Release 2.2.0.M1

Resolves: #1145

build.gradle

@@ -4,7 +4,7 @@ buildscript {
 		snapshotBuild = version.endsWith('SNAPSHOT')
 		milestoneBuild = !(releaseBuild || snapshotBuild)
 
-		springBootVersion = '2.1.4.RELEASE'
+		springBootVersion = '2.1.3.RELEASE'
 	}
 
 	repositories {

gradle.properties

@@ -1 +1 @@
-version=2.1.6.RELEASE
+version=2.2.0.M1

gradle/dependency-management.gradle

@@ -1,33 +1,33 @@
 dependencyManagement {
 	imports {
 		mavenBom 'com.fasterxml.jackson:jackson-bom:2.9.6'
-		mavenBom 'io.projectreactor:reactor-bom:Californium-SR8'
-		mavenBom 'org.springframework:spring-framework-bom:5.1.7.RELEASE'
-		mavenBom 'org.springframework.data:spring-data-releasetrain:Lovelace-SR8'
-		mavenBom 'org.springframework.security:spring-security-bom:5.1.5.RELEASE'
-		mavenBom 'org.testcontainers:testcontainers-bom:1.11.2'
+		mavenBom 'io.projectreactor:reactor-bom:Californium-SR6'
+		mavenBom 'org.springframework:spring-framework-bom:5.2.0.M1'
+		mavenBom 'org.springframework.data:spring-data-releasetrain:Moore-M3'
+		mavenBom 'org.springframework.security:spring-security-bom:5.2.0.M1'
+		mavenBom 'org.testcontainers:testcontainers-bom:1.11.1'
 	}
 
 	dependencies {
-		dependencySet(group: 'com.hazelcast', version: '3.11.4') {
+		dependencySet(group: 'com.hazelcast', version: '3.12') {
 			entry 'hazelcast'
 			entry 'hazelcast-client'
 		}
 
 		dependency 'com.h2database:h2:1.4.199'
-		dependency 'com.microsoft.sqlserver:mssql-jdbc:7.2.2.jre8'
+		dependency 'com.microsoft.sqlserver:mssql-jdbc:7.2.1.jre8'
 		dependency 'com.zaxxer:HikariCP:3.3.1'
 		dependency 'edu.umd.cs.mtc:multithreadedtc:1.01'
 		dependency 'io.lettuce:lettuce-core:5.1.6.RELEASE'
 		dependency 'javax.annotation:javax.annotation-api:1.3.2'
 		dependency 'javax.servlet:javax.servlet-api:4.0.1'
 		dependency 'junit:junit:4.12'
-		dependency 'mysql:mysql-connector-java:8.0.16'
+		dependency 'mysql:mysql-connector-java:8.0.15'
 		dependency 'org.apache.derby:derby:10.14.2.0'
 		dependency 'org.assertj:assertj-core:3.12.2'
 		dependency 'org.hsqldb:hsqldb:2.4.1'
 		dependency 'org.mariadb.jdbc:mariadb-java-client:2.4.1'
-		dependency 'org.mockito:mockito-core:2.27.0'
+		dependency 'org.mockito:mockito-core:2.26.0'
 		dependency 'org.postgresql:postgresql:42.2.5'
 	}
 }

gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-4.10.3-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-5.3.1-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

gradlew

@@ -1,5 +1,21 @@
 #!/usr/bin/env sh
 
+#
+# Copyright 2015 the original author or authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
 ##############################################################################
 ##
 ##  Gradle start up script for UN*X
@@ -28,7 +44,7 @@ APP_NAME="Gradle"
 APP_BASE_NAME=`basename "$0"`
 
 # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS=""
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD="maximum"

gradlew.bat

@@ -1,3 +1,19 @@
+@rem
+@rem Copyright 2015 the original author or authors.
+@rem
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem      http://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+@rem
+
 @if "%DEBUG%" == "" @echo off
 @rem ##########################################################################
 @rem
@@ -14,7 +30,7 @@ set APP_BASE_NAME=%~n0
 set APP_HOME=%DIRNAME%
 
 @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-set DEFAULT_JVM_OPTS=
+set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
 
 @rem Find java.exe
 if defined JAVA_HOME goto findJavaFromJavaHome

spring-session-core/src/main/java/org/springframework/session/config/annotation/web/http/SpringHttpSessionConfiguration.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2018 the original author or authors.
+ * Copyright 2014-2019 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -126,7 +126,6 @@ public class SpringHttpSessionConfiguration implements ApplicationContextAware {
 			SessionRepository<S> sessionRepository) {
 		SessionRepositoryFilter<S> sessionRepositoryFilter = new SessionRepositoryFilter<>(
 				sessionRepository);
-		sessionRepositoryFilter.setServletContext(this.servletContext);
 		sessionRepositoryFilter.setHttpSessionIdResolver(this.httpSessionIdResolver);
 		return sessionRepositoryFilter;
 	}

spring-session-core/src/main/java/org/springframework/session/web/http/SessionRepositoryFilter.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2018 the original author or authors.
+ * Copyright 2014-2019 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -106,8 +106,6 @@ public class SessionRepositoryFilter<S extends Session> extends OncePerRequestFi
 
 	private final SessionRepository<S> sessionRepository;
 
-	private ServletContext servletContext;
-
 	private HttpSessionIdResolver httpSessionIdResolver = new CookieHttpSessionIdResolver();
 
 	/**
@@ -143,7 +141,7 @@ public class SessionRepositoryFilter<S extends Session> extends OncePerRequestFi
 		request.setAttribute(SESSION_REPOSITORY_ATTR, this.sessionRepository);
 
 		SessionRepositoryRequestWrapper wrappedRequest = new SessionRepositoryRequestWrapper(
-				request, response, this.servletContext);
+				request, response);
 		SessionRepositoryResponseWrapper wrappedResponse = new SessionRepositoryResponseWrapper(
 				wrappedRequest, response);
 
@@ -155,10 +153,6 @@ public class SessionRepositoryFilter<S extends Session> extends OncePerRequestFi
 		}
 	}
 
-	public void setServletContext(ServletContext servletContext) {
-		this.servletContext = servletContext;
-	}
-
 	/**
 	 * Allows ensuring that the session is saved if the response is committed.
 	 *
@@ -203,8 +197,6 @@ public class SessionRepositoryFilter<S extends Session> extends OncePerRequestFi
 
 		private final HttpServletResponse response;
 
-		private final ServletContext servletContext;
-
 		private S requestedSession;
 
 		private boolean requestedSessionCached;
@@ -216,10 +208,9 @@ public class SessionRepositoryFilter<S extends Session> extends OncePerRequestFi
 		private boolean requestedSessionInvalidated;
 
 		private SessionRepositoryRequestWrapper(HttpServletRequest request,
-				HttpServletResponse response, ServletContext servletContext) {
+				HttpServletResponse response) {
 			super(request);
 			this.response = response;
-			this.servletContext = servletContext;
 		}
 
 		/**
@@ -340,15 +331,6 @@ public class SessionRepositoryFilter<S extends Session> extends OncePerRequestFi
 			return currentSession;
 		}
 
-		@Override
-		public ServletContext getServletContext() {
-			if (this.servletContext != null) {
-				return this.servletContext;
-			}
-			// Servlet 3.0+
-			return super.getServletContext();
-		}
-
 		@Override
 		public HttpSessionWrapper getSession() {
 			return getSession(true);

spring-session-core/src/test/java/org/springframework/session/web/http/SessionRepositoryFilterTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2018 the original author or authors.
+ * Copyright 2014-2019 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -54,7 +54,6 @@ import org.springframework.core.annotation.AnnotationAwareOrderComparator;
 import org.springframework.mock.web.MockFilterChain;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.mock.web.MockServletContext;
 import org.springframework.session.MapSession;
 import org.springframework.session.MapSessionRepository;
 import org.springframework.session.Session;
@@ -240,22 +239,6 @@ public class SessionRepositoryFilterTests {
 		});
 	}
 
-	// gh-111
-	@Test
-	public void doFilterServletContextExplicit() throws Exception {
-		final ServletContext expectedContext = new MockServletContext();
-		this.filter = new SessionRepositoryFilter<>(this.sessionRepository);
-		this.filter.setServletContext(expectedContext);
-
-		doFilter(new DoInFilter() {
-			@Override
-			public void doFilter(HttpServletRequest wrappedRequest) {
-				ServletContext context = wrappedRequest.getSession().getServletContext();
-				assertThat(context).isSameAs(expectedContext);
-			}
-		});
-	}
-
 	@Test
 	public void doFilterMaxInactiveIntervalDefault() throws Exception {
 		doFilter(new DoInFilter() {

spring-session-data-redis/src/main/java/org/springframework/session/data/redis/RedisOperationsSessionRepository.java

@@ -418,7 +418,7 @@ public class RedisOperationsSessionRepository implements
 
 	@Override
 	public void save(RedisSession session) {
-		session.save();
+		session.saveDelta();
 		if (session.isNew()) {
 			String sessionCreatedKey = getSessionCreatedChannel(session.getId());
 			this.sessionRedisOperations.convertAndSend(sessionCreatedKey, session.delta);
@@ -516,13 +516,12 @@ public class RedisOperationsSessionRepository implements
 
 	@Override
 	public RedisSession createSession() {
-		Duration maxInactiveInterval = Duration
-				.ofSeconds((this.defaultMaxInactiveInterval != null)
-						? this.defaultMaxInactiveInterval
-						: MapSession.DEFAULT_MAX_INACTIVE_INTERVAL_SECONDS);
-		RedisSession session = new RedisSession(maxInactiveInterval);
-		session.flushImmediateIfNecessary();
-		return session;
+		RedisSession redisSession = new RedisSession();
+		if (this.defaultMaxInactiveInterval != null) {
+			redisSession.setMaxInactiveInterval(
+					Duration.ofSeconds(this.defaultMaxInactiveInterval));
+		}
+		return redisSession;
 	}
 
 	@Override
@@ -712,17 +711,14 @@ public class RedisOperationsSessionRepository implements
 		/**
 		 * Creates a new instance ensuring to mark all of the new attributes to be
 		 * persisted in the next save operation.
-		 *
-		 * @param maxInactiveInterval the amount of time that the {@link Session} should
-		 * be kept alive between client requests.
 		 */
-		RedisSession(Duration maxInactiveInterval) {
+		RedisSession() {
 			this(new MapSession());
-			this.cached.setMaxInactiveInterval(maxInactiveInterval);
 			this.delta.put(CREATION_TIME_ATTR, getCreationTime().toEpochMilli());
 			this.delta.put(MAX_INACTIVE_ATTR, (int) getMaxInactiveInterval().getSeconds());
 			this.delta.put(LAST_ACCESSED_ATTR, getLastAccessedTime().toEpochMilli());
 			this.isNew = true;
+			this.flushImmediateIfNecessary();
 		}
 
 		/**
@@ -812,7 +808,7 @@ public class RedisOperationsSessionRepository implements
 
 		private void flushImmediateIfNecessary() {
 			if (RedisOperationsSessionRepository.this.redisFlushMode == RedisFlushMode.IMMEDIATE) {
-				save();
+				saveDelta();
 			}
 		}
 
@@ -821,20 +817,16 @@ public class RedisOperationsSessionRepository implements
 			this.flushImmediateIfNecessary();
 		}
 
-		private void save() {
-			saveChangeSessionId();
-			saveDelta();
-		}
-
 		/**
 		 * Saves any attributes that have been changed and updates the expiration of this
 		 * session.
 		 */
 		private void saveDelta() {
+			String sessionId = getId();
+			saveChangeSessionId(sessionId);
 			if (this.delta.isEmpty()) {
 				return;
 			}
-			String sessionId = getId();
 			getSessionBoundHashOperations(sessionId).putAll(this.delta);
 			String principalSessionKey = getSessionAttrNameKey(
 					FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME);
@@ -867,32 +859,30 @@ public class RedisOperationsSessionRepository implements
 					.onExpirationUpdated(originalExpiration, this);
 		}
 
-		private void saveChangeSessionId() {
-			String sessionId = getId();
-			if (sessionId.equals(this.originalSessionId)) {
-				return;
+		private void saveChangeSessionId(String sessionId) {
+			if (!sessionId.equals(this.originalSessionId)) {
+				if (!isNew()) {
+					String originalSessionIdKey = getSessionKey(this.originalSessionId);
+					String sessionIdKey = getSessionKey(sessionId);
+					try {
+						RedisOperationsSessionRepository.this.sessionRedisOperations
+								.rename(originalSessionIdKey, sessionIdKey);
+					}
+					catch (NonTransientDataAccessException ex) {
+						handleErrNoSuchKeyError(ex);
+					}
+					String originalExpiredKey = getExpiredKey(this.originalSessionId);
+					String expiredKey = getExpiredKey(sessionId);
+					try {
+						RedisOperationsSessionRepository.this.sessionRedisOperations
+								.rename(originalExpiredKey, expiredKey);
+					}
+					catch (NonTransientDataAccessException ex) {
+						handleErrNoSuchKeyError(ex);
+					}
+				}
+				this.originalSessionId = sessionId;
 			}
-			if (!isNew()) {
-				String originalSessionIdKey = getSessionKey(this.originalSessionId);
-				String sessionIdKey = getSessionKey(sessionId);
-				try {
-					RedisOperationsSessionRepository.this.sessionRedisOperations
-							.rename(originalSessionIdKey, sessionIdKey);
-				}
-				catch (NonTransientDataAccessException ex) {
-					handleErrNoSuchKeyError(ex);
-				}
-				String originalExpiredKey = getExpiredKey(this.originalSessionId);
-				String expiredKey = getExpiredKey(sessionId);
-				try {
-					RedisOperationsSessionRepository.this.sessionRedisOperations
-							.rename(originalExpiredKey, expiredKey);
-				}
-				catch (NonTransientDataAccessException ex) {
-					handleErrNoSuchKeyError(ex);
-				}
-			}
-			this.originalSessionId = sessionId;
 		}
 
 		private void handleErrNoSuchKeyError(NonTransientDataAccessException ex) {

spring-session-data-redis/src/main/java/org/springframework/session/data/redis/config/annotation/web/http/RedisHttpSessionConfiguration.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2018 the original author or authors.
+ * Copyright 2014-2019 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -125,7 +125,8 @@ public class RedisHttpSessionConfiguration extends SpringHttpSessionConfiguratio
 	}
 
 	@Bean
-	public RedisMessageListenerContainer redisMessageListenerContainer() {
+	public RedisMessageListenerContainer springSessionRedisMessageListenerContainer(
+			RedisOperationsSessionRepository sessionRepository) {
 		RedisMessageListenerContainer container = new RedisMessageListenerContainer();
 		container.setConnectionFactory(this.redisConnectionFactory);
 		if (this.redisTaskExecutor != null) {
@@ -134,12 +135,13 @@ public class RedisHttpSessionConfiguration extends SpringHttpSessionConfiguratio
 		if (this.redisSubscriptionExecutor != null) {
 			container.setSubscriptionExecutor(this.redisSubscriptionExecutor);
 		}
-		container.addMessageListener(sessionRepository(), Arrays.asList(
-				new ChannelTopic(sessionRepository().getSessionDeletedChannel()),
-				new ChannelTopic(sessionRepository().getSessionExpiredChannel())));
-		container.addMessageListener(sessionRepository(),
+		container.addMessageListener(sessionRepository,
+				Arrays.asList(
+						new ChannelTopic(sessionRepository.getSessionDeletedChannel()),
+						new ChannelTopic(sessionRepository.getSessionExpiredChannel())));
+		container.addMessageListener(sessionRepository,
 				Collections.singletonList(new PatternTopic(
-						sessionRepository().getSessionCreatedChannelPrefix() + "*")));
+						sessionRepository.getSessionCreatedChannelPrefix() + "*")));
 		return container;
 	}
 

spring-session-data-redis/src/test/java/org/springframework/session/data/redis/RedisOperationsSessionRepositoryTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2019 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -343,8 +343,7 @@ public class RedisOperationsSessionRepositoryTests {
 	@Test
 	public void redisSessionGetAttributes() {
 		String attrName = "attrName";
-		RedisSession session = this.redisRepository.new RedisSession(
-				Duration.ofSeconds(MapSession.DEFAULT_MAX_INACTIVE_INTERVAL_SECONDS));
+		RedisSession session = this.redisRepository.new RedisSession();
 		assertThat(session.getAttributeNames()).isEmpty();
 		session.setAttribute(attrName, "attrValue");
 		assertThat(session.getAttributeNames()).containsOnly(attrName);
@@ -758,23 +757,6 @@ public class RedisOperationsSessionRepositoryTests {
 				.isEqualTo(session.getCreationTime().toEpochMilli());
 	}
 
-	@Test // gh-1409
-	public void flushModeImmediateCreateWithCustomMaxInactiveInterval() {
-		given(this.redisOperations.boundHashOps(anyString()))
-				.willReturn(this.boundHashOperations);
-		given(this.redisOperations.boundSetOps(anyString()))
-				.willReturn(this.boundSetOperations);
-		given(this.redisOperations.boundValueOps(anyString()))
-				.willReturn(this.boundValueOperations);
-		this.redisRepository.setDefaultMaxInactiveInterval(60);
-		this.redisRepository.setRedisFlushMode(RedisFlushMode.IMMEDIATE);
-		this.redisRepository.createSession();
-		Map<String, Object> delta = getDelta();
-		assertThat(delta.size()).isEqualTo(3);
-		assertThat(delta.get(RedisOperationsSessionRepository.MAX_INACTIVE_ATTR))
-				.isEqualTo(60);
-	}
-
 	@Test
 	public void flushModeImmediateSetAttribute() {
 		given(this.redisOperations.boundHashOps(anyString()))

spring-session-data-redis/src/test/java/org/springframework/session/data/redis/config/annotation/web/http/RedisHttpSessionConfigurationTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2018 the original author or authors.
+ * Copyright 2014-2019 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,7 @@
 
 package org.springframework.session.data.redis.config.annotation.web.http;
 
+import java.util.Map;
 import java.util.Properties;
 
 import org.junit.After;
@@ -31,6 +32,7 @@ import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
 import org.springframework.data.redis.connection.RedisConnection;
 import org.springframework.data.redis.connection.RedisConnectionFactory;
 import org.springframework.data.redis.core.RedisOperations;
+import org.springframework.data.redis.listener.RedisMessageListenerContainer;
 import org.springframework.mock.env.MockEnvironment;
 import org.springframework.session.data.redis.RedisOperationsSessionRepository;
 import org.springframework.session.data.redis.config.annotation.SpringSessionRedisConnectionFactory;
@@ -190,6 +192,17 @@ public class RedisHttpSessionConfigurationTests {
 				.withMessageContaining("expected single matching bean but found 2");
 	}
 
+	@Test // gh-1252
+	public void customRedisMessageListenerContainerConfig() {
+		registerAndRefresh(RedisConfig.class,
+				CustomRedisMessageListenerContainerConfig.class);
+		Map<String, RedisMessageListenerContainer> beans = this.context
+				.getBeansOfType(RedisMessageListenerContainer.class);
+		assertThat(beans).hasSize(2);
+		assertThat(beans).containsKeys("springSessionRedisMessageListenerContainer",
+				"redisMessageListenerContainer");
+	}
+
 	private void registerAndRefresh(Class<?>... annotatedClasses) {
 		this.context.register(annotatedClasses);
 		this.context.refresh();
@@ -314,4 +327,15 @@ public class RedisHttpSessionConfigurationTests {
 
 	}
 
+	@Configuration
+	@EnableRedisHttpSession
+	static class CustomRedisMessageListenerContainerConfig {
+
+		@Bean
+		public RedisMessageListenerContainer redisMessageListenerContainer() {
+			return new RedisMessageListenerContainer();
+		}
+
+	}
+
 }

spring-session-hazelcast/src/integration-test/java/org/springframework/session/hazelcast/HazelcastClientRepositoryITests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2019 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -48,7 +48,7 @@ import org.springframework.test.context.web.WebAppConfiguration;
 public class HazelcastClientRepositoryITests extends AbstractHazelcastRepositoryITests {
 
 	private static GenericContainer container = new GenericContainer<>(
-			"hazelcast/hazelcast:3.11.4")
+			"hazelcast/hazelcast:3.12")
 					.withExposedPorts(5701)
 					.withEnv("JAVA_OPTS",
 							"-Dhazelcast.config=/opt/hazelcast/config_ext/hazelcast.xml")

spring-session-hazelcast/src/integration-test/resources/hazelcast-server.xml

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <hazelcast xmlns="http://www.hazelcast.com/schema/config"
 		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-		xsi:schemaLocation="http://www.hazelcast.com/schema/config https://www.hazelcast.com/schema/config/hazelcast-config-3.11.xsd">
+		xsi:schemaLocation="http://www.hazelcast.com/schema/config https://www.hazelcast.com/schema/config/hazelcast-config-3.12.xsd">
 
 	<user-code-deployment enabled="true">
 		<class-cache-mode>ETERNAL</class-cache-mode>

spring-session-hazelcast/src/integration-test/resources/org/springframework/session/hazelcast/config/annotation/web/http/hazelcast-custom-idle-time-map-name.xml

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <hazelcast xmlns="http://www.hazelcast.com/schema/config"
 		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-		xsi:schemaLocation="http://www.hazelcast.com/schema/config https://www.hazelcast.com/schema/config/hazelcast-config-3.11.xsd">
+		xsi:schemaLocation="http://www.hazelcast.com/schema/config https://www.hazelcast.com/schema/config/hazelcast-config-3.12.xsd">
 
 	<group>
 		<name>spring-session-it-test-idle-time-map-name</name>

spring-session-hazelcast/src/integration-test/resources/org/springframework/session/hazelcast/config/annotation/web/http/hazelcast-custom-map-name.xml

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <hazelcast xmlns="http://www.hazelcast.com/schema/config"
 		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-		xsi:schemaLocation="http://www.hazelcast.com/schema/config https://www.hazelcast.com/schema/config/hazelcast-config-3.11.xsd">
+		xsi:schemaLocation="http://www.hazelcast.com/schema/config https://www.hazelcast.com/schema/config/hazelcast-config-3.12.xsd">
 
 	<group>
 		<name>spring-session-it-test-map-name</name>

spring-session-hazelcast/src/main/java/org/springframework/session/hazelcast/HazelcastSessionRepository.java

@@ -40,6 +40,8 @@ import org.apache.commons.logging.LogFactory;
 
 import org.springframework.context.ApplicationEvent;
 import org.springframework.context.ApplicationEventPublisher;
+import org.springframework.expression.Expression;
+import org.springframework.expression.spel.standard.SpelExpressionParser;
 import org.springframework.session.FindByIndexNameSessionRepository;
 import org.springframework.session.MapSession;
 import org.springframework.session.Session;
@@ -121,11 +123,15 @@ public class HazelcastSessionRepository implements
 	 */
 	public static final String PRINCIPAL_NAME_ATTRIBUTE = "principalName";
 
+	private static final String SPRING_SECURITY_CONTEXT = "SPRING_SECURITY_CONTEXT";
+
 	private static final boolean SUPPORTS_SET_TTL = ClassUtils
 			.hasAtLeastOneMethodWithName(IMap.class, "setTtl");
 
 	private static final Log logger = LogFactory.getLog(HazelcastSessionRepository.class);
 
+	private static final PrincipalNameResolver principalNameResolver = new PrincipalNameResolver();
+
 	private final HazelcastInstance hazelcastInstance;
 
 	private ApplicationEventPublisher eventPublisher = new ApplicationEventPublisher() {
@@ -427,14 +433,18 @@ public class HazelcastSessionRepository implements
 		public void setAttribute(String attributeName, Object attributeValue) {
 			this.delegate.setAttribute(attributeName, attributeValue);
 			this.delta.put(attributeName, attributeValue);
+			if (SPRING_SECURITY_CONTEXT.equals(attributeName)) {
+				String principal = (attributeValue != null)
+						? principalNameResolver.resolvePrincipal(this)
+						: null;
+				this.delegate.setAttribute(PRINCIPAL_NAME_INDEX_NAME, principal);
+			}
 			flushImmediateIfNecessary();
 		}
 
 		@Override
 		public void removeAttribute(String attributeName) {
-			this.delegate.removeAttribute(attributeName);
-			this.delta.put(attributeName, null);
-			flushImmediateIfNecessary();
+			setAttribute(attributeName, null);
 		}
 
 		MapSession getDelegate() {
@@ -462,4 +472,27 @@ public class HazelcastSessionRepository implements
 
 	}
 
+	/**
+	 * Resolves the Spring Security principal name.
+	 */
+	static class PrincipalNameResolver {
+
+		private SpelExpressionParser parser = new SpelExpressionParser();
+
+		public String resolvePrincipal(Session session) {
+			String principalName = session.getAttribute(PRINCIPAL_NAME_INDEX_NAME);
+			if (principalName != null) {
+				return principalName;
+			}
+			Object authentication = session.getAttribute(SPRING_SECURITY_CONTEXT);
+			if (authentication != null) {
+				Expression expression = this.parser
+						.parseExpression("authentication?.name");
+				return expression.getValue(authentication, String.class);
+			}
+			return null;
+		}
+
+	}
+
 }

spring-session-hazelcast/src/main/java/org/springframework/session/hazelcast/PrincipalNameExtractor.java

@@ -19,11 +19,8 @@ package org.springframework.session.hazelcast;
 import com.hazelcast.query.extractor.ValueCollector;
 import com.hazelcast.query.extractor.ValueExtractor;
 
-import org.springframework.expression.Expression;
-import org.springframework.expression.spel.standard.SpelExpressionParser;
 import org.springframework.session.FindByIndexNameSessionRepository;
 import org.springframework.session.MapSession;
-import org.springframework.session.Session;
 
 /**
  * Hazelcast {@link ValueExtractor} responsible for extracting principal name from the
@@ -34,43 +31,14 @@ import org.springframework.session.Session;
  */
 public class PrincipalNameExtractor extends ValueExtractor<MapSession, String> {
 
-	private static final PrincipalNameResolver PRINCIPAL_NAME_RESOLVER =
-			new PrincipalNameResolver();
-
 	@Override
 	@SuppressWarnings("unchecked")
-	public void extract(MapSession target, String argument,
-			ValueCollector collector) {
-		String principalName = PRINCIPAL_NAME_RESOLVER.resolvePrincipal(target);
+	public void extract(MapSession target, String argument, ValueCollector collector) {
+		String principalName = target
+				.getAttribute(FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME);
 		if (principalName != null) {
 			collector.addObject(principalName);
 		}
 	}
 
-	/**
-	 * Resolves the Spring Security principal name.
-	 */
-	static class PrincipalNameResolver {
-
-		private static final String SPRING_SECURITY_CONTEXT = "SPRING_SECURITY_CONTEXT";
-
-		private SpelExpressionParser parser = new SpelExpressionParser();
-
-		public String resolvePrincipal(Session session) {
-			String principalName = session.getAttribute(
-					FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME);
-			if (principalName != null) {
-				return principalName;
-			}
-			Object authentication = session.getAttribute(SPRING_SECURITY_CONTEXT);
-			if (authentication != null) {
-				Expression expression = this.parser
-						.parseExpression("authentication?.name");
-				return expression.getValue(authentication, String.class);
-			}
-			return null;
-		}
-
-	}
-
 }

spring-session-jdbc/src/integration-test/java/org/springframework/session/jdbc/AbstractJdbcOperationsSessionRepositoryITests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2019 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -797,14 +797,18 @@ public abstract class AbstractJdbcOperationsSessionRepositoryITests {
 		MapSession delegate = (MapSession) ReflectionTestUtils.getField(session,
 				"delegate");
 
-		Supplier attribute1 = delegate.getAttribute("attribute1");
-		assertThat(ReflectionTestUtils.getField(attribute1, "value")).isNull();
 		assertThat((String) session.getAttribute("attribute1")).isEqualTo("value1");
-		assertThat(ReflectionTestUtils.getField(attribute1, "value")).isEqualTo("value1");
-		Supplier attribute2 = delegate.getAttribute("attribute2");
-		assertThat(ReflectionTestUtils.getField(attribute2, "value")).isNull();
+		assertThat(delegate).isNotNull();
+		assertThat(ReflectionTestUtils
+				.getField((Supplier) delegate.getAttribute("attribute1"), "value"))
+						.isEqualTo("value1");
+		assertThat(ReflectionTestUtils
+				.getField((Supplier) delegate.getAttribute("attribute2"), "value"))
+						.isNull();
 		assertThat((String) session.getAttribute("attribute2")).isEqualTo("value2");
-		assertThat(ReflectionTestUtils.getField(attribute2, "value")).isEqualTo("value2");
+		assertThat(ReflectionTestUtils
+				.getField((Supplier) delegate.getAttribute("attribute2"), "value"))
+						.isEqualTo("value2");
 	}
 
 	@Test // gh-1203

spring-session-jdbc/src/integration-test/java/org/springframework/session/jdbc/DatabaseContainers.java

@@ -72,7 +72,7 @@ final class DatabaseContainers {
 	private static class MariaDb5Container extends MariaDBContainer<MariaDb5Container> {
 
 		MariaDb5Container() {
-			super("mariadb:5.5.64");
+			super("mariadb:5.5.63");
 		}
 
 		@Override
@@ -103,7 +103,7 @@ final class DatabaseContainers {
 	private static class MySql5Container extends MySQLContainer<MySql5Container> {
 
 		MySql5Container() {
-			super("mysql:5.7.26");
+			super("mysql:5.7.25");
 		}
 
 		@Override
@@ -123,7 +123,7 @@ final class DatabaseContainers {
 	private static class MySql8Container extends MySQLContainer<MySql8Container> {
 
 		MySql8Container() {
-			super("mysql:8.0.16");
+			super("mysql:8.0.15");
 		}
 
 		@Override
@@ -143,7 +143,7 @@ final class DatabaseContainers {
 			extends PostgreSQLContainer<PostgreSql9Container> {
 
 		PostgreSql9Container() {
-			super("postgres:9.6.13");
+			super("postgres:9.6.12");
 		}
 
 	}
@@ -152,7 +152,7 @@ final class DatabaseContainers {
 			extends PostgreSQLContainer<PostgreSql10Container> {
 
 		PostgreSql10Container() {
-			super("postgres:10.8");
+			super("postgres:10.7");
 		}
 
 	}
@@ -161,7 +161,7 @@ final class DatabaseContainers {
 			extends PostgreSQLContainer<PostgreSql11Container> {
 
 		PostgreSql11Container() {
-			super("postgres:11.3");
+			super("postgres:11.2");
 		}
 
 	}
@@ -170,7 +170,7 @@ final class DatabaseContainers {
 			extends MSSQLServerContainer<SqlServer2017Container> {
 
 		SqlServer2017Container() {
-			super("mcr.microsoft.com/mssql/server:2017-CU14");
+			super("mcr.microsoft.com/mssql/server:2017-CU13");
 		}
 
 	}

spring-session-jdbc/src/integration-test/resources/container-license-acceptance.txt

@@ -1 +1 @@
-mcr.microsoft.com/mssql/server:2017-CU14
+mcr.microsoft.com/mssql/server:2017-CU13

spring-session-jdbc/src/main/java/org/springframework/session/jdbc/JdbcOperationsSessionRepository.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2019 the original author or authors.
+ * Copyright 2014-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -532,8 +532,7 @@ public class JdbcOperationsSessionRepository implements
 						public void setValues(PreparedStatement ps, int i) throws SQLException {
 							String attributeName = attributeNames.get(i);
 							ps.setString(1, attributeName);
-							getLobHandler().getLobCreator().setBlobAsBytes(ps, 2,
-									serialize(session.getAttribute(attributeName)));
+							setObjectAsBlob(ps, 2, session.getAttribute(attributeName));
 							ps.setString(3, session.getId());
 						}
 
@@ -548,8 +547,7 @@ public class JdbcOperationsSessionRepository implements
 			this.jdbcOperations.update(this.createSessionAttributeQuery, (ps) -> {
 				String attributeName = attributeNames.get(0);
 				ps.setString(1, attributeName);
-				getLobHandler().getLobCreator().setBlobAsBytes(ps, 2,
-						serialize(session.getAttribute(attributeName)));
+				setObjectAsBlob(ps, 2, session.getAttribute(attributeName));
 				ps.setString(3, session.getId());
 			});
 		}
@@ -563,8 +561,7 @@ public class JdbcOperationsSessionRepository implements
 						@Override
 						public void setValues(PreparedStatement ps, int i) throws SQLException {
 							String attributeName = attributeNames.get(i);
-							getLobHandler().getLobCreator().setBlobAsBytes(ps, 1,
-									serialize(session.getAttribute(attributeName)));
+							setObjectAsBlob(ps, 1, session.getAttribute(attributeName));
 							ps.setString(2, session.primaryKey);
 							ps.setString(3, attributeName);
 						}
@@ -579,8 +576,7 @@ public class JdbcOperationsSessionRepository implements
 		else {
 			this.jdbcOperations.update(this.updateSessionAttributeQuery, (ps) -> {
 				String attributeName = attributeNames.get(0);
-				getLobHandler().getLobCreator().setBlobAsBytes(ps, 1,
-						serialize(session.getAttribute(attributeName)));
+				setObjectAsBlob(ps, 1, session.getAttribute(attributeName));
 				ps.setString(2, session.primaryKey);
 				ps.setString(3, attributeName);
 			});
@@ -663,17 +659,16 @@ public class JdbcOperationsSessionRepository implements
 				getQuery(DELETE_SESSIONS_BY_EXPIRY_TIME_QUERY);
 	}
 
-	private LobHandler getLobHandler() {
-		return this.lobHandler;
-	}
-
-	private byte[] serialize(Object object) {
-		return (byte[]) this.conversionService.convert(object,
+	private void setObjectAsBlob(PreparedStatement ps, int paramIndex, Object object)
+			throws SQLException {
+		byte[] bytes = (byte[]) this.conversionService.convert(object,
 				TypeDescriptor.valueOf(Object.class),
 				TypeDescriptor.valueOf(byte[].class));
+		this.lobHandler.getLobCreator().setBlobAsBytes(ps, paramIndex, bytes);
 	}
 
-	private Object deserialize(byte[] bytes) {
+	private Object getBlobAsObject(ResultSet rs, String columnName) throws SQLException {
+		byte[] bytes = this.lobHandler.getBlobAsBytes(rs, columnName);
 		return this.conversionService.convert(bytes, TypeDescriptor.valueOf(byte[].class),
 				TypeDescriptor.valueOf(Object.class));
 	}
@@ -903,9 +898,8 @@ public class JdbcOperationsSessionRepository implements
 				}
 				String attributeName = rs.getString("ATTRIBUTE_NAME");
 				if (attributeName != null) {
-					byte[] bytes = getLobHandler().getBlobAsBytes(rs, "ATTRIBUTE_BYTES");
-					session.delegate.setAttribute(attributeName,
-							lazily(() -> deserialize(bytes)));
+					Object attributeValue = getBlobAsObject(rs, "ATTRIBUTE_BYTES");
+					session.delegate.setAttribute(attributeName, lazily(() -> attributeValue));
 				}
 				sessions.add(session);
 			}