.com/spring-projects/spring-session/milestone/27?closed=1[2.0.0.RC2], and
+https://github.com/spring-projects/spring-session/milestone/30?closed=1[2.0.0.RELEASE].
 
-* First class support for http://docs.spring.io/spring-session/docs/1.3.0.RELEASE/reference/html5/#httpsession-hazelcast[Hazelcast]
-* First class support for http://docs.spring.io/spring-session/docs/1.3.0.RELEASE/reference/html5/#spring-security-concurrent-sessions-how[Spring Security's concurrent session management]
-* Added https://github.com/maseev/spring-session-orientdb[OrientDB Community Extension]
-* https://github.com/spring-projects/spring-session/tree/1.3.0.RELEASE/samples/httpsession-redis-json[GenericJackson2JsonRedisSerializer sample] with Spring Security's new Jackson Support
-* Guides now https://github.com/spring-projects/spring-session/pull/652[use Lettuce]
-* `spring.session.cleanup.cron.expression` can be used to override the cleanup task’s cron expression
+* Upgraded to Java 8 and Spring Framework 5 as baseline
+* https://github.com/spring-projects/spring-session/issues/683[Added support for managing Spring WebFlux's `WebSession`] with https://github.com/spring-projects/spring-session/issues/816[Redis `ReactiveSessionRepository`]
+* https://github.com/spring-projects/spring-session/issues/768[Extracted `SessionRepository` implementations to separate modules]
+* Improved https://github.com/spring-projects/spring-session/issues/682[`Session`] and https://github.com/spring-projects/spring-session/issues/809[`SessionRepository`] APIs
+* Improved and harmonized configuration support for all supported session stores
+* https://github.com/spring-projects/spring-session/pull/713[Added support for configuring default `CookieSerializer` using `SessionCookieConfig`]
 * Lots of performance improvements and bug fixes
 
 [[samples]]
@@ -64,6 +64,10 @@ If you are looking to get started with Spring Session, the best place to start i
 | Demonstrates how to use Spring Session with WebSockets.
 | link:guides/boot-websocket.html[WebSockets Guide]
 
+| {gh-samples-url}boot/webflux[WebFlux]
+| Demonstrates how to use Spring Session to replace the Spring WebFlux's `WebSession` with Redis.
+| TBD
+
 | {gh-samples-url}boot/redis-json[HttpSession with Redis JSON serialization]
 | Demonstrates how to use Spring Session to replace the `HttpSession` with Redis using JSON serialization.
 | TBD
@@ -98,10 +102,6 @@ If you are looking to get started with Spring Session, the best place to start i
 | Demonstrates how to use Spring Session in a REST application to support authenticating with a header.
 | link:guides/java-rest.html[REST Guide]
 
-| {gh-samples-url}javaconfig/users[Multiple Users]
-| Demonstrates how to use Spring Session to manage multiple simultaneous browser sessions (i.e Google Accounts).
-| link:guides/java-users.html[Multiple Users Guide]
-
 |===
 
 .Sample Applications using Spring XML based configuration
@@ -132,6 +132,27 @@ If you are looking to get started with Spring Session, the best place to start i
 
 |===
 
+[[modules]]
+== Spring Session Modules
+
+In Spring Session 1.x all of the Spring Session's `SessionRepository` implementations were available within the `spring-session` artifact.
+While convenient, this approach wasn't sustainable long-term as more features and `SessionRepository` implementations were added to the project.
+
+Starting with Spring Session 2.0, the project has been split up to Spring Session Core module, and several other modules that carry `SessionRepository` implementations and functionality related to the specific data store.
+The users of Spring Data will find this arrangement familiar, with Spring Session Core module taking a role equivalent to Spring Data Commons and providing core functionalities and APIs with other modules containing data store specific implementations.
+As a part of this split, the Spring Session Data MongoDB and Spring Session Data GemFire modules were moved to separate repositories so the situation with project's repositories/modules is a follows:
+
+* https://github.com/spring-projects/spring-session[`spring-session` repository]
+** Hosts Spring Session Core, Spring Session Data Redis, Spring Session JDBC and Spring Session Hazelcast modules
+* https://github.com/spring-projects/spring-session-data-mongodb[`spring-session-data-mongodb` repository]
+** Hosts Spring Session Data MongoDB module
+* https://github.com/spring-projects/spring-session-data-geode[`spring-session-data-geode` repository]
+** Hosts Spring Session Data Geode/GemFire module
+
+Going forward, the plan is to externalize each of the `SessionRepository` implementations into a dedicated repository and provide a Maven BOM (as in "bill of materials") module in order to help users with version management concerns.
+
+Modules maintained by the members of Spring Team will be hosted within the https://github.com/spring-projects[`spring-projects` organization], while the community maintained modules will continue to be promoted via <<community-extensions,Community Extensions>> section of this manual.
+
 [[httpsession]]
 == HttpSession Integration
 
@@ -144,8 +165,7 @@ This means that developers can switch the `HttpSession` implementation out with
 We have already mentioned that Spring Session provides transparent integration with `HttpSession`, but what benefits do we get out of this?
 
 * **Clustered Sessions** - Spring Session makes it trivial to support <<httpsession-redis,clustered sessions>> without being tied to an application container specific solution.
-* **Multiple Browser Sessions** - Spring Session supports <<httpsession-multi,managing multiple users' sessions>> in a single browser instance (i.e. multiple authenticated accounts similar to Google).
-* **RESTful APIs** - Spring Session allows providing session ids in headers to work with <<httpsession-rest,RESTful APIs>>
+* **RESTful APIs** - Spring Session allows providing session IDs in headers to work with <<httpsession-rest,RESTful APIs>>
 
 [[httpsession-redis]]
 === HttpSession with Redis
@@ -284,17 +304,6 @@ public class SessionRepositoryFilter implements Filter {
 By passing in a custom `HttpServletRequest` implementation into the `FilterChain` we ensure that anything invoked after our `Filter` uses the custom `HttpSession` implementation.
 This highlights why it is important that Spring Session's `SessionRepositoryFilter` must be placed before anything that interacts with the `HttpSession`.
 
-[[httpsession-multi]]
-=== Multiple HttpSessions in Single Browser
-
-Spring Session has the ability to support multiple sessions in a single browser instance.
-This provides the ability to support authenticating with multiple users in the same browser instance (i.e. Google Accounts).
-
-NOTE: The <<samples,Manage Multiple Users Guide>> provides a complete working example of managing multiple users in the same browser instance.
-You can follow the basic steps for integration below, but you are encouraged to follow along with the detailed Manage Multiple Users Guide when integrating with your own application.
-
-include::guides/java-users.adoc[tags=how-does-it-work,leveloffset=+1]
-
 [[httpsession-rest]]
 === HttpSession & RESTful APIs
 
@@ -365,6 +374,116 @@ Before using WebSocket integration, you should be sure that you have <<httpsessi
 
 include::guides/boot-websocket.adoc[tags=config,leveloffset=+2]
 
+[[websession]]
+== WebSession Integration
+
+Spring Session provides transparent integration with Spring WebFlux's `WebSession`.
+This means that developers can switch the `WebSession` implementation out with an implementation that is backed by Spring Session.
+
+[[websession-why]]
+=== Why Spring Session & WebSession?
+
+We have already mentioned that Spring Session provides transparent integration with Spring WebFlux's `WebSession`, but what benefits do we get out of this?
+As with `HttpSession`, Spring Session makes it trivial to support <<websession-redis,clustered sessions>> without being tied to an application container specific solution.
+
+[[websession-redis]]
+=== WebSession with Redis
+
+Using Spring Session with `WebSession` is enabled by simply registering a `WebSessionManager` implementation backed by Spring Session's `ReactiveSessionRepository`.
+The Spring configuration is responsible for creating a `WebSessionManager` that replaces the `WebSession` implementation with an implementation backed by Spring Session.
+Add the following Spring Configuration:
+
+[source, java]
+----
+@EnableRedisWebSession // <1>
+public class SessionConfiguration {
+
+	@Bean
+	public LettuceConnectionFactory redisConnectionFactory() {
+		return new LettuceConnectionFactory(); // <2>
+	}
+
+}
+----
+
+<1> The `@EnableRedisWebSession` annotation creates a Spring Bean with the name of `webSessionManager` that implements the `WebSessionManager`.
+This is what is in charge of replacing the `WebSession` implementation to be backed by Spring Session.
+In this instance Spring Session is backed by Redis.
+<2> We create a `RedisConnectionFactory` that connects Spring Session to the Redis Server.
+We configure the connection to connect to localhost on the default port (6379)
+For more information on configuring Spring Data Redis, refer to the https://docs.spring.io/spring-data/data-redis/docs/{spring-data-redis-version}/reference/html/[reference documentation].
+
+[[websession-how]]
+=== How WebSession Integration Works
+
+With Spring WebFlux and it's `WebSession` things are considerably simpler for Spring Session to integrate with, compared to Servlet API and it's `HttpSession`.
+Spring WebFlux provides `WebSessionStore` API which presents a strategy for persisting `WebSession`.
+
+NOTE: This section describes how Spring Session provides transparent integration with `WebSession`. The intent is so that user's can understand what is happening under the covers. This functionality is already integrated and you do NOT need to implement this logic yourself.
+
+First we create a custom `SpringSessionWebSession` that delegates to Spring Session's `Session`.
+It looks something like the following:
+
+[source, java]
+----
+public class SpringSessionWebSession implements WebSession {
+
+	enum State {
+		NEW, STARTED
+	}
+
+	private final S session;
+
+	private AtomicReference<State> state = new AtomicReference<>();
+
+	SpringSessionWebSession(S session, State state) {
+		this.session = session;
+		this.state.set(state);
+	}
+
+	@Override
+	public void start() {
+		this.state.compareAndSet(State.NEW, State.STARTED);
+	}
+
+	@Override
+	public boolean isStarted() {
+		State value = this.state.get();
+		return (State.STARTED.equals(value)
+				|| (State.NEW.equals(value) && !this.session.getAttributes().isEmpty()));
+	}
+
+	@Override
+	public Mono<Void> changeSessionId() {
+		return Mono.defer(() -> {
+			this.session.changeSessionId();
+			return save();
+		});
+	}
+
+	// ... other methods delegate to the original Session
+}
+----
+
+Next, we create a custom `WebSessionStore` that delegates to the `ReactiveSessionRepository` and wraps `Session` into custom `WebSession` implementation:
+
+[source, java]
+----
+public class SpringSessionWebSessionStore<S extends Session> implements WebSessionStore {
+
+	private final ReactiveSessionRepository<S> sessions;
+
+	public SpringSessionWebSessionStore(ReactiveSessionRepository<S> reactiveSessionRepository) {
+		this.sessions = reactiveSessionRepository;
+	}
+
+	// ...
+}
+----
+
+In order to be detected by Spring WebFlux, this custom `WebSessionStore` needs to be registered with `ApplicationContext` as bean named `webSessionManager`.
+For additional information on Spring WebFlux, refer to the https://docs.spring.io/spring/docs/{spring-framework-version}/spring-framework-reference/web-reactive.html[Spring Framework Reference Documentation].
+
 [[spring-security]]
 == Spring Security Integration
 
@@ -373,7 +492,7 @@ Spring Session provides integration with Spring Security.
 [[spring-security-rememberme]]
 === Spring Security Remember-Me Support
 
-Spring Session provides integration with http://docs.spring.io/spring-security/site/docs/4.2.x/reference/htmlsingle/#remember-me[Spring Security's Remember-Me Authentication].
+Spring Session provides integration with https://docs.spring.io/spring-security/site/docs/{spring-security-version}/reference/htmlsingle/#remember-me[Spring Security's Remember-Me Authentication].
 The support will:
 
 * Change the session expiration length
@@ -519,6 +638,14 @@ Once the session is indexed, it can be found using the following:
 include::{docs-test-dir}docs/FindByIndexNameSessionRepositoryTests.java[tags=findby-username]
 ----
 
+[[api-reactivesessionrepository]]
+=== ReactiveSessionRepository
+
+A `ReactiveSessionRepository` is in charge of creating, retrieving, and persisting `Session` instances in a non-blocking and reactive manner.
+
+If possible, developers should not interact directly with a `ReactiveSessionRepository` or a `Session`.
+Instead, developers should prefer interacting with `ReactiveSessionRepository` and `Session` indirectly through the <<websession,WebSession>> integration.
+
 [[api-enablespringhttpsession]]
 === EnableSpringHttpSession
 
@@ -535,6 +662,22 @@ It is important to note that no infrastructure for session expirations is config
 This is because things like session expiration are highly implementation dependent.
 This means if you require cleaning up expired sessions, you are responsible for cleaning up the expired sessions.
 
+[[api-enablespringwebsession]]
+=== EnableSpringWebSession
+
+The `@EnableSpringWebSession` annotation can be added to an `@Configuration` class to expose the `WebSessionManager` as a bean named "webSessionManager".
+In order to leverage the annotation, a single `ReactiveSessionRepository` bean must be provided.
+For example:
+
+[source,java,indent=0]
+----
+include::{docs-test-dir}docs/SpringWebSessionConfig.java[tags=class]
+----
+
+It is important to note that no infrastructure for session expirations is configured for you out of the box.
+This is because things like session expiration are highly implementation dependent.
+This means if you require cleaning up expired sessions, you are responsible for cleaning up the expired sessions.
+
 [[api-redisoperationssessionrepository]]
 === RedisOperationsSessionRepository
 
@@ -562,7 +705,7 @@ Complete example usage can be found in the <<samples>>
 You can use the following attributes to customize the configuration:
 
 * **maxInactiveIntervalInSeconds** - the amount of time before the session will expire in seconds
-* **redisNamespace** - allows configuring an application specific namespace for the sessions. Redis keys and channel ids will start with the prefix of `spring:session:<redisNamespace>:`.
+* **redisNamespace** - allows configuring an application specific namespace for the sessions. Redis keys and channel IDs will start with the prefix of `<redisNamespace>:`.
 * **redisFlushMode** - allows specifying when data will be written to Redis. The default is only when `save` is invoked on `SessionRepository`.
 A value of `RedisFlushMode.IMMEDIATE` will write to Redis as soon as possible.
 
@@ -574,7 +717,7 @@ You can customize the serialization by creating a Bean named `springSessionDefau
 
 `RedisOperationsSessionRepository` is subscribed to receive events from redis using a `RedisMessageListenerContainer`.
 You can customize the way those events are dispatched, by creating a Bean named `springSessionRedisTaskExecutor` and/or a Bean `springSessionRedisSubscriptionExecutor`.
-More details on configuring redis task executors can be found http://docs.spring.io/spring-data-redis/docs/current/reference/html/#redis:pubsub:subscribe:containers[here].
+More details on configuring redis task executors can be found https://docs.spring.io/spring-data-redis/docs/{spring-data-redis-version}/reference/html/#redis:pubsub:subscribe:containers[here].
 
 [[api-redisoperationssessionrepository-storage]]
 ==== Storage Details
@@ -613,7 +756,7 @@ HMSET spring:session:sessions:33fdd1b6-b496-4b33-9f7d-df96679d32fe creationTime
 
 In this example, the session following statements are true about the session:
 
-* The session id is 33fdd1b6-b496-4b33-9f7d-df96679d32fe
+* The session ID is 33fdd1b6-b496-4b33-9f7d-df96679d32fe
 * The session was created at 1404360000000 in milliseconds since midnight of 1/1/1970 GMT.
 * The session expires in 1800 seconds (30 minutes).
 * The session was last accessed at 1404360000000 in milliseconds since midnight of 1/1/1970 GMT.
@@ -653,7 +796,7 @@ The `SessionRepository.findById(String)` method ensures that no expired sessions
 This means there is no need to check the expiration before using a session.
 ====
 
-Spring Session relies on the delete and expired http://redis.io/topics/notifications[keyspace notifications] from Redis to fire a <<api-redisoperationssessionrepository-sessiondestroyedevent,SessionDeletedEvent>> and <<api-redisoperationssessionrepository-sessiondestroyedevent,SessionExpiredEvent>> respectively.
+Spring Session relies on the delete and expired https://redis.io/topics/notifications[keyspace notifications] from Redis to fire a <<api-redisoperationssessionrepository-sessiondestroyedevent,SessionDeletedEvent>> and <<api-redisoperationssessionrepository-sessiondestroyedevent,SessionExpiredEvent>> respectively.
 It is the `SessionDeletedEvent` or `SessionExpiredEvent` that ensures resources associated with the Session are cleaned up.
 For example, when using Spring Session's WebSocket support the Redis expired or delete event is what triggers any WebSocket connections associated with the session to be closed.
 
@@ -668,7 +811,7 @@ When a session expires key is deleted or expires, the keyspace notification trig
 
 One problem with relying on Redis expiration exclusively is that Redis makes no guarantee of when the expired event will be fired if the key has not been accessed.
 Specifically the background task that Redis uses to clean up expired keys is a low priority task and may not trigger the key expiration.
-For additional details see http://redis.io/topics/notifications[Timing of expired events] section in the Redis documentation.
+For additional details see https://redis.io/topics/notifications[Timing of expired events] section in the Redis documentation.
 
 To circumvent the fact that expired events are not guaranteed to happen we can ensure that each key is accessed when it is expected to expire.
 This means that if the TTL is expired on the key, Redis will remove the key and fire the expired event when we try to access the key.
@@ -703,7 +846,7 @@ This is necessary to ensure resources associated with the `Session` are properly
 
 For example, when integrating with WebSockets the `SessionDestroyedEvent` is in charge of closing any active WebSocket connections.
 
-Firing `SessionDeletedEvent` or `SessionExpiredEvent` is made available through the `SessionMessageListener` which listens to http://redis.io/topics/notifications[Redis Keyspace events].
+Firing `SessionDeletedEvent` or `SessionExpiredEvent` is made available through the `SessionMessageListener` which listens to https://redis.io/topics/notifications[Redis Keyspace events].
 In order for this to work, Redis Keyspace events for Generic commands and Expired events needs to be enabled.
 For example:
 
@@ -735,14 +878,14 @@ include::{docs-test-resources-dir}docs/HttpSessionConfigurationNoOpConfigureRedi
 ==== SessionCreatedEvent
 
 When a session is created an event is sent to Redis with the channel of `spring:session:channel:created:33fdd1b6-b496-4b33-9f7d-df96679d32fe`
-such that `33fdd1b6-b496-4b33-9f7d-df96679d32fe` is the session id. The body of the event will be the session that was created.
+such that `33fdd1b6-b496-4b33-9f7d-df96679d32fe` is the session ID. The body of the event will be the session that was created.
 
 If registered as a MessageListener (default), then `RedisOperationsSessionRepository` will then translate the Redis message into a `SessionCreatedEvent`.
 
 [[api-redisoperationssessionrepository-cli]]
 ==== Viewing the Session in Redis
 
-After http://redis.io/topics/quickstart[installing redis-cli], you can inspect the values in Redis http://redis.io/commands#hash[using the redis-cli].
+After https://redis.io/topics/quickstart[installing redis-cli], you can inspect the values in Redis https://redis.io/commands#hash[using the redis-cli].
 For example, enter the following into a terminal:
 
 [source,bash]
@@ -754,7 +897,70 @@ redis 127.0.0.1:6379> keys *
 ----
 
 <1> The suffix of this key is the session identifier of the Spring Session.
-<2> This key contains all the session ids that should be deleted at the time `1418772300000`.
+<2> This key contains all the session IDs that should be deleted at the time `1418772300000`.
+
+You can also view the attributes of each session.
+
+[source,bash]
+----
+redis 127.0.0.1:6379> hkeys spring:session:sessions:4fc39ce3-63b3-4e17-b1c4-5e1ed96fb021
+1) "lastAccessedTime"
+2) "creationTime"
+3) "maxInactiveInterval"
+4) "sessionAttr:username"
+redis 127.0.0.1:6379> hget spring:session:sessions:4fc39ce3-63b3-4e17-b1c4-5e1ed96fb021 sessionAttr:username
+"\xac\xed\x00\x05t\x00\x03rob"
+----
+
+[[api-reactiveredisoperationssessionrepository]]
+=== ReactiveRedisOperationsSessionRepository
+
+`ReactiveRedisOperationsSessionRepository` is a `ReactiveSessionRepository` that is implemented using Spring Data's `ReactiveRedisOperations`.
+In a web environment, this is typically used in combination with `WebSessionStore`.
+
+[[api-reactiveredisoperationssessionrepository-new]]
+==== Instantiating a ReactiveRedisOperationsSessionRepository
+
+A typical example of how to create a new instance can be seen below:
+
+[source,java,indent=0]
+----
+include::{indexdoc-tests}[tags=new-reactiveredisoperationssessionrepository]
+----
+
+For additional information on how to create a `ReactiveRedisConnectionFactory`, refer to the Spring Data Redis Reference.
+
+[[api-reactiveredisoperationssessionrepository-config]]
+==== EnableRedisWebSession
+
+In a web environment, the simplest way to create a new `ReactiveRedisOperationsSessionRepository` is to use `@EnableRedisWebSession`.
+You can use the following attributes to customize the configuration:
+
+* **maxInactiveIntervalInSeconds** - the amount of time before the session will expire in seconds
+* **redisNamespace** - allows configuring an application specific namespace for the sessions. Redis keys and channel IDs will start with the prefix of `<redisNamespace>:`.
+* **redisFlushMode** - allows specifying when data will be written to Redis. The default is only when `save` is invoked on `ReactiveSessionRepository`.
+A value of `RedisFlushMode.IMMEDIATE` will write to Redis as soon as possible.
+
+[[api-reactiveredisoperationssessionrepository-writes]]
+===== Optimized Writes
+
+The `Session` instances managed by `ReactiveRedisOperationsSessionRepository` keeps track of the properties that have changed and only updates those.
+This means if an attribute is written once and read many times we only need to write that attribute once.
+
+[[api-reactiveredisoperationssessionrepository-cli]]
+==== Viewing the Session in Redis
+
+After https://redis.io/topics/quickstart[installing redis-cli], you can inspect the values in Redis https://redis.io/commands#hash[using the redis-cli].
+For example, enter the following into a terminal:
+
+[source,bash]
+----
+$ redis-cli
+redis 127.0.0.1:6379> keys *
+1) "spring:session:sessions:4fc39ce3-63b3-4e17-b1c4-5e1ed96fb021" <1>
+----
+
+<1> The suffix of this key is the session identifier of the Spring Session.
 
 You can also view the attributes of each session.
 
@@ -772,7 +978,7 @@ redis 127.0.0.1:6379> hget spring:session:sessions:4fc39ce3-63b3-4e17-b1c4-5e1ed
 [[api-mapsessionrepository]]
 === MapSessionRepository
 
-The `MapSessionRepository` allows for persisting `Session` in a `Map` with the key being the `Session` id and the value being the `Session`.
+The `MapSessionRepository` allows for persisting `Session` in a `Map` with the key being the `Session` ID and the value being the `Session`.
 The implementation can be used with a `ConcurrentHashMap` as a testing or convenience mechanism.
 Alternatively, it can be used with distributed `Map` implementations. For example, it can be used with Hazelcast.
 
@@ -803,6 +1009,13 @@ To run it use the following:
 
 	./gradlew :samples:hazelcast-spring:tomcatRun
 
+[[api-reactivemapsessionrepository]]
+=== ReactiveMapSessionRepository
+
+The `ReactiveMapSessionRepository` allows for persisting `Session` in a `Map` with the key being the `Session` ID and the value being the `Session`.
+The implementation can be used with a `ConcurrentHashMap` as a testing or convenience mechanism.
+Alternatively, it can be used with distributed `Map` implementations with the requirement that the supplied `Map` must be a non-blocking.
+
 [[api-jdbcoperationssessionrepository]]
 === JdbcOperationsSessionRepository
 
@@ -820,7 +1033,7 @@ A typical example of how to create a new instance can be seen below:
 include::{indexdoc-tests}[tags=new-jdbcoperationssessionrepository]
 ----
 
-For additional information on how to create and configure `JdbcTemplate` and `PlatformTransactionManager`, refer to the http://docs.spring.io/spring/docs/current/spring-framework-reference/html/spring-data-tier.html[Spring Framework Reference Documentation].
+For additional information on how to create and configure `JdbcTemplate` and `PlatformTransactionManager`, refer to the https://docs.spring.io/spring/docs/{spring-framework-version}/spring-framework-reference/data-access.html[Spring Framework Reference Documentation].
 
 [[api-jdbcoperationssessionrepository-config]]
 ==== EnableJdbcHttpSession
@@ -887,12 +1100,12 @@ A typical example of how to create a new instance can be seen below:
 include::{indexdoc-tests}[tags=new-hazelcastsessionrepository]
 ----
 
-For additional information on how to create and configure Hazelcast instance, refer to the http://docs.hazelcast.org/docs/latest/manual/html-single/index.html#hazelcast-configuration[Hazelcast documentation].
+For additional information on how to create and configure Hazelcast instance, refer to the http://docs.hazelcast.org/docs/{hazelcast-version}/manual/html-single/index.html#hazelcast-configuration[Hazelcast documentation].
 
 [[api-enablehazelcasthttpsession]]
 ==== EnableHazelcastHttpSession
 
-If you wish to use http://hazelcast.org/[Hazelcast] as your backing source for the `SessionRepository`, then the `@EnableHazelcastHttpSession` annotation
+If you wish to use https://hazelcast.org/[Hazelcast] as your backing source for the `SessionRepository`, then the `@EnableHazelcastHttpSession` annotation
 can be added to an `@Configuration` class. This extends the functionality provided by the `@EnableSpringHttpSession` annotation but makes the `SessionRepository` for you in Hazelcast.
 You must provide a single `HazelcastInstance` bean for the configuration to work.
 Complete configuration example can be found in the <<samples>>
@@ -924,6 +1137,70 @@ Note that if you use Hazelcast's `MapStore` to persist your sessions `IMap` ther
 * reload triggers `EntryAddedListener` which results in `SessionCreatedEvent` being re-published
 * reload uses default TTL for a given `IMap` which results in sessions losing their original TTL
 
+[[custom-sessionrepository]]
+== Custom SessionRepository
+
+Implementing a custom <<api-sessionrepository,`SessionRepository`>> API should be a fairly straightforward task.
+Coupling the custom implementation with <<api-enablespringhttpsession,`@EnableSpringHttpSession`>> support allow to easily reuse existing Spring Session configuration facilities and infrastructure.
+There are however a couple of aspects that deserve a closer consideration.
+
+During a lifecycle of an HTTP request, the `HttpSession` is typically is persisted to `SessionRepository` twice.
+First to ensure that the session is available to the clients as soon as the client has access to the session ID, and it is also necessary to write after the session is committed because further modifications to the session might be made.
+Having this in mind, it is generally recommended for a `SessionRepository` implementation to keep track of changes to ensure that only deltas are saved.
+This is in particular very important in highly concurrent environments, where multiple requests operate on the same `HttpSession` and therefore cause race conditions, with requests overriding each others changes to session attributes.
+All of the `SessionRepository` implementations provided by Spring Session use the described approach to persisting session changes and can be used for guidance while implementing custom `SessionRepository`.
+
+Note that the same recommendations apply for implementing a custom <<api-reactivesessionrepository,`ReactiveSessionRepository`>> as well.
+Of course, in this case the <<api-enablespringwebsession,`@EnableSpringWebSession`>> should be used.
+
+[[upgrading-2.0]]
+== Upgrading to 2.x
+
+With the new major release version, the Spring Session team took the opportunity to make some non-passive changes.
+The focus of these changes is to improve and harmonize Spring Session's APIs, as well as remove the deprecated components.
+
+=== Baseline update
+
+Spring Session 2.0 requires Java 8 and Spring Framework 5.0 as a baseline, since its entire codebase is now based on Java 8 source code.
+Refer to guide for https://github.com/spring-projects/spring-framework/wiki/Upgrading-to-Spring-Framework-5.x[Upgrading to Spring Framework 5.x] for reference on upgrading Spring Framework.
+
+=== Replaced and Removed Modules
+
+As a part of the project's split the modules, the existing `spring-session` has been replaced with `spring-session-core` module.
+The `spring-session-core` module holds only the common set of APIs and components while other modules contain the implementation of appropriate `SessionRepository` and functionality related to that data store.
+This applies to several existing that were previously a simple dependency aggregator helper modules but with new module arrangement actually carry the implementation:
+
+* Spring Session Data Redis
+* Spring Session JDBC
+* Spring Session Hazelcast
+
+Also the following modules were removed from the main project repository:
+
+* Spring Session Data MongoDB
+* Spring Session Data GemFire
+
+Note that these two have moved to separate repositories, and will continue to be available albeit under a changed artifact names:
+
+* https://github.com/spring-projects/spring-session-data-mongodb[`spring-session-data-mongodb`]
+* https://github.com/spring-projects/spring-session-data-geode[`spring-session-data-geode`]
+
+=== Replaced and Removed Packages, Classes and Methods
+
+* `ExpiringSession` API has been merged into `Session` API
+* `Session` API has been enhanced to make full use of Java 8
+* `Session` API has been extended with `changeSessionId` support
+* `SessionRepository` API has been updated to better align with Spring Data method naming conventions
+* `AbstractSessionEvent` and its subclasses are no longer constructable without an underlying `Session` object
+* Redis namespace used by `RedisOperationsSessionRepository` is now fully configurable, instead of being partial configurable
+* Redis configuration support has been updated to avoid registering a Spring Session specific `RedisTemplate` bean
+* JDBC configuration support has been updated to avoid registering a Spring Session specific `JdbcTemplate` bean
+* Previously deprecated classes and methods have been removed across the codebase
+
+=== Dropped Support
+
+As a part of the changes to `HttpSessionStrategy` and it's alignment to the counterpart from the reactive world, the support for managing multiple users' sessions in a single browser instance has been removed.
+This introduction of new API to replace this functionality in consideration for future releases.
+
 [[community]]
 == Spring Session Community
 
@@ -933,18 +1210,18 @@ Please find additional information below.
 [[community-support]]
 === Support
 
-You can get help by asking questions on http://stackoverflow.com/questions/tagged/spring-session[StackOverflow with the tag spring-session].
+You can get help by asking questions on https://stackoverflow.com/questions/tagged/spring-session[StackOverflow with the tag spring-session].
 Similarly we encourage helping others by answering questions on StackOverflow.
 
 [[community-source]]
 === Source Code
 
-Our source code can be found on github at https://github.com/spring-projects/spring-session/
+Our source code can be found on GitHub at https://github.com/spring-projects/spring-session/
 
 [[community-issues]]
 === Issue Tracking
 
-We track issues in github issues at https://github.com/spring-projects/spring-session/issues
+We track issues in GitHub issues at https://github.com/spring-projects/spring-session/issues
 
 [[community-contributing]]
 === Contributing
@@ -954,7 +1231,7 @@ We appreciate https://help.github.com/articles/using-pull-requests/[Pull Request
 [[community-license]]
 === License
 
-Spring Session is Open Source software released under the http://www.apache.org/licenses/LICENSE-2.0.html[Apache 2.0 license].
+Spring Session is Open Source software released under the https://www.apache.org/licenses/LICENSE-2.0[Apache 2.0 license].
 
 [[community-extensions]]
 === Community Extensions

docs/src/test/java/docs/HttpSessionConfigurationNoOpConfigureRedisActionXmlTests.java

@@ -24,7 +24,7 @@ import org.springframework.data.redis.connection.RedisConnectionFactory;
 import org.springframework.session.Session;
 import org.springframework.session.web.http.SessionRepositoryFilter;
 import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.context.web.WebAppConfiguration;
 
 import static org.assertj.core.api.Assertions.assertThat;
@@ -33,7 +33,7 @@ import static org.mockito.Mockito.mock;
 /**
  * @author Rob Winch
  */
-@RunWith(SpringJUnit4ClassRunner.class)
+@RunWith(SpringRunner.class)
 @ContextConfiguration
 @WebAppConfiguration
 public class HttpSessionConfigurationNoOpConfigureRedisActionXmlTests {

docs/src/test/java/docs/IndexDocTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -22,17 +22,22 @@ import java.util.concurrent.ConcurrentHashMap;
 import com.hazelcast.config.Config;
 import com.hazelcast.core.Hazelcast;
 import com.hazelcast.core.HazelcastInstance;
-import com.hazelcast.core.IMap;
 import org.junit.Test;
 
 import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+import org.springframework.data.redis.core.ReactiveRedisTemplate;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.serializer.JdkSerializationRedisSerializer;
+import org.springframework.data.redis.serializer.RedisSerializationContext;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.jdbc.datasource.DataSourceTransactionManager;
 import org.springframework.mock.web.MockServletContext;
 import org.springframework.session.MapSession;
 import org.springframework.session.MapSessionRepository;
+import org.springframework.session.ReactiveSessionRepository;
 import org.springframework.session.Session;
 import org.springframework.session.SessionRepository;
+import org.springframework.session.data.redis.ReactiveRedisOperationsSessionRepository;
 import org.springframework.session.data.redis.RedisOperationsSessionRepository;
 import org.springframework.session.hazelcast.HazelcastSessionRepository;
 import org.springframework.session.jdbc.JdbcOperationsSessionRepository;
@@ -112,12 +117,35 @@ public class IndexDocTests {
 	@SuppressWarnings("unused")
 	public void newRedisOperationsSessionRepository() {
 		// tag::new-redisoperationssessionrepository[]
-		LettuceConnectionFactory factory = new LettuceConnectionFactory();
-		SessionRepository<? extends Session> repository = new RedisOperationsSessionRepository(
-				factory);
+		RedisTemplate<Object, Object> redisTemplate = new RedisTemplate<>();
+
+		// ... configure redisTemplate ...
+
+		SessionRepository<? extends Session> repository =
+				new RedisOperationsSessionRepository(redisTemplate);
 		// end::new-redisoperationssessionrepository[]
 	}
 
+	@Test
+	@SuppressWarnings("unused")
+	public void newReactiveRedisOperationsSessionRepository() {
+		LettuceConnectionFactory connectionFactory = new LettuceConnectionFactory();
+		RedisSerializationContext<String, Object> serializationContext = RedisSerializationContext
+				.<String, Object>newSerializationContext(
+						new JdkSerializationRedisSerializer())
+				.build();
+
+		// tag::new-reactiveredisoperationssessionrepository[]
+		// ... create and configure connectionFactory and serializationContext ...
+
+		ReactiveRedisTemplate<String, Object> redisTemplate = new ReactiveRedisTemplate<>(
+				connectionFactory, serializationContext);
+
+		ReactiveSessionRepository<? extends Session> repository =
+				new ReactiveRedisOperationsSessionRepository(redisTemplate);
+		// end::new-reactiveredisoperationssessionrepository[]
+	}
+
 	@Test
 	@SuppressWarnings("unused")
 	public void mapRepository() {
@@ -155,11 +183,8 @@ public class IndexDocTests {
 
 		HazelcastInstance hazelcastInstance = Hazelcast.newHazelcastInstance(config);
 
-		IMap<String, MapSession> sessions = hazelcastInstance
-				.getMap("spring:session:sessions");
-
 		HazelcastSessionRepository repository =
-				new HazelcastSessionRepository(sessions);
+				new HazelcastSessionRepository(hazelcastInstance);
 		// end::new-hazelcastsessionrepository[]
 	}
 

docs/src/test/java/docs/RedisHttpSessionConfigurationNoOpConfigureRedisActionTests.java

@@ -25,7 +25,7 @@ import org.springframework.data.redis.connection.RedisConnectionFactory;
 import org.springframework.session.data.redis.config.ConfigureRedisAction;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
 import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.context.web.WebAppConfiguration;
 
 import static org.mockito.Mockito.mock;
@@ -33,7 +33,7 @@ import static org.mockito.Mockito.mock;
 /**
  * @author Rob Winch
  */
-@RunWith(SpringJUnit4ClassRunner.class)
+@RunWith(SpringRunner.class)
 @ContextConfiguration
 @WebAppConfiguration
 public class RedisHttpSessionConfigurationNoOpConfigureRedisActionTests {

docs/src/test/java/docs/SpringWebSessionConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -14,21 +14,21 @@
  * limitations under the License.
  */
 
-package sample;
+package docs;
+
+import java.util.concurrent.ConcurrentHashMap;
 
 import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Import;
-import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
-import org.springframework.session.data.redis.config.annotation.web.reactor.EnableRedisReactorSession;
+import org.springframework.session.ReactiveMapSessionRepository;
+import org.springframework.session.ReactiveSessionRepository;
+import org.springframework.session.config.annotation.web.server.EnableSpringWebSession;
 
-@Import(EmbeddedRedisConfig.class)
 // tag::class[]
-@EnableRedisReactorSession
-public class HelloWebfluxSessionConfig {
-
+@EnableSpringWebSession
+public class SpringWebSessionConfig {
 	@Bean
-	public LettuceConnectionFactory lettuceConnectionFactory() {
-		return new LettuceConnectionFactory();
+	public ReactiveSessionRepository reactiveSessionRepository() {
+		return new ReactiveMapSessionRepository(new ConcurrentHashMap<>());
 	}
 }
 // end::class[]

docs/src/test/java/docs/http/AbstractHttpSessionListenerTests.java

@@ -29,7 +29,7 @@ import org.springframework.data.redis.connection.RedisConnectionFactory;
 import org.springframework.security.core.session.SessionDestroyedEvent;
 import org.springframework.session.MapSession;
 import org.springframework.session.Session;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.context.web.WebAppConfiguration;
 
 import static org.assertj.core.api.Assertions.assertThat;
@@ -42,7 +42,7 @@ import static org.mockito.Mockito.mock;
  * @author Mark Paluch
  * @since 1.2
  */
-@RunWith(SpringJUnit4ClassRunner.class)
+@RunWith(SpringRunner.class)
 @WebAppConfiguration
 public abstract class AbstractHttpSessionListenerTests {
 	@Autowired
@@ -82,6 +82,7 @@ public abstract class AbstractHttpSessionListenerTests {
 		 * @see org.springframework.context.ApplicationListener#onApplicationEvent(org.
 		 * springframework.context.ApplicationEvent)
 		 */
+		@Override
 		public void onApplicationEvent(SessionDestroyedEvent event) {
 			this.event = event;
 		}

docs/src/test/java/docs/http/HazelcastHttpSessionConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -41,7 +41,7 @@ public class HazelcastHttpSessionConfig {
 
 		Config config = new Config();
 
-		config.getMapConfig("spring:session:sessions") // <2>
+		config.getMapConfig(HazelcastSessionRepository.DEFAULT_SESSION_MAP_NAME) // <2>
 				.addMapAttributeConfig(attributeConfig)
 				.addMapIndexConfig(new MapIndexConfig(
 						HazelcastSessionRepository.PRINCIPAL_NAME_ATTRIBUTE, false));

docs/src/test/java/docs/security/RememberMeSecurityConfiguration.java

@@ -67,10 +67,8 @@ public class RememberMeSecurityConfiguration extends WebSecurityConfigurerAdapte
 	@Override
 	@Bean
 	public InMemoryUserDetailsManager userDetailsService() {
-		InMemoryUserDetailsManager uds = new InMemoryUserDetailsManager();
-		uds.createUser(
-				User.withUsername("user").password("password").roles("USER").build());
-		return uds;
+		return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder()
+				.username("user").password("password").roles("USER").build());
 	}
 
 	@Bean

docs/src/test/java/docs/security/RememberMeSecurityConfigurationTests.java

@@ -30,7 +30,7 @@ import org.springframework.session.Session;
 import org.springframework.session.SessionRepository;
 import org.springframework.session.web.http.SessionRepositoryFilter;
 import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.context.web.WebAppConfiguration;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.MvcResult;
@@ -44,7 +44,7 @@ import static org.springframework.security.test.web.servlet.setup.SecurityMockMv
 /**
  * @author rwinch
  */
-@RunWith(SpringJUnit4ClassRunner.class)
+@RunWith(SpringRunner.class)
 @ContextConfiguration(classes = RememberMeSecurityConfiguration.class)
 @WebAppConfiguration
 @SuppressWarnings("rawtypes")

docs/src/test/java/docs/security/RememberMeSecurityConfigurationXmlTests.java

@@ -30,7 +30,7 @@ import org.springframework.session.Session;
 import org.springframework.session.SessionRepository;
 import org.springframework.session.web.http.SessionRepositoryFilter;
 import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.context.web.WebAppConfiguration;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.MvcResult;
@@ -44,7 +44,7 @@ import static org.springframework.security.test.web.servlet.setup.SecurityMockMv
 /**
  * @author rwinch
  */
-@RunWith(SpringJUnit4ClassRunner.class)
+@RunWith(SpringRunner.class)
 @ContextConfiguration
 @WebAppConfiguration
 @SuppressWarnings("rawtypes")

docs/src/test/java/docs/websocket/WebSocketConfig.java

@@ -32,6 +32,7 @@ import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
 @EnableWebSocketMessageBroker
 public class WebSocketConfig extends AbstractWebSocketMessageBrokerConfigurer {
 
+	@Override
 	public void registerStompEndpoints(StompEndpointRegistry registry) {
 		registry.addEndpoint("/messages").withSockJS();
 	}

docs/src/test/resources/docs/security/RememberMeSecurityConfigurationXmlTests-context.xml

@@ -20,7 +20,7 @@
 
 
 	<security:user-service>
-		<security:user name="user" password="password" authorities="ROLE_USER"/>
+		<security:user name="user" password="{noop}password" authorities="ROLE_USER"/>
 	</security:user-service>
 
 	<bean class="org.springframework.session.config.annotation.web.http.SpringHttpSessionConfiguration"/>

etc/checkstyle/suppressions.xml

@@ -4,7 +4,6 @@
 <suppressions>
 	<suppress files=".+Application\.java" checks="HideUtilityClassConstructor"/>
 	<suppress files=".+Configuration\.java" checks="HideUtilityClassConstructor"/>
-	<suppress files=".+SSEFluxWebConfig\.java" checks="RegexpHeader"/>
 
 	<suppress files="[\\/]src[\\/]test[\\/]java[\\/]" checks="Javadoc"/>
 	<suppress files="[\\/]src[\\/]integration-test[\\/]java[\\/]" checks="Javadoc"/>

gradle.properties

@@ -1,2 +1,2 @@
-springBootVersion=2.0.0.M4
-version=2.0.0.M5
+springBootVersion=2.0.0.M7
+version=2.0.0.RELEASE

gradle/dependency-management.gradle

@@ -1,55 +1,42 @@
 dependencyManagement {
 	imports {
-		mavenBom 'com.fasterxml.jackson:jackson-bom:2.9.1'
-		mavenBom 'io.projectreactor:reactor-bom:Bismuth-RELEASE'
-		mavenBom 'org.springframework:spring-framework-bom:5.0.0.RELEASE'
-		mavenBom 'org.springframework.data:spring-data-releasetrain:Kay-RELEASE'
-		mavenBom 'org.springframework.security:spring-security-bom:5.0.0.M5'
+		mavenBom 'com.fasterxml.jackson:jackson-bom:2.9.3'
+		mavenBom 'io.projectreactor:reactor-bom:Bismuth-SR4'
+		mavenBom 'org.springframework:spring-framework-bom:5.0.2.RELEASE'
+		mavenBom 'org.springframework.data:spring-data-releasetrain:Kay-SR2'
+		mavenBom 'org.springframework.security:spring-security-bom:5.0.0.RELEASE'
 	}
 
 	dependencies {
-		dependencySet(group: 'com.hazelcast', version: '3.8.6') {
+		dependencySet(group: 'com.hazelcast', version: '3.9.1') {
 			entry 'hazelcast'
 			entry 'hazelcast-client'
 		}
 
-		dependencySet(group: 'org.testcontainers', version: '1.4.2') {
+		dependencySet(group: 'org.testcontainers', version: '1.5.1') {
 			entry 'mysql'
 			entry 'postgresql'
 			entry 'testcontainers'
 		}
 
-		dependency 'ch.qos.logback:logback-classic:1.2.3'
+		dependencySet(group: 'org.testcontainers', version: '1.4.3') {
+			entry 'mariadb'
+			entry 'mssqlserver'
+		}
+
 		dependency 'com.h2database:h2:1.4.196'
-		dependency 'com.maxmind.geoip2:geoip2:2.3.1'
-		dependency 'commons-codec:commons-codec:1.10'
+		dependency 'com.microsoft.sqlserver:mssql-jdbc:6.2.2.jre8'
 		dependency 'edu.umd.cs.mtc:multithreadedtc:1.01'
-		dependency 'io.lettuce:lettuce-core:5.0.0.RELEASE'
-		dependency 'javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:1.2.1'
-		dependency 'javax.servlet.jsp:javax.servlet.jsp-api:2.3.2-b02'
+		dependency 'io.lettuce:lettuce-core:5.0.1.RELEASE'
 		dependency 'javax.servlet:javax.servlet-api:3.1.0'
 		dependency 'junit:junit:4.12'
-		dependency 'mysql:mysql-connector-java:5.1.44'
-		dependency 'org.apache.derby:derby:10.13.1.1'
-		dependency 'org.apache.httpcomponents:httpclient:4.5.3'
-		dependency 'org.apache.taglibs:taglibs-standard-jstlel:1.2.5'
-		dependency 'org.assertj:assertj-core:3.8.0'
+		dependency 'mysql:mysql-connector-java:5.1.45'
+		dependency 'org.apache.derby:derby:10.14.1.0'
+		dependency 'org.assertj:assertj-core:3.9.0'
 		dependency 'org.hsqldb:hsqldb:2.4.0'
-		dependency 'org.mariadb.jdbc:mariadb-java-client:2.1.2'
-		dependency 'org.mockito:mockito-core:2.10.0'
+		dependency 'org.mariadb.jdbc:mariadb-java-client:2.2.1'
+		dependency 'org.mockito:mockito-core:2.13.0'
 		dependency 'org.postgresql:postgresql:42.1.4'
-		dependency 'org.seleniumhq.selenium:htmlunit-driver:2.27'
-		dependency 'org.slf4j:jcl-over-slf4j:1.7.25'
-		dependency 'org.slf4j:log4j-over-slf4j:1.7.25'
-		dependency 'org.testcontainers:mariadb:1.3.0'
-		dependency 'org.thymeleaf.extras:thymeleaf-extras-java8time:3.0.1.RELEASE'
-		dependency 'org.thymeleaf:thymeleaf-spring5:3.0.7.RC1'
-		dependency 'org.webjars:bootstrap:2.3.2'
-		dependency 'org.webjars:html5shiv:3.7.3'
-		dependency 'org.webjars:jquery:1.12.4'
-		dependency 'org.webjars:knockout:2.3.0'
-		dependency 'org.webjars:sockjs-client:0.3.4'
-		dependency 'org.webjars:stomp-websocket:2.3.0'
-		dependency 'org.webjars:webjars-taglib:0.3'
+		dependency 'org.seleniumhq.selenium:htmlunit-driver:2.29.0'
 	}
 }

gradle/wrapper/gradle-wrapper.properties

@@ -2,4 +2,4 @@ distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-4.2.1-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-4.4.1-bin.zip

samples/boot/findbyusername/spring-session-sample-boot-findbyusername.gradle

@@ -20,9 +20,3 @@ dependencies {
 	integrationTestCompile seleniumDependencies
 	integrationTestCompile "org.testcontainers:testcontainers"
 }
-
-integrationTest {
-	doFirst {
-		systemProperties['spring.session.redis.namespace'] = project.name
-	}
-}

samples/boot/findbyusername/src/integration-test/java/sample/FindByUsernameTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -49,7 +49,7 @@ import org.springframework.test.web.servlet.htmlunit.webdriver.MockMvcHtmlUnitDr
 @ContextConfiguration(initializers = FindByUsernameTests.Initializer.class)
 public class FindByUsernameTests {
 
-	private static final String DOCKER_IMAGE = "redis:4.0.2";
+	private static final String DOCKER_IMAGE = "redis:4.0.6";
 
 	@ClassRule
 	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)

samples/boot/findbyusername/src/main/java/sample/config/SecurityConfig.java

@@ -35,11 +35,10 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
 	@Bean
+	@Override
 	public UserDetailsService userDetailsService() {
-		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
-		manager.createUser(
-				User.withUsername("user").password("password").roles("USER").build());
-		return manager;
+		return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder()
+				.username("user").password("password").roles("USER").build());
 	}
 
 	// @formatter:off

samples/boot/findbyusername/src/main/java/sample/session/SessionDetailsFilter.java

@@ -57,6 +57,7 @@ public class SessionDetailsFilter extends OncePerRequestFilter {
 	}
 
 	// tag::dofilterinternal[]
+	@Override
 	public void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
 			FilterChain chain) throws IOException, ServletException {
 		chain.doFilter(request, response);

samples/boot/findbyusername/src/test/java/sample/session/SessionDetailsFilterTests.java

@@ -20,12 +20,11 @@ import com.maxmind.geoip2.DatabaseReader;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
-
 import sample.config.GeoConfig;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.junit4.SpringRunner;
 
 import static org.assertj.core.api.Assertions.assertThat;
 
@@ -33,7 +32,7 @@ import static org.assertj.core.api.Assertions.assertThat;
  * @author Rob Winch
  *
  */
-@RunWith(SpringJUnit4ClassRunner.class)
+@RunWith(SpringRunner.class)
 @ContextConfiguration(classes = GeoConfig.class)
 public class SessionDetailsFilterTests {
 	@Autowired

samples/boot/jdbc/src/main/java/sample/config/SecurityConfig.java

@@ -36,11 +36,10 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
 	@Bean
+	@Override
 	public UserDetailsService userDetailsService() {
-		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
-		manager.createUser(
-				User.withUsername("user").password("password").roles("USER").build());
-		return manager;
+		return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder()
+				.username("user").password("password").roles("USER").build());
 	}
 
 	// @formatter:off

samples/boot/redis-json/src/integration-test/java/sample/HttpRedisJsonTest.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -53,7 +53,7 @@ import static org.assertj.core.api.Assertions.assertThat;
 @ContextConfiguration(initializers = HttpRedisJsonTest.Initializer.class)
 public class HttpRedisJsonTest {
 
-	private static final String DOCKER_IMAGE = "redis:4.0.2";
+	private static final String DOCKER_IMAGE = "redis:4.0.6";
 
 	@ClassRule
 	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)

samples/boot/redis-json/src/integration-test/java/sample/RedisSerializerTest.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -21,13 +21,13 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.testcontainers.containers.GenericContainer;
 
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.util.TestPropertyValues;
 import org.springframework.context.ApplicationContextInitializer;
 import org.springframework.context.ConfigurableApplicationContext;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.data.redis.serializer.GenericJackson2JsonRedisSerializer;
+import org.springframework.session.data.redis.config.annotation.SpringSessionRedisOperations;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringRunner;
 
@@ -42,13 +42,13 @@ import static org.assertj.core.api.Assertions.assertThat;
 @ContextConfiguration(initializers = RedisSerializerTest.Initializer.class)
 public class RedisSerializerTest {
 
-	private static final String DOCKER_IMAGE = "redis:4.0.2";
+	private static final String DOCKER_IMAGE = "redis:4.0.6";
 
 	@ClassRule
 	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
 			.withExposedPorts(6379);
 
-	@Autowired
+	@SpringSessionRedisOperations
 	private RedisTemplate<Object, Object> sessionRedisTemplate;
 
 	@Test

samples/boot/redis-json/src/main/java/sample/config/SecurityConfig.java

@@ -35,11 +35,10 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
 	@Bean
+	@Override
 	public UserDetailsService userDetailsService() {
-		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
-		manager.createUser(
-				User.withUsername("user").password("password").roles("USER").build());
-		return manager;
+		return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder()
+				.username("user").password("password").roles("USER").build());
 	}
 
 	// @formatter:off

samples/boot/redis-json/src/main/java/sample/config/SessionConfig.java

@@ -56,6 +56,7 @@ public class SessionConfig implements BeanClassLoaderAware {
 	 * org.springframework.beans.factory.BeanClassLoaderAware#setBeanClassLoader(java.lang
 	 * .ClassLoader)
 	 */
+	@Override
 	public void setBeanClassLoader(ClassLoader classLoader) {
 		this.loader = classLoader;
 	}

samples/boot/redis/src/integration-test/java/sample/BootTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -48,7 +48,7 @@ import org.springframework.test.web.servlet.htmlunit.webdriver.MockMvcHtmlUnitDr
 @ContextConfiguration(initializers = BootTests.Initializer.class)
 public class BootTests {
 
-	private static final String DOCKER_IMAGE = "redis:4.0.2";
+	private static final String DOCKER_IMAGE = "redis:4.0.6";
 
 	@ClassRule
 	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)

samples/boot/redis/src/main/java/sample/config/SecurityConfig.java

@@ -35,11 +35,10 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
 	@Bean
+	@Override
 	public UserDetailsService userDetailsService() {
-		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
-		manager.createUser(
-				User.withUsername("user").password("password").roles("USER").build());
-		return manager;
+		return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder()
+				.username("user").password("password").roles("USER").build());
 	}
 
 	// @formatter:off

samples/boot/webflux/spring-session-sample-boot-webflux.gradle

@@ -0,0 +1,15 @@
+apply plugin: 'io.spring.convention.spring-sample-boot'
+
+dependencies {
+	compile project(':spring-session-data-redis')
+	compile "org.springframework.boot:spring-boot-starter-webflux"
+	compile "org.springframework.boot:spring-boot-starter-thymeleaf"
+	compile "org.springframework.boot:spring-boot-starter-data-redis"
+	compile "org.springframework.boot:spring-boot-devtools"
+	compile 'org.webjars:bootstrap'
+
+	testCompile "org.springframework.boot:spring-boot-starter-test"
+
+	integrationTestCompile seleniumDependencies
+	integrationTestCompile "org.testcontainers:testcontainers"
+}

samples/boot/webflux/src/integration-test/java/sample/AttributeTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,21 +16,26 @@
 
 package sample;
 
-
 import java.util.List;
 
 import org.junit.After;
 import org.junit.Before;
+import org.junit.ClassRule;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.openqa.selenium.WebDriver;
 import org.openqa.selenium.htmlunit.HtmlUnitDriver;
+import org.testcontainers.containers.GenericContainer;
 import sample.pages.HomePage;
 import sample.pages.HomePage.Attribute;
 
-import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.boot.test.util.TestPropertyValues;
+import org.springframework.boot.web.server.LocalServerPort;
+import org.springframework.context.ApplicationContextInitializer;
+import org.springframework.context.ConfigurableApplicationContext;
 import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.TestPropertySource;
 import org.springframework.test.context.junit4.SpringRunner;
 
 import static org.assertj.core.api.Assertions.assertThat;
@@ -40,11 +45,18 @@ import static org.assertj.core.api.Assertions.assertThat;
  * @author Rob Winch
  */
 @RunWith(SpringRunner.class)
-@ContextConfiguration(classes = HelloWebfluxApplication.class)
-@TestPropertySource(properties = { "spring.profiles.active=embedded-redis", "server.port=0" })
+@SpringBootTest(classes = HelloWebFluxApplication.class, webEnvironment = WebEnvironment.RANDOM_PORT)
+@ContextConfiguration(initializers = AttributeTests.Initializer.class)
 public class AttributeTests {
-	@Value("#{@nettyContext.address().getPort()}")
-	int port;
+
+	private static final String DOCKER_IMAGE = "redis:4.0.6";
+
+	@ClassRule
+	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
+			.withExposedPorts(6379);
+
+	@LocalServerPort
+	private int port;
 
 	private WebDriver driver;
 
@@ -87,4 +99,18 @@ public class AttributeTests {
 		assertThat(row.getAttributeValue()).isEqualTo("b");
 	}
 
+	static class Initializer
+			implements ApplicationContextInitializer<ConfigurableApplicationContext> {
+
+		@Override
+		public void initialize(
+				ConfigurableApplicationContext configurableApplicationContext) {
+			TestPropertyValues
+					.of("spring.redis.host=" + redisContainer.getContainerIpAddress(),
+							"spring.redis.port=" + redisContainer.getFirstMappedPort())
+					.applyTo(configurableApplicationContext.getEnvironment());
+		}
+
+	}
+
 }

samples/boot/webflux/src/main/java/sample/HelloWebFluxApplication.java

@@ -14,22 +14,19 @@
  * limitations under the License.
  */
 
-package sample.pages;
+package sample;
 
-import org.openqa.selenium.WebDriver;
-
-import static org.assertj.core.api.Assertions.assertThat;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
 
 /**
- * @author Pool Dolorier
+ * @author Rob Winch
  */
-public class LinkPage  extends BasePage {
+@SpringBootApplication
+public class HelloWebFluxApplication {
 
-	public LinkPage(WebDriver driver) {
-		super(driver);
+	public static void main(String[] args) {
+		SpringApplication.run(HelloWebFluxApplication.class, args);
 	}
 
-	public void assertAt() {
-		assertThat(getDriver().getTitle()).isEqualTo("Linked Page");
-	}
 }

samples/boot/websocket/src/main/java/sample/config/WebSecurityConfig.java

@@ -35,11 +35,10 @@ import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
 	@Bean
+	@Override
 	public UserDetailsService userDetailsService() {
-		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
-		manager.createUser(
-				User.withUsername("user").password("password").roles("USER").build());
-		return manager;
+		return new InMemoryUserDetailsManager(User.withDefaultPasswordEncoder()
+				.username("user").password("password").roles("USER").build());
 	}
 
 	// @formatter:off

samples/boot/websocket/src/main/java/sample/config/WebSocketConfig.java

@@ -31,10 +31,12 @@ import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
 public class WebSocketConfig
 		extends AbstractSessionWebSocketMessageBrokerConfigurer<Session> { // <1>
 
+	@Override
 	protected void configureStompEndpoints(StompEndpointRegistry registry) { // <2>
 		registry.addEndpoint("/messages").withSockJS();
 	}
 
+	@Override
 	public void configureMessageBroker(MessageBrokerRegistry registry) {
 		registry.enableSimpleBroker("/queue/", "/topic/");
 		registry.setApplicationDestinationPrefixes("/app");

samples/boot/websocket/src/main/java/sample/data/User.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -23,9 +23,8 @@ import javax.persistence.Entity;
 import javax.persistence.GeneratedValue;
 import javax.persistence.GenerationType;
 import javax.persistence.Id;
-
-import org.hibernate.validator.constraints.Email;
-import org.hibernate.validator.constraints.NotEmpty;
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotEmpty;
 
 import org.springframework.security.crypto.password.PasswordEncoder;
 

samples/boot/websocket/src/main/java/sample/security/UserRepositoryUserDetailsService.java

@@ -49,6 +49,7 @@ public class UserRepositoryUserDetailsService implements UserDetailsService {
 	 * org.springframework.security.core.userdetails.UserDetailsService#loadUserByUsername
 	 * (java.lang.String)
 	 */
+	@Override
 	public UserDetails loadUserByUsername(String username)
 			throws UsernameNotFoundException {
 		User user = this.userRepository.findByEmail(username);
@@ -64,26 +65,32 @@ public class UserRepositoryUserDetailsService implements UserDetailsService {
 			super(user);
 		}
 
+		@Override
 		public Collection<? extends GrantedAuthority> getAuthorities() {
 			return AuthorityUtils.createAuthorityList("ROLE_USER");
 		}
 
+		@Override
 		public String getUsername() {
 			return getEmail();
 		}
 
+		@Override
 		public boolean isAccountNonExpired() {
 			return true;
 		}
 
+		@Override
 		public boolean isAccountNonLocked() {
 			return true;
 		}
 
+		@Override
 		public boolean isCredentialsNonExpired() {
 			return true;
 		}
 
+		@Override
 		public boolean isEnabled() {
 			return true;
 		}

samples/boot/websocket/src/main/java/sample/websocket/WebSocketConnectHandler.java

@@ -41,6 +41,7 @@ public class WebSocketConnectHandler<S>
 		this.repository = repository;
 	}
 
+	@Override
 	public void onApplicationEvent(SessionConnectEvent event) {
 		MessageHeaders headers = event.getMessage().getHeaders();
 		Principal user = SimpMessageHeaderAccessor.getUser(headers);

samples/boot/websocket/src/main/java/sample/websocket/WebSocketDisconnectHandler.java

@@ -36,6 +36,7 @@ public class WebSocketDisconnectHandler<S>
 		this.repository = repository;
 	}
 
+	@Override
 	public void onApplicationEvent(SessionDisconnectEvent event) {
 		String id = event.getSessionId();
 		if (id == null) {

samples/boot/websocket/src/test/java/sample/ApplicationTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -55,7 +55,7 @@ import org.springframework.web.socket.sockjs.client.WebSocketTransport;
 @ContextConfiguration(initializers = ApplicationTests.Initializer.class)
 public class ApplicationTests {
 
-	private static final String DOCKER_IMAGE = "redis:4.0.2";
+	private static final String DOCKER_IMAGE = "redis:4.0.6";
 
 	@ClassRule
 	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)

samples/gradle/dependency-management.gradle

@@ -0,0 +1,18 @@
+dependencyManagement {
+	dependencies {
+		dependency 'ch.qos.logback:logback-classic:1.2.3'
+		dependency 'com.maxmind.geoip2:geoip2:2.3.1'
+		dependency 'javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:1.2.1'
+		dependency 'javax.servlet.jsp:javax.servlet.jsp-api:2.3.2-b02'
+		dependency 'org.apache.taglibs:taglibs-standard-jstlel:1.2.5'
+		dependency 'org.slf4j:jcl-over-slf4j:1.7.25'
+		dependency 'org.slf4j:log4j-over-slf4j:1.7.25'
+		dependency 'org.webjars:bootstrap:2.3.2'
+		dependency 'org.webjars:html5shiv:3.7.3'
+		dependency 'org.webjars:jquery:1.12.4'
+		dependency 'org.webjars:knockout:2.3.0'
+		dependency 'org.webjars:sockjs-client:0.3.4'
+		dependency 'org.webjars:stomp-websocket:2.3.0'
+		dependency 'org.webjars:webjars-taglib:0.3'
+	}
+}

samples/javaconfig/custom-cookie/src/main/java/sample/EmbeddedRedisConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -30,7 +30,7 @@ import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactor
 @Profile("embedded-redis")
 public class EmbeddedRedisConfig {
 
-	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.2";
+	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.6";
 
 	@Bean(initMethod = "start")
 	public GenericContainer redisContainer() {

samples/javaconfig/hazelcast/src/main/java/sample/ObjectStreamSerializer.java

@@ -36,10 +36,12 @@ import com.hazelcast.nio.serialization.StreamSerializer;
  *
  */
 public class ObjectStreamSerializer implements StreamSerializer<Object> {
+	@Override
 	public int getTypeId() {
 		return 2;
 	}
 
+	@Override
 	public void write(ObjectDataOutput objectDataOutput, Object object)
 			throws IOException {
 		ObjectOutputStream out = new ObjectOutputStream((OutputStream) objectDataOutput);
@@ -47,6 +49,7 @@ public class ObjectStreamSerializer implements StreamSerializer<Object> {
 		out.flush();
 	}
 
+	@Override
 	public Object read(ObjectDataInput objectDataInput) throws IOException {
 		ObjectInputStream in = new ObjectInputStream((InputStream) objectDataInput);
 		try {
@@ -57,6 +60,7 @@ public class ObjectStreamSerializer implements StreamSerializer<Object> {
 		}
 	}
 
+	@Override
 	public void destroy() {
 	}
 

samples/javaconfig/hazelcast/src/main/java/sample/SecurityConfig.java

@@ -16,18 +16,19 @@
 
 package sample;
 
-/**
- * @author Rob Winch
- */
-
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.core.userdetails.User;
 
+/**
+ * @author Rob Winch
+ */
 @EnableWebSecurity
 public class SecurityConfig {
 	@Autowired
 	public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
-		auth.inMemoryAuthentication().withUser("user").password("password").roles("USER");
+		auth.inMemoryAuthentication().withUser(User.withDefaultPasswordEncoder()
+				.username("user").password("password").roles("USER").build());
 	}
 }

samples/javaconfig/hazelcast/src/main/java/sample/SessionConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2016 the original author or authors.
+ * Copyright 2014-2017 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -57,7 +57,7 @@ public class SessionConfig {
 				.setName(HazelcastSessionRepository.PRINCIPAL_NAME_ATTRIBUTE)
 				.setExtractor(PrincipalNameExtractor.class.getName());
 
-		config.getMapConfig("spring:session:sessions")
+		config.getMapConfig(HazelcastSessionRepository.DEFAULT_SESSION_MAP_NAME)
 				.addMapAttributeConfig(attributeConfig)
 				.addMapIndexConfig(new MapIndexConfig(
 						HazelcastSessionRepository.PRINCIPAL_NAME_ATTRIBUTE, false));

samples/javaconfig/jdbc/src/main/java/sample/H2ConsoleInitializer.java

@@ -24,6 +24,7 @@ import org.springframework.web.WebApplicationInitializer;
 
 public class H2ConsoleInitializer implements WebApplicationInitializer {
 
+	@Override
 	public void onStartup(ServletContext servletContext) throws ServletException {
 		servletContext.addServlet("h2Console", new WebServlet()).addMapping("/h2-console/*");
 	}

samples/javaconfig/redis/src/main/java/sample/EmbeddedRedisConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -30,7 +30,7 @@ import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactor
 @Profile("embedded-redis")
 public class EmbeddedRedisConfig {
 
-	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.2";
+	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.6";
 
 	@Bean(initMethod = "start")
 	public GenericContainer redisContainer() {

samples/javaconfig/rest/src/integration-test/java/rest/RestMockMvcTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -31,11 +31,11 @@ import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactor
 import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.session.Session;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
-import org.springframework.session.web.http.HeaderHttpSessionStrategy;
-import org.springframework.session.web.http.HttpSessionStrategy;
+import org.springframework.session.web.http.HeaderHttpSessionIdResolver;
+import org.springframework.session.web.http.HttpSessionIdResolver;
 import org.springframework.session.web.http.SessionRepositoryFilter;
 import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.context.web.WebAppConfiguration;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.setup.MockMvcBuilders;
@@ -49,13 +49,13 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
-@RunWith(SpringJUnit4ClassRunner.class)
+@RunWith(SpringRunner.class)
 @ContextConfiguration(classes = { RestMockMvcTests.Config.class, SecurityConfig.class,
 		MvcConfig.class })
 @WebAppConfiguration
 public class RestMockMvcTests {
 
-	private static final String DOCKER_IMAGE = "redis:4.0.2";
+	private static final String DOCKER_IMAGE = "redis:4.0.6";
 
 	@ClassRule
 	public static GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE)
@@ -104,8 +104,8 @@ public class RestMockMvcTests {
 		}
 
 		@Bean
-		public HttpSessionStrategy httpSessionStrategy() {
-			return new HeaderHttpSessionStrategy();
+		public HttpSessionIdResolver httpSessionIdResolver() {
+			return HeaderHttpSessionIdResolver.xAuthToken();
 		}
 
 	}

samples/javaconfig/rest/src/main/java/sample/EmbeddedRedisConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -30,7 +30,7 @@ import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactor
 @Profile("embedded-redis")
 public class EmbeddedRedisConfig {
 
-	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.2";
+	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.6";
 
 	@Bean(initMethod = "start")
 	public GenericContainer redisContainer() {

samples/javaconfig/rest/src/main/java/sample/HttpSessionConfig.java

@@ -21,8 +21,8 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
 import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
-import org.springframework.session.web.http.HeaderHttpSessionStrategy;
-import org.springframework.session.web.http.HttpSessionStrategy;
+import org.springframework.session.web.http.HeaderHttpSessionIdResolver;
+import org.springframework.session.web.http.HttpSessionIdResolver;
 
 @Import(EmbeddedRedisConfig.class)
 // tag::class[]
@@ -36,8 +36,8 @@ public class HttpSessionConfig {
 	}
 
 	@Bean
-	public HttpSessionStrategy httpSessionStrategy() {
-		return new HeaderHttpSessionStrategy(); // <3>
+	public HttpSessionIdResolver httpSessionIdResolver() {
+		return HeaderHttpSessionIdResolver.xAuthToken(); // <3>
 	}
 }
 // end::class[]

samples/javaconfig/rest/src/main/java/sample/SecurityConfig.java

@@ -21,6 +21,7 @@ import org.springframework.security.config.annotation.authentication.builders.Au
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.User;
 import org.springframework.security.web.savedrequest.NullRequestCache;
 
 @EnableWebSecurity
@@ -40,12 +41,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 	}
 	// @formatter:on
 
-	// @formatter:off
 	@Autowired
 	public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
-		auth
-			.inMemoryAuthentication()
-				.withUser("user").password("password").roles("USER");
+		auth.inMemoryAuthentication().withUser(User.withDefaultPasswordEncoder()
+				.username("user").password("password").roles("USER").build());
 	}
-	// @formatter:on
 }

samples/javaconfig/security/src/main/java/sample/EmbeddedRedisConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -30,7 +30,7 @@ import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactor
 @Profile("embedded-redis")
 public class EmbeddedRedisConfig {
 
-	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.2";
+	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.6";
 
 	@Bean(initMethod = "start")
 	public GenericContainer redisContainer() {

samples/javaconfig/security/src/main/java/sample/SecurityConfig.java

@@ -16,18 +16,19 @@
 
 package sample;
 
-/**
- * @author Rob Winch
- */
-
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.core.userdetails.User;
 
+/**
+ * @author Rob Winch
+ */
 @EnableWebSecurity
 public class SecurityConfig {
 	@Autowired
 	public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
-		auth.inMemoryAuthentication().withUser("user").password("password").roles("USER");
+		auth.inMemoryAuthentication().withUser(User.withDefaultPasswordEncoder()
+				.username("user").password("password").roles("USER").build());
 	}
 }

samples/javaconfig/users/gradle/dependency-management.gradle

@@ -1,5 +0,0 @@
-dependencyManagement {
-	dependencies {
-		dependency 'org.webjars:bootstrap:3.3.6'
-	}
-}

samples/javaconfig/users/spring-session-sample-javaconfig-users.gradle

@@ -1,24 +0,0 @@
-apply plugin: 'io.spring.convention.spring-sample-war'
-
-dependencies {
-	compile project(':spring-session-data-redis')
-	compile "org.springframework:spring-web"
-	compile "io.lettuce:lettuce-core"
-	compile "org.webjars:bootstrap"
-	compile "org.webjars:webjars-taglib"
-	compile jstlDependencies
-	compile slf4jDependencies
-	compile "org.testcontainers:testcontainers"
-
-	providedCompile "javax.servlet:javax.servlet-api"
-
-	testCompile "junit:junit"
-	testCompile "org.springframework:spring-test"
-	testCompile "org.assertj:assertj-core"
-
-	integrationTestCompile seleniumDependencies
-}
-
-gretty {
-	jvmArgs = ['-Dspring.profiles.active=embedded-redis']
-}

samples/javaconfig/users/src/integration-test/java/sample/UserTests.java

@@ -1,236 +0,0 @@
-/*
- * Copyright 2014-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import org.openqa.selenium.WebDriver;
-import org.openqa.selenium.WebElement;
-import org.openqa.selenium.htmlunit.HtmlUnitDriver;
-import sample.pages.HomePage;
-import sample.pages.LinkPage;
-
-import static org.assertj.core.api.Assertions.assertThat;
-
-/**
- * @author Pool Dolorier
- */
-public class UserTests {
-
-	private static final String ROB = "rob";
-	private static final String USERNAME = "username";
-	private static final String LUKE = "luke";
-	private static final String NAV_LINK = "navLink";
-	private static final String HREF = "href";
-	private static final String ADD_ACCOUNT = "addAccount";
-	private static final String UN = "un";
-	private static final String LOGOUT = "logout";
-	private static final String ERROR = "error";
-
-	private WebDriver driver;
-
-	@Before
-	public void setup() {
-		this.driver = new HtmlUnitDriver();
-	}
-
-	@After
-	public void tearDown() {
-		this.driver.quit();
-	}
-
-	@Test
-	public void firstVisitNotAuthenticated() {
-		HomePage homePage = HomePage.go(this.driver);
-		homePage.assertAt();
-		homePage.assertUserNameEmpty();
-	}
-
-	@Test
-	public void invalidLogin() {
-		HomePage homePage = HomePage.go(this.driver);
-		String user = ROB;
-		homePage.login(user, user + "invalid");
-		WebElement errorMessage = homePage.getElementById(ERROR);
-		homePage.assertAt();
-		homePage.assertErrorInvalidAuthentication(errorMessage);
-	}
-
-	@Test
-	public void emptyUsername() {
-		HomePage homePage = HomePage.go(this.driver);
-		homePage.login("", "");
-		WebElement errorMessage = homePage.getElementById(ERROR);
-		homePage.assertAt();
-		homePage.assertErrorInvalidAuthentication(errorMessage);
-	}
-
-	@Test
-	public void loginSingleUser() {
-		loginRob();
-	}
-
-	@Test
-	public void addAccount() {
-		backHomeForAddLukeAccount();
-	}
-
-	@Test
-	public void logInSecondUser() {
-		logInLukeAccount();
-	}
-
-	@Test
-	public void followingLinksKeepsNewSession() {
-		followingLukeLinkSession();
-
-	}
-
-	@Test
-	public void switchAccountRob() {
-		switchAccountRobHomePage();
-	}
-
-	@Test
-	public void followingLinksKeepsOriginalSession() {
-		followingRobLinkSession();
-	}
-
-	@Test
-	public void switchAccountLuke() {
-		switchAccountLukeHomePage();
-	}
-
-	@Test
-	public void logoutLuke() {
-		logoutLukeAccount();
-	}
-
-	@Test
-	public void switchBackRob() {
-		switchBackRobHomePage();
-	}
-
-	@Test
-	public void logoutRob() {
-		logoutRobAccount();
-	}
-
-	private HomePage loginRob() {
-		HomePage home = HomePage.go(this.driver);
-
-		String user = ROB;
-		home.login(user, user);
-		WebElement username = home.getElementById(UN);
-		assertThat(username.getText()).isEqualTo(user);
-		return home;
-	}
-
-	private HomePage backHomeForAddLukeAccount() {
-		HomePage robHome = loginRob();
-
-		String addAccountLink = robHome.getContentAttributeByElementId(ADD_ACCOUNT, HREF);
-		HomePage backHome = robHome.home(this.driver, addAccountLink);
-		WebElement username = backHome.getElementById(USERNAME);
-		assertThat(username.getText()).isEmpty();
-		return backHome;
-	}
-
-	private HomePage logInLukeAccount() {
-		HomePage home = backHomeForAddLukeAccount();
-
-		String secondUser = LUKE;
-		home.login(secondUser, secondUser);
-		WebElement secondUserName = home.getElementById(UN);
-		assertThat(secondUserName.getText()).isEqualTo(secondUser);
-		return home;
-	}
-
-	private LinkPage followingLukeLinkSession() {
-		HomePage lukeHome = logInLukeAccount();
-
-		String navLink = lukeHome.getContentAttributeByElementId(NAV_LINK, HREF);
-		LinkPage lukeLinkPage = lukeHome.linkPage(this.driver, navLink);
-		lukeLinkPage.assertAt();
-		WebElement username = lukeLinkPage.getElementById(UN);
-		assertThat(username.getText()).isEqualTo(LUKE);
-		return lukeLinkPage;
-	}
-
-	private HomePage switchAccountRobHomePage() {
-		LinkPage lukeLinkPage = followingLukeLinkSession();
-
-		String robSwitch = lukeLinkPage.getSwitchElementId(ROB);
-		String switchLink = lukeLinkPage.getContentAttributeByElementId(robSwitch, HREF);
-		HomePage robHome = lukeLinkPage.home(this.driver, switchLink);
-		WebElement username = robHome.getElementById(UN);
-		assertThat(username.getText()).isEqualTo(ROB);
-		return robHome;
-	}
-
-	private LinkPage followingRobLinkSession() {
-		HomePage robHome = switchAccountRobHomePage();
-
-		String navLink = robHome.getContentAttributeByElementId(NAV_LINK, HREF);
-		LinkPage robLinkPage = robHome.linkPage(this.driver, navLink);
-		robLinkPage.assertAt();
-		WebElement username = robLinkPage.getElementById(UN);
-		assertThat(username.getText()).isEqualTo(ROB);
-		return robLinkPage;
-	}
-
-	private HomePage switchAccountLukeHomePage() {
-		LinkPage robLinkPage = followingRobLinkSession();
-
-		String lukeSwitch = robLinkPage.getSwitchElementId(LUKE);
-		String lukeSwitchLink = robLinkPage.getContentAttributeByElementId(lukeSwitch, HREF);
-		HomePage lukeHome = robLinkPage.home(this.driver, lukeSwitchLink);
-		WebElement username = lukeHome.getElementById(UN);
-		assertThat(username.getText()).isEqualTo(LUKE);
-		return lukeHome;
-	}
-
-	private HomePage logoutLukeAccount() {
-		HomePage lukeHome = switchAccountLukeHomePage();
-
-		String logoutLink = lukeHome.getContentAttributeByElementId(LOGOUT, HREF);
-		HomePage home = lukeHome.home(this.driver, logoutLink);
-		home.assertUserNameEmpty();
-		return home;
-	}
-
-	private HomePage switchBackRobHomePage() {
-		HomePage homePage = logoutLukeAccount();
-
-		String robSwitch = homePage.getSwitchElementId(ROB);
-		String robSwitchLink = homePage.getContentAttributeByElementId(robSwitch, HREF);
-		HomePage robHome = homePage.home(this.driver, robSwitchLink);
-		WebElement username = robHome.getElementById(UN);
-		assertThat(username.getText()).isEqualTo(ROB);
-		return robHome;
-	}
-
-	private HomePage logoutRobAccount() {
-		HomePage robHome = switchBackRobHomePage();
-
-		String logoutLink = robHome.getContentAttributeByElementId(LOGOUT, HREF);
-		HomePage home = robHome.home(this.driver, logoutLink);
-		home.assertUserNameEmpty();
-		return home;
-	}
-}

samples/javaconfig/users/src/integration-test/java/sample/pages/BasePage.java

@@ -1,74 +0,0 @@
-/*
- * Copyright 2014-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.pages;
-
-import org.openqa.selenium.By;
-import org.openqa.selenium.WebDriver;
-import org.openqa.selenium.WebElement;
-import org.openqa.selenium.support.PageFactory;
-
-import static org.assertj.core.api.Assertions.assertThat;
-
-/**
- * @author Pool Dolorier
- */
-public abstract class BasePage {
-
-	private WebDriver driver;
-
-	public BasePage(WebDriver driver) {
-		this.driver = driver;
-	}
-
-	public WebDriver getDriver() {
-		return this.driver;
-	}
-
-	public static void get(WebDriver driver, String get) {
-		String baseUrl = "http://localhost:" + System.getProperty("app.port");
-		driver.get(baseUrl + get);
-	}
-
-	public static void getFrom(WebDriver driver, String resourceUrl) {
-		driver.get(resourceUrl);
-	}
-
-	public HomePage home(WebDriver driver, String resourceUrl) {
-		getFrom(driver, resourceUrl);
-		return PageFactory.initElements(driver, HomePage.class);
-	}
-
-	public LinkPage linkPage(WebDriver driver, String resourceUrl) {
-		getFrom(driver, resourceUrl);
-		return PageFactory.initElements(driver, LinkPage.class);
-	}
-
-	public String getSwitchElementId(String user) {
-		return "switchAccount" + user;
-	}
-
-	public WebElement getElementById(String id) {
-		return this.driver.findElement(By.id(id));
-	}
-
-	public String getContentAttributeByElementId(String id, String attribute) {
-		WebElement element = getElementById(id);
-		assertThat(element.getAttribute(attribute)).isNotEmpty();
-		return element.getAttribute(attribute);
-	}
-
-}

samples/javaconfig/users/src/integration-test/java/sample/pages/HomePage.java

@@ -1,66 +0,0 @@
-/*
- * Copyright 2014-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.pages;
-
-import org.openqa.selenium.WebDriver;
-import org.openqa.selenium.WebElement;
-import org.openqa.selenium.support.FindBy;
-import org.openqa.selenium.support.PageFactory;
-
-import static org.assertj.core.api.Assertions.assertThat;
-
-/**
- * @author Pool Dolorier
- */
-public class HomePage extends BasePage {
-
-	@FindBy(name = "username")
-	private WebElement username;
-
-	@FindBy(name = "password")
-	private WebElement password;
-
-	@FindBy(css = "form[method='post']")
-	private WebElement form;
-
-	public HomePage(WebDriver driver) {
-		super(driver);
-	}
-
-	public static HomePage go(WebDriver driver) {
-		get(driver, "/");
-		return PageFactory.initElements(driver, HomePage.class);
-	}
-
-	public void assertAt() {
-		assertThat(getDriver().getTitle()).isEqualTo("Demonstrates Multi User Log In");
-	}
-
-	public void assertUserNameEmpty() {
-		assertThat(this.username.getText()).isEmpty();
-	}
-
-	public void assertErrorInvalidAuthentication(WebElement errorMessage) {
-		assertThat(errorMessage.getText()).isEqualTo("Invalid username / password. Please ensure the username is the same as the password.");
-	}
-
-	public void login(String user, String password) {
-		this.username.sendKeys(user);
-		this.password.sendKeys(password);
-		this.form.submit();
-	}
-}

samples/javaconfig/users/src/main/java/sample/Account.java

@@ -1,45 +0,0 @@
-/*
- * Copyright 2014-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-public class Account {
-	private String username;
-
-	private String logoutUrl;
-
-	private String switchAccountUrl;
-
-	public Account(String username, String logoutUrl, String switchAccountUrl) {
-		super();
-		this.username = username;
-		this.logoutUrl = logoutUrl;
-		this.switchAccountUrl = switchAccountUrl;
-	}
-
-	public String getUsername() {
-		return this.username;
-	}
-
-	public String getLogoutUrl() {
-		return this.logoutUrl;
-	}
-
-	public String getSwitchAccountUrl() {
-		return this.switchAccountUrl;
-	}
-
-}

samples/javaconfig/users/src/main/java/sample/Config.java

@@ -1,39 +0,0 @@
-/*
- * Copyright 2014-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Import;
-import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
-import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
-
-/**
- * @author Rob Winch
- */
-@Import(EmbeddedRedisConfig.class)
-// tag::class[]
-@Configuration
-@EnableRedisHttpSession
-public class Config {
-
-	@Bean
-	public LettuceConnectionFactory connectionFactory() {
-		return new LettuceConnectionFactory();
-	}
-}
-// end::class[]

samples/javaconfig/users/src/main/java/sample/EmbeddedRedisConfig.java

@@ -1,59 +0,0 @@
-/*
- * Copyright 2014-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import java.io.IOException;
-
-import org.testcontainers.containers.GenericContainer;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Primary;
-import org.springframework.context.annotation.Profile;
-import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
-
-@Configuration
-@Profile("embedded-redis")
-public class EmbeddedRedisConfig {
-
-	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.2";
-
-	@Bean(initMethod = "start")
-	public GenericContainer redisContainer() {
-		return new GenericContainer(REDIS_DOCKER_IMAGE) {
-
-			@Override
-			public void close() {
-				super.close();
-				try {
-					this.dockerClient.close();
-				}
-				catch (IOException ignored) {
-				}
-			}
-
-		}.withExposedPorts(6379);
-	}
-
-	@Bean
-	@Primary
-	public LettuceConnectionFactory redisConnectionFactory() {
-		return new LettuceConnectionFactory(redisContainer().getContainerIpAddress(),
-				redisContainer().getFirstMappedPort());
-	}
-
-}

samples/javaconfig/users/src/main/java/sample/Initializer.java

@@ -1,36 +0,0 @@
-/*
- * Copyright 2014-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import javax.servlet.ServletContext;
-
-import org.springframework.session.web.context.AbstractHttpSessionApplicationInitializer;
-
-/**
- * @author Rob Winch
- */
-public class Initializer extends AbstractHttpSessionApplicationInitializer {
-
-	public Initializer() {
-		super(Config.class);
-	}
-
-	@Override
-	protected void afterSessionRepositoryFilter(ServletContext servletContext) {
-		appendFilters(servletContext, new UserAccountsFilter());
-	}
-}

samples/javaconfig/users/src/main/java/sample/LoginServlet.java

@@ -1,48 +0,0 @@
-/*
- * Copyright 2014-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import java.io.IOException;
-
-import javax.servlet.ServletException;
-import javax.servlet.annotation.WebServlet;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-@WebServlet("/login")
-public class LoginServlet extends HttpServlet {
-
-	@Override
-	protected void doPost(HttpServletRequest req, HttpServletResponse resp)
-			throws ServletException, IOException {
-		String username = req.getParameter("username");
-		String password = req.getParameter("password");
-
-		if (username != null && !"".equals(username) && username.equals(password)) {
-			req.getSession().setAttribute("username", username);
-			String url = resp.encodeRedirectURL(req.getContextPath() + "/");
-			resp.sendRedirect(url);
-		}
-		else {
-			String url = resp.encodeRedirectURL(req.getContextPath() + "/?error");
-			resp.sendRedirect(url);
-		}
-	}
-
-	private static final long serialVersionUID = -8157634860354132501L;
-}

samples/javaconfig/users/src/main/java/sample/LogoutServlet.java

@@ -1,43 +0,0 @@
-/*
- * Copyright 2014-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import java.io.IOException;
-
-import javax.servlet.ServletException;
-import javax.servlet.annotation.WebServlet;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
-@WebServlet("/logout")
-public class LogoutServlet extends HttpServlet {
-
-	@Override
-	protected void doGet(HttpServletRequest req, HttpServletResponse resp)
-			throws ServletException, IOException {
-		HttpSession session = req.getSession(false);
-		if (session != null) {
-			session.invalidate();
-		}
-		String url = resp.encodeRedirectURL(req.getContextPath() + "/");
-		resp.sendRedirect(url);
-	}
-
-	private static final long serialVersionUID = 4061762524521437433L;
-}

samples/javaconfig/users/src/main/java/sample/UserAccountsFilter.java

@@ -1,104 +0,0 @@
-/*
- * Copyright 2014-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-
-import org.springframework.session.Session;
-import org.springframework.session.SessionRepository;
-import org.springframework.session.web.http.HttpSessionManager;
-
-public class UserAccountsFilter implements Filter {
-
-	public void init(FilterConfig filterConfig) throws ServletException {
-	}
-
-	@SuppressWarnings("unchecked")
-	public void doFilter(ServletRequest request, ServletResponse response,
-			FilterChain chain) throws IOException, ServletException {
-		HttpServletRequest httpRequest = (HttpServletRequest) request;
-
-		// tag::HttpSessionManager[]
-		HttpSessionManager sessionManager = (HttpSessionManager) httpRequest
-				.getAttribute(HttpSessionManager.class.getName());
-		// end::HttpSessionManager[]
-		SessionRepository<Session> repo = (SessionRepository<Session>) httpRequest
-				.getAttribute(SessionRepository.class.getName());
-
-		String currentSessionAlias = sessionManager.getCurrentSessionAlias(httpRequest);
-		Map<String, String> sessionIds = sessionManager.getSessionIds(httpRequest);
-		String unauthenticatedAlias = null;
-
-		String contextPath = httpRequest.getContextPath();
-		List<Account> accounts = new ArrayList<>();
-		Account currentAccount = null;
-		for (Map.Entry<String, String> entry : sessionIds.entrySet()) {
-			String alias = entry.getKey();
-			String sessionId = entry.getValue();
-
-			Session session = repo.findById(sessionId);
-			if (session == null) {
-				continue;
-			}
-
-			String username = session.getAttribute("username");
-			if (username == null) {
-				unauthenticatedAlias = alias;
-				continue;
-			}
-
-			String logoutUrl = sessionManager.encodeURL("./logout", alias);
-			String switchAccountUrl = sessionManager.encodeURL("./", alias);
-			Account account = new Account(username, logoutUrl, switchAccountUrl);
-			if (currentSessionAlias.equals(alias)) {
-				currentAccount = account;
-			}
-			else {
-				accounts.add(account);
-			}
-		}
-
-		// tag::addAccountUrl[]
-		String addAlias = unauthenticatedAlias == null ? // <1>
-				sessionManager.getNewSessionAlias(httpRequest)
-				: // <2>
-				unauthenticatedAlias; // <3>
-		String addAccountUrl = sessionManager.encodeURL(contextPath, addAlias); // <4>
-		// end::addAccountUrl[]
-
-		httpRequest.setAttribute("currentAccount", currentAccount);
-		httpRequest.setAttribute("addAccountUrl", addAccountUrl);
-		httpRequest.setAttribute("accounts", accounts);
-
-		chain.doFilter(request, response);
-	}
-
-	public void destroy() {
-	}
-
-}

samples/javaconfig/users/src/main/resources/logback.xml

@@ -1,14 +0,0 @@
-<configuration>
-	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
-	<encoder>
-		<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
-	</encoder>
-	</appender>
-
-	<!-- <logger name="org.springframework.security" level="DEBUG"/> -->
-
-	<root level="INFO">
-	<appender-ref ref="STDOUT" />
-	</root>
-
-</configuration>

samples/javaconfig/users/src/main/webapp/assets/js/ie10-viewport-bug-workaround.js

@@ -1,22 +0,0 @@
-/*!
- * IE10 viewport hack for Surface/desktop Windows 8 bug
- * Copyright 2014 Twitter, Inc.
- * Licensed under the Creative Commons Attribution 3.0 Unported License. For
- * details, see http://creativecommons.org/licenses/by/3.0/.
- */
-
-// See the Getting Started docs for more information:
-// http://getbootstrap.com/getting-started/#support-ie10-width
-
-(function () {
-  'use strict';
-  if (navigator.userAgent.match(/IEMobile\/10\.0/)) {
-    var msViewportStyle = document.createElement('style')
-    msViewportStyle.appendChild(
-      document.createTextNode(
-        '@-ms-viewport{width:auto!important}'
-      )
-    )
-    document.querySelector('head').appendChild(msViewportStyle)
-  }
-})();

samples/javaconfig/users/src/main/webapp/index.jsp

@@ -1,112 +0,0 @@
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<%@ taglib prefix="wj" uri="http://www.webjars.org/tags" %>
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <title>Demonstrates Multi User Log In</title>
-    <wj:locate path="bootstrap.min.css" relativeTo="META-INF/resources" var="bootstrapCssLocation"/>
-    <link rel="stylesheet" href="<c:url value="${bootstrapCssLocation}"/>">
-    <style type="text/css">
-        body {
-            padding: 1em;
-        }
-    </style>
-</head>
-<body>
-    <div class="container">
-      <!-- Static navbar -->
-      <nav class="navbar navbar-default" role="navigation">
-        <div class="container-fluid">
-          <div class="navbar-header">
-            <a class="navbar-brand" href="https://github.com/spring-projects/spring-session/">Spring Session</a>
-          </div>
-          <div id="navbar" class="navbar-collapse collapse">
-            <ul class="nav navbar-nav">
-              <c:url value="/" var="homeUrl"/>
-              <li class="active"><a id="navHome" href="${homeUrl}">Home</a></li>
-              <li>
-                  <!-- tag::link[]
-                  -->
-                <c:url value="/link.jsp" var="linkUrl"/>
-                <a id="navLink" href="${linkUrl}">Link</a>
-              <!-- end::link[]
-                              -->
-              </li>
-            </ul>
-            <c:if test="${currentAccount != null or not empty accounts}">
-                <ul class="nav navbar-nav navbar-right">
-                  <li class="dropdown">
-                    <a id="toggle" href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false"><c:out value="${username}"/> <span class="caret"></span></a>
-                    <ul id="user-menu" class="dropdown-menu" role="menu">
-                      <c:if test="${currentAccount != null}">
-                          <li><a id="logout" href="${currentAccount.logoutUrl}">Log Out</a></li>
-                          <li><a id="addAccount" href="${addAccountUrl}">Add Account</a></li>
-                      </c:if>
-                      <c:if test="${not empty accounts}">
-                          <li class="divider"></li>
-                          <li class="dropdown-header">Switch Account</li>
-                          <li class="divider"></li>
-                      </c:if>
-                      <c:forEach items="${accounts}" var="account">
-                          <c:set var="encodedUsername">
-                            <c:out value="${account.username}"/>
-                          </c:set>
-                          <li><a id="switchAccount${encodedUsername}" href="${account.switchAccountUrl}"><c:out value="${account.username}"/></a></li>
-                      </c:forEach>
-                    </ul>
-                  </li>
-                </ul>
-            </c:if>
-          </div><!--/.nav-collapse -->
-        </div><!--/.container-fluid -->
-      </nav>
-
-        <h1>Description</h1>
-        <p>This application demonstrates how to use Spring Session to authenticate as multiple users at a time. View authenticated users in the upper right corner.</p>
-
-        <c:choose>
-            <c:when test="${username == null}">
-                <h1>Please Log In</h1>
-                <p>You are not currently authenticated with this session. You can authenticate with any username password combination that are equal. A few examples to try:</p>
-                <ul>
-                    <li><b>Username</b> rob and <b>Password</b> rob</li>
-                    <li><b>Username</b> luke and <b>Password</b> luke</li>
-                </ul>
-                <c:if test="${param.error != null}">
-                    <div id="error" class="alert alert-danger">Invalid username / password. Please ensure the username is the same as the password.</div>
-                </c:if>
-                <c:url value="/login" var="loginUrl"/>
-                <form action="${loginUrl}" method="post">
-                    <div class="form-group">
-                        <label for="username">Username</label>
-                        <input id="username" type="text" name="username"/>
-                    </div>
-                    <div class="form-group">
-                        <label for="password">Password</label>
-                        <input id="password" type="password" name="password"/>
-                    </div>
-                    <input type="submit" value="Login"/>
-                </form>
-            </c:when>
-            <c:otherwise>
-                <h1 id="un"><c:out value="${username}"/></h1>
-                <p>You are authenticated as <b><c:out value="${username}"/></b>. Observe that you can <a href="${linkUrl}">navigate links</a> and the correct session is used. Using the links in the upper right corner you can:</p>
-                <ul>
-                    <li>Log Out</li>
-                    <li>Switch Accounts</li>
-                    <li>Add Account</li>
-                   </ul>
-            </c:otherwise>
-        </c:choose>
-    </div>
-    <!-- Bootstrap core JavaScript
-    ================================================== -->
-    <!-- Placed at the end of the document so the pages load faster -->
-    <wj:locate path="jquery.min.js" relativeTo="META-INF/resources" var="jqueryLocation"/>
-    <script src="<c:url value="${jqueryLocation}"/>"></script>
-    <wj:locate path="bootstrap.min.js" relativeTo="META-INF/resources" var="bootstrapJsLocation"/>
-    <script src="<c:url value="${bootstrapJsLocation}"/>"></script>
-    <!-- IE10 viewport hack for Surface/desktop Windows 8 bug -->
-    <script src="<c:url value="/assets/js/ie10-viewport-bug-workaround.js"/>"></script>
-</body>
-</html>

samples/javaconfig/users/src/main/webapp/link.jsp

@@ -1,85 +0,0 @@
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<%@ taglib prefix="wj" uri="http://www.webjars.org/tags" %>
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <title>Linked Page</title>
-    <wj:locate path="bootstrap.min.css" relativeTo="META-INF/resources" var="bootstrapCssLocation"/>
-    <link rel="stylesheet" href="<c:url value="${bootstrapCssLocation}"/>">
-    <style type="text/css">
-        body {
-            padding: 1em;
-        }
-    </style>
-</head>
-<body>
-    <div class="container">
-      <!-- Static navbar -->
-      <nav class="navbar navbar-default" role="navigation">
-        <div class="container-fluid">
-          <div class="navbar-header">
-            <a class="navbar-brand" href="https://github.com/spring-projects/spring-session/">Spring Session</a>
-          </div>
-          <div id="navbar" class="navbar-collapse collapse">
-            <ul class="nav navbar-nav">
-              <c:url value="/" var="homeUrl"/>
-              <li><a id="navHome" href="${homeUrl}">Home</a></li>
-              <c:url value="/link.jsp" var="linkUrl"/>
-              <li class="active"><a id="navLink" href="${linkUrl}">Link</a></li>
-
-            </ul>
-            <c:if test="${currentAccount != null or not empty accounts}">
-                <ul class="nav navbar-nav navbar-right">
-                  <li class="dropdown">
-                    <a id="toggle" href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false"><c:out value="${username}"/> <span class="caret"></span></a>
-                    <ul id="user-menu" class="dropdown-menu" role="menu">
-                      <c:if test="${currentAccount != null}">
-                          <li><a id="logout" href="${currentAccount.logoutUrl}">Log Out</a></li>
-                          <li><a id="addAccount" href="${addAccountUrl}">Add Account</a></li>
-                      </c:if>
-                      <c:if test="${not empty accounts}">
-                          <li class="divider"></li>
-                          <li class="dropdown-header">Switch Account</li>
-                          <li class="divider"></li>
-                      </c:if>
-                      <c:forEach items="${accounts}" var="account">
-                          <li><a id="switchAccount${account.username}" href="${account.switchAccountUrl}"><c:out value="${account.username}"/></a></li>
-                      </c:forEach>
-                    </ul>
-                  </li>
-                </ul>
-            </c:if>
-          </div><!--/.nav-collapse -->
-        </div><!--/.container-fluid -->
-      </nav>
-
-        <h1>Description</h1>
-        <p>This page demonstrates how we keep track of the correct user session between links even when multiple tabs are open. Try opening another tab with a different user and browse. Then come back to the original tab and see the correct user is maintained.</p>
-
-        <c:choose>
-            <c:when test="${username == null}">
-                <h1>Please Log In</h1>
-                <p>You are not currently authenticated with this session. <a href="${homeUrl}">Log In</a></p>
-            </c:when>
-            <c:otherwise>
-                <h1 id="un"><c:out value="${username}"/></h1>
-                <p>You are authenticated as <b><c:out value="${username}"/></b>. Observe that you can <a href="${linkUrl}">navigate links</a> and the correct session is used. Using the links in the upper right corner you can:</p>
-                <ul>
-                    <li>Log Out</li>
-                    <li>Switch Accounts</li>
-                    <li>Add Account</li>
-                   </ul>
-            </c:otherwise>
-        </c:choose>
-    </div>
-    <!-- Bootstrap core JavaScript
-    ================================================== -->
-    <!-- Placed at the end of the document so the pages load faster -->
-    <wj:locate path="jquery.min.js" relativeTo="META-INF/resources" var="jqueryLocation"/>
-    <script src="<c:url value="${jqueryLocation}"/>"></script>
-    <wj:locate path="bootstrap.min.js" relativeTo="META-INF/resources" var="bootstrapJsLocation"/>
-    <script src="<c:url value="${bootstrapJsLocation}"/>"></script>
-    <!-- IE10 viewport hack for Surface/desktop Windows 8 bug -->
-    <script src="<c:url value="/assets/js/ie10-viewport-bug-workaround.js"/>"></script>
-</body>
-</html>

samples/javaconfig/webflux/spring-session-sample-javaconfig-webflux.gradle

@@ -1,23 +0,0 @@
-apply plugin: 'io.spring.convention.spring-sample'
-
-dependencies {
-	compile project(':spring-session-data-redis')
-	compile 'io.lettuce:lettuce-core'
-	compile 'io.netty:netty-buffer'
-	compile 'io.projectreactor.ipc:reactor-netty'
-	compile 'org.springframework:spring-context'
-	compile 'org.springframework:spring-web'
-	compile 'org.springframework:spring-webflux'
-	compile 'org.thymeleaf.extras:thymeleaf-extras-java8time'
-	compile 'org.thymeleaf:thymeleaf-spring5'
-	compile 'org.webjars:bootstrap'
-	compile 'org.webjars:webjars-taglib'
-	compile jstlDependencies
-	compile slf4jDependencies
-	compile 'org.testcontainers:testcontainers'
-
-	testCompile 'junit:junit'
-	testCompile 'org.assertj:assertj-core'
-
-	integrationTestCompile seleniumDependencies
-}

samples/javaconfig/webflux/src/main/java/sample/EmbeddedRedisConfig.java

@@ -1,59 +0,0 @@
-/*
- * Copyright 2014-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import java.io.IOException;
-
-import org.testcontainers.containers.GenericContainer;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Primary;
-import org.springframework.context.annotation.Profile;
-import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
-
-@Configuration
-@Profile("embedded-redis")
-public class EmbeddedRedisConfig {
-
-	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.2";
-
-	@Bean(initMethod = "start")
-	public GenericContainer redisContainer() {
-		return new GenericContainer(REDIS_DOCKER_IMAGE) {
-
-			@Override
-			public void close() {
-				super.close();
-				try {
-					this.dockerClient.close();
-				}
-				catch (IOException ignored) {
-				}
-			}
-
-		}.withExposedPorts(6379);
-	}
-
-	@Bean
-	@Primary
-	public LettuceConnectionFactory redisConnectionFactory() {
-		return new LettuceConnectionFactory(redisContainer().getContainerIpAddress(),
-				redisContainer().getFirstMappedPort());
-	}
-
-}

samples/javaconfig/webflux/src/main/java/sample/HelloWebfluxApplication.java

@@ -1,58 +0,0 @@
-/*
- * Copyright 2014-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import reactor.ipc.netty.NettyContext;
-import reactor.ipc.netty.http.server.HttpServer;
-
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.annotation.AnnotationConfigApplicationContext;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.ComponentScan;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.http.server.reactive.HttpHandler;
-import org.springframework.http.server.reactive.ReactorHttpHandlerAdapter;
-import org.springframework.web.reactive.config.EnableWebFlux;
-import org.springframework.web.server.adapter.WebHttpHandlerBuilder;
-
-/**
- * @author Rob Winch
- * @since 5.0
- */
-@Configuration
-@EnableWebFlux
-@ComponentScan
-public class HelloWebfluxApplication {
-	@Value("${server.port:8080}")
-	private int port = 8080;
-
-	public static void main(String[] args) throws Exception {
-		try (AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext(
-				HelloWebfluxApplication.class)) {
-			context.getBean(NettyContext.class).onClose().block();
-		}
-	}
-
-	@Bean
-	public NettyContext nettyContext(ApplicationContext context) {
-		HttpHandler handler = WebHttpHandlerBuilder.applicationContext(context).build();
-		ReactorHttpHandlerAdapter adapter = new ReactorHttpHandlerAdapter(handler);
-		HttpServer httpServer = HttpServer.create("localhost", this.port);
-		return httpServer.newHandler(adapter).block();
-	}
-}

samples/javaconfig/webflux/src/main/java/sample/SSEFluxWebConfig.java

@@ -1,91 +0,0 @@
-/*
- * =============================================================================
- *
- *   Copyright (c) 2011-2014, The THYMELEAF team (http://www.thymeleaf.org)
- *
- *   Licensed under the Apache License, Version 2.0 (the "License");
- *   you may not use this file except in compliance with the License.
- *   You may obtain a copy of the License at
- *
- *       http://www.apache.org/licenses/LICENSE-2.0
- *
- *   Unless required by applicable law or agreed to in writing, software
- *   distributed under the License is distributed on an "AS IS" BASIS,
- *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *   See the License for the specific language governing permissions and
- *   limitations under the License.
- *
- * =============================================================================
- */
-package sample;
-
-import org.thymeleaf.spring5.ISpringWebFluxTemplateEngine;
-import org.thymeleaf.spring5.SpringWebFluxTemplateEngine;
-import org.thymeleaf.spring5.templateresolver.SpringResourceTemplateResolver;
-import org.thymeleaf.spring5.view.reactive.ThymeleafReactiveViewResolver;
-import org.thymeleaf.templatemode.TemplateMode;
-
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-
-@Configuration
-public class SSEFluxWebConfig {
-
-	// TODO * Once there is a Spring Boot starter for thymeleaf-spring5, there would be no
-	// need to have
-	// TODO that @EnableConfigurationProperties annotation or use it for declaring the
-	// beans down in the
-	// TODO "thymeleaf" section below.
-
-	private ApplicationContext applicationContext;
-
-	public SSEFluxWebConfig(final ApplicationContext applicationContext) {
-		super();
-		this.applicationContext = applicationContext;
-	}
-
-	/*
-	 * -------------------------------------- THYMELEAF CONFIGURATION
-	 * --------------------------------------
-	 */
-
-	// TODO * If there was a Spring Boot starter for thymeleaf-spring5 most probably some
-	// or all of these
-	// TODO resolver and engine beans would not need to be specifically declared here.
-
-	@Bean
-	public SpringResourceTemplateResolver thymeleafTemplateResolver() {
-
-		final SpringResourceTemplateResolver resolver = new SpringResourceTemplateResolver();
-		resolver.setApplicationContext(this.applicationContext);
-		resolver.setPrefix("classpath:/templates/");
-		resolver.setSuffix(".html");
-		resolver.setTemplateMode(TemplateMode.HTML);
-		resolver.setCacheable(false);
-		resolver.setCheckExistence(true);
-		return resolver;
-
-	}
-
-	@Bean
-	public ISpringWebFluxTemplateEngine thymeleafTemplateEngine() {
-		// We override here the SpringTemplateEngine instance that would otherwise be
-		// instantiated by
-		// Spring Boot because we want to apply the SpringWebFlux-specific context
-		// factory, link builder...
-		final SpringWebFluxTemplateEngine templateEngine = new SpringWebFluxTemplateEngine();
-		templateEngine.setTemplateResolver(thymeleafTemplateResolver());
-		return templateEngine;
-	}
-
-	@Bean
-	public ThymeleafReactiveViewResolver thymeleafChunkedAndDataDrivenViewResolver() {
-		final ThymeleafReactiveViewResolver viewResolver = new ThymeleafReactiveViewResolver();
-		viewResolver.setTemplateEngine(thymeleafTemplateEngine());
-		viewResolver.setOrder(1);
-		viewResolver.setResponseMaxChunkSizeBytes(8192); // OUTPUT BUFFER size limit
-		return viewResolver;
-	}
-
-}

samples/javaconfig/webflux/src/main/java/sample/ThymeleafWebfluxConfig.java

@@ -1,44 +0,0 @@
-/*
- * Copyright 2014-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.reactive.config.ViewResolverRegistry;
-import org.springframework.web.reactive.config.WebFluxConfigurer;
-import org.springframework.web.reactive.result.view.ViewResolver;
-
-/**
- * @author Rob Winch
- * @since 5.0
- */
-@Configuration
-public class ThymeleafWebfluxConfig implements WebFluxConfigurer {
-
-	@Autowired(required = false)
-	List<ViewResolver> views = new ArrayList<>();
-
-	@Override
-	public void configureViewResolvers(ViewResolverRegistry registry) {
-		for (ViewResolver view : this.views) {
-			registry.viewResolver(view);
-		}
-	}
-}

samples/javaconfig/webflux/src/main/resources/logback.xml

@@ -1,14 +0,0 @@
-<configuration>
-	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
-	<encoder>
-		<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
-	</encoder>
-	</appender>
-
-	<!-- <logger name="org.springframework.security" level="DEBUG"/> -->
-
-	<root level="INFO">
-	<appender-ref ref="STDOUT" />
-	</root>
-
-</configuration>

samples/misc/hazelcast/src/main/java/sample/Initializer.java

@@ -43,6 +43,7 @@ public class Initializer implements ServletContextListener {
 
 	private HazelcastInstance instance;
 
+	@Override
 	public void contextInitialized(ServletContextEvent sce) {
 		this.instance = createHazelcastInstance();
 		Map<String, Session> sessions = this.instance.getMap(SESSION_MAP_NAME);
@@ -55,6 +56,7 @@ public class Initializer implements ServletContextListener {
 		fr.addMappingForUrlPatterns(EnumSet.of(DispatcherType.REQUEST), true, "/*");
 	}
 
+	@Override
 	public void contextDestroyed(ServletContextEvent sce) {
 		this.instance.shutdown();
 	}

samples/xml/redis/src/main/java/sample/EmbeddedRedisConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -30,7 +30,7 @@ import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactor
 @Profile("embedded-redis")
 public class EmbeddedRedisConfig {
 
-	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.2";
+	private static final String REDIS_DOCKER_IMAGE = "redis:4.0.6";
 
 	@Bean(initMethod = "start")
 	public GenericContainer redisContainer() {