Fix indentation for cron job

Deploy pipeline test

.github/ISSUE_TEMPLATE.md

@@ -1,7 +0,0 @@
-<!--
-For Security Vulnerabilities, please use https://pivotal.io/security#reporting
--->
-
-<!--
-Thanks for raising a Spring Session issue. Please provide a brief description of your problem along with the version of Spring Session that you are using. If possible, please also consider putting together a sample application that reproduces the issue.
--->

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,24 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: 'type: bug, status: waiting-for-triage'
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior.
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Sample**
+
+A link to a GitHub repository with a [minimal, reproducible sample](https://stackoverflow.com/help/minimal-reproducible-example).
+
+Reports that include a sample will take priority over reports that do not.
+At times, we may require a sample, so it is good to try and include a sample up front.

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Community Support
+    url: https://stackoverflow.com/questions/tagged/spring-security
+    about: Please ask and answer questions on StackOverflow with the tag spring-session

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,25 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: 'status: waiting-for-triage, type: enhancement'
+assignees: ''
+
+---
+
+**Expected Behavior**
+
+<!--- Tell us how it should work -->
+
+**Current Behavior**
+
+<!--- Explain the difference from current behavior -->
+
+**Context**
+
+<!--- 
+How has this issue affected you?
+What are you trying to accomplish?
+What other alternatives have you considered?
+Are you aware of any workarounds?
+-->

.github/workflows/continuous-integration-workflow.yml

@@ -0,0 +1,82 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - master
+  schedule:
+    - cron: '0 10 * * *' # Once per day at 10am UTC
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        jdk: [8, 11]
+      fail-fast: false
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up JDK ${{ matrix.jdk }}
+        uses: actions/setup-java@v1
+        with:
+          java-version: ${{ matrix.jdk }}
+      - name: Cache Gradle packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.gradle/caches
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
+      - name: Build with Gradle
+        run: ./gradlew clean build --no-daemon --stacktrace
+  artifacts:
+    name: Deploy Artifacts
+    needs: [build]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up JDK
+        uses: actions/setup-java@v1
+        with:
+          java-version: '8'
+      - name: Deploy artifacts
+        run: |
+          export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"
+          export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"
+          export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"
+          export VERSION_HEADER=$'Version: GnuPG v2\n\n'
+          export ORG_GRADLE_PROJECT_signingKey=${GPG_PRIVATE_KEY#"$VERSION_HEADER"}
+          export ORG_GRADLE_PROJECT_signingPassword="$GPG_PASSPHRASE"
+          ./gradlew deployArtifacts finalizeDeployArtifacts -PossrhUsername="$OSSRH_USERNAME" -PossrhPassword="$OSSRH_PASSWORD" -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" --stacktrace
+        env:
+          GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+          OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+          OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
+          ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}
+          ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
+          GRADLE_ENTERPRISE_CACHE_USER: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }}
+          GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }}
+          GRADLE_ENTERPRISE_SECRET_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }}
+  docs:
+    name: Deploy Docs
+    needs: [build]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up JDK
+        uses: actions/setup-java@v1
+        with:
+          java-version: '8'
+      - name: Deploy Docs
+        run: |
+          export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"
+          export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"
+          export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"
+          ./gradlew deployDocs --no-daemon -PdeployDocsSshKey="$DOCS_SSH_KEY" -PdeployDocsSshUsername="$DOCS_USERNAME" -PdeployDocsHost="$DOCS_HOST" --stacktrace
+        env:
+          DOCS_USERNAME: ${{ secrets.DOCS_USERNAME }}
+          DOCS_SSH_KEY: ${{ secrets.DOCS_SSH_KEY }}
+          DOCS_HOST: ${{ secrets.DOCS_HOST }}
+          GRADLE_ENTERPRISE_CACHE_USER: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }}
+          GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }}
+          GRADLE_ENTERPRISE_SECRET_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }}

.github/workflows/pr-build-workflow.yml

@@ -0,0 +1,25 @@
+name: PR Build
+
+on: pull_request
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        jdk: [8, 11]
+      fail-fast: false
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up JDK ${{ matrix.jdk }}
+        uses: actions/setup-java@v1
+        with:
+          java-version: ${{ matrix.jdk }}
+      - name: Cache Gradle packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.gradle/caches
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
+      - name: Build with Gradle
+        run: ./gradlew clean build --no-daemon --stacktrace

.gitignore

@@ -13,3 +13,4 @@ out
 .checkstyle
 !etc/eclipse/.checkstyle
 !**/src/**/build
+.DS_Store

.travis.yml

@@ -1,16 +0,0 @@
-sudo: required
-language: java
-jdk:
-  - openjdk8
-  - openjdk11
-services:
-  - docker
-before_cache:
-  - rm -f $HOME/.gradle/caches/modules-2/modules-2.lock
-  - rm -fr $HOME/.gradle/caches/*/plugin-resolution/
-cache:
-  directories:
-    - $HOME/.gradle/caches/
-    - $HOME/.gradle/wrapper/
-install: true
-script: ./gradlew clean check --no-daemon --stacktrace

CODE_OF_CONDUCT.adoc

@@ -1,44 +0,0 @@
-= Contributor Code of Conduct
-
-As contributors and maintainers of this project, and in the interest of fostering an open
-and welcoming community, we pledge to respect all people who contribute through reporting
-issues, posting feature requests, updating documentation, submitting pull requests or
-patches, and other activities.
-
-We are committed to making participation in this project a harassment-free experience for
-everyone, regardless of level of experience, gender, gender identity and expression,
-sexual orientation, disability, personal appearance, body size, race, ethnicity, age,
-religion, or nationality.
-
-Examples of unacceptable behavior by participants include:
-
-* The use of sexualized language or imagery
-* Personal attacks
-* Trolling or insulting/derogatory comments
-* Public or private harassment
-* Publishing other's private information, such as physical or electronic addresses,
-  without explicit permission
-* Other unethical or unprofessional conduct
-
-Project maintainers have the right and responsibility to remove, edit, or reject comments,
-commits, code, wiki edits, issues, and other contributions that are not aligned to this
-Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors
-that they deem inappropriate, threatening, offensive, or harmful.
-
-By adopting this Code of Conduct, project maintainers commit themselves to fairly and
-consistently applying these principles to every aspect of managing this project. Project
-maintainers who do not follow or enforce the Code of Conduct may be permanently removed
-from the project team.
-
-This Code of Conduct applies both within project spaces and in public spaces when an
-individual is representing the project or its community.
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by
-contacting a project maintainer at spring-code-of-conduct@pivotal.io . All complaints will
-be reviewed and investigated and will result in a response that is deemed necessary and
-appropriate to the circumstances. Maintainers are obligated to maintain confidentiality
-with regard to the reporter of an incident.
-
-This Code of Conduct is adapted from the
-https://contributor-covenant.org[Contributor Covenant], version 1.3.0, available at
-https://contributor-covenant.org/version/1/3/0/[contributor-covenant.org/version/1/3/0/]

CONTRIBUTING.adoc

@@ -3,9 +3,16 @@
 Spring Session is released under the Apache 2.0 license. If you would like to contribute
 something, or simply want to hack on the code this document should help you get started.
 
+
 == Code of Conduct
-This project adheres to the Contributor Covenant link:CODE_OF_CONDUCT.adoc[code of conduct].
-By participating, you  are expected to uphold this code. Please report unacceptable behavior to spring-code-of-conduct@pivotal.io.
+
+Please see our https://github.com/spring-projects/.github/blob/master/CODE_OF_CONDUCT.md[code of conduct]
+
+
+== Reporting Security Vulnerabilities
+
+Please see our https://github.com/spring-projects/spring-session/security/policy[Security policy].
+
 
 == Using GitHub issues
 

Jenkinsfile

@@ -1,181 +0,0 @@
-properties([
-		buildDiscarder(logRotator(numToKeepStr: '10')),
-		pipelineTriggers([
-				cron('@daily')
-		]),
-])
-
-def SUCCESS = hudson.model.Result.SUCCESS.toString()
-currentBuild.result = SUCCESS
-
-try {
-	parallel check: {
-		stage('Check') {
-			timeout(time: 45, unit: 'MINUTES') {
-				node('linux') {
-					label 'spring-session'
-					checkout scm
-					sh "git clean -dfx"
-					try {
-						withEnv(["JAVA_HOME=${tool 'jdk8'}"]) {
-							sh './gradlew clean check --no-daemon --stacktrace'
-						}
-					}
-					catch (e) {
-						currentBuild.result = 'FAILED: check'
-						throw e
-					}
-					finally {
-						junit '**/build/test-results/*/*.xml'
-					}
-				}
-			}
-		}
-	},
-	jdk9: {
-		stage('JDK 9') {
-			timeout(time: 45, unit: 'MINUTES') {
-				node('linux') {
-					checkout scm
-					sh "git clean -dfx"
-					try {
-						withEnv(["JAVA_HOME=${tool 'jdk9'}"]) {
-							sh './gradlew clean test --no-daemon --stacktrace'
-						}
-					}
-					catch (e) {
-						currentBuild.result = 'FAILED: jdk9'
-						throw e
-					}
-				}
-			}
-		}
-	},
-	jdk10: {
-		stage('JDK 10') {
-			timeout(time: 45, unit: 'MINUTES') {
-				node('linux') {
-					checkout scm
-					sh "git clean -dfx"
-					try {
-						withEnv(["JAVA_HOME=${tool 'jdk10'}"]) {
-							sh './gradlew clean test --no-daemon --stacktrace'
-						}
-					}
-					catch (e) {
-						currentBuild.result = 'FAILED: jdk10'
-						throw e
-					}
-				}
-			}
-		}
-	},
-	jdk11: {
-		stage('JDK 11') {
-			timeout(time: 45, unit: 'MINUTES') {
-				node('linux') {
-					checkout scm
-					sh "git clean -dfx"
-					try {
-						withEnv(["JAVA_HOME=${tool 'jdk11'}"]) {
-							sh './gradlew clean test integrationTest --no-daemon --stacktrace'
-						}
-					}
-					catch (e) {
-						currentBuild.result = 'FAILED: jdk11'
-						throw e
-					}
-				}
-			}
-		}
-	},
-	jdk12: {
-		stage('JDK 12') {
-			timeout(time: 45, unit: 'MINUTES') {
-				node('linux') {
-					checkout scm
-					try {
-						withEnv(["JAVA_HOME=${tool 'openjdk12'}"]) {
-							sh './gradlew clean test integrationTest --no-daemon --stacktrace'
-						}
-					}
-					catch (e) {
-						currentBuild.result = 'FAILED: jdk12'
-						throw e
-					}
-				}
-			}
-		}
-	}
-
-	if (currentBuild.result == 'SUCCESS') {
-		parallel artifacts: {
-			stage('Deploy Artifacts') {
-				node('linux') {
-					checkout scm
-					sh "git clean -dfx"
-					try {
-						withCredentials([file(credentialsId: 'spring-signing-secring.gpg', variable: 'SIGNING_KEYRING_FILE')]) {
-							withCredentials([string(credentialsId: 'spring-gpg-passphrase', variable: 'SIGNING_PASSWORD')]) {
-								withCredentials([usernamePassword(credentialsId: 'oss-token', passwordVariable: 'OSSRH_PASSWORD', usernameVariable: 'OSSRH_USERNAME')]) {
-									withCredentials([usernamePassword(credentialsId: '02bd1690-b54f-4c9f-819d-a77cb7a9822c', usernameVariable: 'ARTIFACTORY_USERNAME', passwordVariable: 'ARTIFACTORY_PASSWORD')]) {
-										withEnv(["JAVA_HOME=${tool 'jdk8'}"]) {
-											sh './gradlew deployArtifacts --no-daemon --stacktrace -Psigning.secretKeyRingFile=$SIGNING_KEYRING_FILE -Psigning.keyId=$SPRING_SIGNING_KEYID -Psigning.password=$SIGNING_PASSWORD -PossrhUsername=$OSSRH_USERNAME -PossrhPassword=$OSSRH_PASSWORD -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD'
-                                            sh './gradlew finalizeDeployArtifacts --no-daemon --stacktrace -Psigning.secretKeyRingFile=$SIGNING_KEYRING_FILE -Psigning.keyId=$SPRING_SIGNING_KEYID -Psigning.password=$SIGNING_PASSWORD -PossrhUsername=$OSSRH_USERNAME -PossrhPassword=$OSSRH_PASSWORD -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD'
-										}
-									}
-								}
-							}
-						}
-					}
-					catch (e) {
-						currentBuild.result = 'FAILED: artifacts'
-						throw e
-					}
-				}
-			}
-		},
-		docs: {
-			stage('Deploy Docs') {
-				node('linux') {
-					checkout scm
-					sh "git clean -dfx"
-					try {
-						withCredentials([file(credentialsId: 'docs.spring.io-jenkins_private_ssh_key', variable: 'DEPLOY_SSH_KEY')]) {
-							withEnv(["JAVA_HOME=${tool 'jdk8'}"]) {
-								sh './gradlew deployDocs --no-daemon --stacktrace -PdeployDocsSshKeyPath=$DEPLOY_SSH_KEY -PdeployDocsSshUsername=$SPRING_DOCS_USERNAME'
-							}
-						}
-					}
-					catch (e) {
-						currentBuild.result = 'FAILED: docs'
-						throw e
-					}
-				}
-			}
-		}
-	}
-}
-finally {
-	def buildStatus = currentBuild.result
-	def buildNotSuccess = !SUCCESS.equals(buildStatus)
-	def lastBuildNotSuccess = !SUCCESS.equals(currentBuild.previousBuild?.result)
-
-	if (buildNotSuccess || lastBuildNotSuccess) {
-		stage('Notify') {
-			node {
-				final def RECIPIENTS = [[$class: 'DevelopersRecipientProvider'], [$class: 'RequesterRecipientProvider']]
-
-				def subject = "${buildStatus}: Build ${env.JOB_NAME} ${env.BUILD_NUMBER} status is now ${buildStatus}"
-				def details = "The build status changed to ${buildStatus}. For details see ${env.BUILD_URL}"
-
-				emailext(
-						subject: subject,
-						body: details,
-						recipientProviders: RECIPIENTS,
-						to: "$SPRING_SESSION_TEAM_EMAILS"
-				)
-			}
-		}
-	}
-}

README.adoc

@@ -1,6 +1,8 @@
 = Spring Session
 
-image:https://travis-ci.org/spring-projects/spring-session.svg?branch=master["Build Status", link="https://travis-ci.org/spring-projects/spring-session"] image:https://badges.gitter.im/spring-projects/spring-session.svg[link="https://gitter.im/spring-projects/spring-session?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge"]
+image:https://badges.gitter.im/spring-projects/spring-session.svg[link="https://gitter.im/spring-projects/spring-session?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge"]
+
+image:https://github.com/spring-projects/spring-session/workflows/CI/badge.svg?branch=master["Build Status", link="https://github.com/spring-projects/spring-session/actions?query=workflow%3ACI"]
 
 Spring Session provides an API and implementations for managing a user's session information, while also making it trivial to support clustered sessions without being tied to an application container specific solution.
 It also provides transparent integration with:
@@ -18,10 +20,16 @@ Spring Session consists of the following modules:
 * Spring Session JDBC - provides `SessionRepository` implementation backed by a relational database and configuration support
 * Spring Session Hazelcast - provides `SessionRepository` implementation backed by Hazelcast and configuration support
 
+
 == Code of Conduct
 
-This project adheres to the Contributor Covenant link:CODE_OF_CONDUCT.adoc[code of conduct].
-By participating, you  are expected to uphold this code. Please report unacceptable behavior to spring-code-of-conduct@pivotal.io.
+Please see our https://github.com/spring-projects/.github/blob/master/CODE_OF_CONDUCT.md[code of conduct]
+
+
+== Reporting Security Vulnerabilities
+
+Please see our https://github.com/spring-projects/spring-session/security/policy[Security policy].
+
 
 == Spring Session Project Site
 

build.gradle

@@ -4,16 +4,17 @@ buildscript {
 		snapshotBuild = version.endsWith('SNAPSHOT')
 		milestoneBuild = !(releaseBuild || snapshotBuild)
 
-		springBootVersion = '2.2.5.RELEASE'
+		springBootVersion = '2.3.1.RELEASE'
 	}
 
 	repositories {
 		gradlePluginPortal()
 		maven { url 'https://repo.spring.io/plugins-release/' }
+        maven { url 'https://repo.spring.io/plugins-snapshot' }
 	}
 
 	dependencies {
-		classpath 'io.spring.gradle:spring-build-conventions:0.0.28.RELEASE'
+		classpath 'io.spring.gradle:spring-build-conventions:0.0.34.RELEASE'
 		classpath "org.springframework.boot:spring-boot-gradle-plugin:$springBootVersion"
 	}
 }

gradle.properties

@@ -1,3 +1,3 @@
 org.gradle.jvmargs=-Xmx2g -XX:MaxMetaspaceSize=512m -XX:+HeapDumpOnOutOfMemoryError -Dfile.encoding=UTF-8
 org.gradle.parallel=true
-version=2.3.0.RC1
+version=2.4.0-SNAPSHOT

gradle/dependency-management.gradle

@@ -1,35 +1,36 @@
 dependencyManagement {
 	imports {
-		mavenBom 'io.projectreactor:reactor-bom:Dysprosium-SR5'
-		mavenBom 'org.junit:junit-bom:5.6.0'
-		mavenBom 'org.springframework:spring-framework-bom:5.2.4.RELEASE'
-		mavenBom 'org.springframework.data:spring-data-releasetrain:Neumann-M3'
-		mavenBom 'org.springframework.security:spring-security-bom:5.3.0.RC1'
-		mavenBom 'org.testcontainers:testcontainers-bom:1.12.2'
+		mavenBom 'io.projectreactor:reactor-bom:Dysprosium-SR9'
+		mavenBom 'org.junit:junit-bom:5.6.2'
+		mavenBom 'org.springframework:spring-framework-bom:5.3.0-M1'
+		mavenBom 'org.springframework.data:spring-data-bom:2020.0.0-M1'
+		mavenBom 'org.springframework.security:spring-security-bom:5.3.3.RELEASE'
+		mavenBom 'org.testcontainers:testcontainers-bom:1.14.3'
 	}
 
 	dependencies {
-		dependencySet(group: 'com.hazelcast', version: '3.12.6') {
+		dependencySet(group: 'com.hazelcast', version: '3.12.7') {
 			entry 'hazelcast'
 			entry 'hazelcast-client'
 		}
 
+		dependency 'org.aspectj:aspectjweaver:1.9.6'
 		dependency 'com.h2database:h2:1.4.200'
 		dependency 'com.ibm.db2:jcc:11.5.0.0'
 		dependency 'com.microsoft.sqlserver:mssql-jdbc:7.4.1.jre8'
-		dependency 'com.oracle.ojdbc:ojdbc8:19.3.0.0'
-		dependency 'com.zaxxer:HikariCP:3.4.1'
+		dependency 'com.oracle.database.jdbc:ojdbc8:19.6.0.0'
+		dependency 'com.zaxxer:HikariCP:3.4.5'
 		dependency 'edu.umd.cs.mtc:multithreadedtc:1.01'
-		dependency 'io.lettuce:lettuce-core:5.2.2.RELEASE'
+		dependency 'io.lettuce:lettuce-core:5.3.1.RELEASE'
 		dependency 'javax.annotation:javax.annotation-api:1.3.2'
 		dependency 'javax.servlet:javax.servlet-api:4.0.1'
 		dependency 'junit:junit:4.13'
-		dependency 'mysql:mysql-connector-java:8.0.19'
+		dependency 'mysql:mysql-connector-java:8.0.20'
 		dependency 'org.apache.derby:derby:10.14.2.0'
-		dependency 'org.assertj:assertj-core:3.15.0'
+		dependency 'org.assertj:assertj-core:3.16.1'
 		dependency 'org.hsqldb:hsqldb:2.5.0'
-		dependency 'org.mariadb.jdbc:mariadb-java-client:2.4.4'
-		dependency 'org.mockito:mockito-core:3.3.0'
-		dependency 'org.postgresql:postgresql:42.2.10'
+		dependency 'org.mariadb.jdbc:mariadb-java-client:2.6.1'
+		dependency 'org.mockito:mockito-core:3.3.3'
+		dependency 'org.postgresql:postgresql:42.2.14'
 	}
 }

spring-session-core/spring-session-core.gradle

@@ -25,5 +25,6 @@ dependencies {
 	testCompile "org.springframework.security:spring-security-core"
 	testCompile "org.junit.jupiter:junit-jupiter-api"
 	testCompile "org.junit.jupiter:junit-jupiter-params"
+	testCompile "org.aspectj:aspectjweaver"
 	testRuntime "org.junit.jupiter:junit-jupiter-engine"
 }

spring-session-core/src/main/java/org/springframework/session/web/http/DefaultCookieSerializer.java

@@ -308,7 +308,7 @@ public class DefaultCookieSerializer implements CookieSerializer {
 	/**
 	 * Sets the maxAge property of the Cookie. The default is to delete the cookie when
 	 * the browser is closed.
-	 * @param cookieMaxAge the maxAge property of the Cookie
+	 * @param cookieMaxAge the maxAge property of the Cookie (defined in seconds)
 	 */
 	public void setCookieMaxAge(int cookieMaxAge) {
 		this.cookieMaxAge = cookieMaxAge;

spring-session-core/src/main/java/org/springframework/session/web/http/OncePerRequestFilter.java

@@ -64,7 +64,7 @@ abstract class OncePerRequestFilter implements Filter {
 		}
 		HttpServletRequest httpRequest = (HttpServletRequest) request;
 		HttpServletResponse httpResponse = (HttpServletResponse) response;
-		String alreadyFilteredAttributeName = this.alreadyFilteredAttributeName;
+		String alreadyFilteredAttributeName = getAlreadyFilteredAttributeName();
 		boolean hasAlreadyFilteredAttribute = request.getAttribute(alreadyFilteredAttributeName) != null;
 
 		if (hasAlreadyFilteredAttribute) {

spring-session-core/src/test/java/org/springframework/session/web/http/OncePerRequestFilterAopTests.java

@@ -0,0 +1,70 @@
+/*
+ * Copyright 2014-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.session.web.http;
+
+import org.aspectj.lang.annotation.AfterReturning;
+import org.aspectj.lang.annotation.Aspect;
+import org.junit.jupiter.api.Test;
+import org.mockito.Mockito;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.EnableAspectJAutoProxy;
+import org.springframework.mock.web.MockFilterChain;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.session.SessionRepository;
+import org.springframework.session.web.http.OncePerRequestFilterAopTests.Config;
+import org.springframework.test.context.junit.jupiter.SpringJUnitConfig;
+
+import static org.assertj.core.api.Assertions.assertThatCode;
+
+@SpringJUnitConfig(classes = Config.class)
+class OncePerRequestFilterAopTests {
+
+	@Test
+	void doFilterOnce(@Autowired final OncePerRequestFilter filter) {
+		assertThatCode(() -> filter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(),
+				new MockFilterChain())).as("`doFilter` does not throw NPE with the bean is being proxied by Spring AOP")
+						.doesNotThrowAnyException();
+	}
+
+	@SuppressWarnings({ "rawtypes", "unchecked" })
+	@Configuration
+	@EnableAspectJAutoProxy(proxyTargetClass = true)
+	@Aspect
+	public static class Config {
+
+		@Bean
+		public SessionRepository sessionRepository() {
+			return Mockito.mock(SessionRepository.class);
+		}
+
+		@Bean
+		public SessionRepositoryFilter filter() {
+			return new SessionRepositoryFilter(sessionRepository());
+		}
+
+		@AfterReturning("execution(* SessionRepositoryFilter.doFilterInternal(..))")
+		public void doInternalFilterPointcut() {
+			// no op
+		}
+
+	}
+
+}

spring-session-data-redis/src/integration-test/java/org/springframework/session/data/redis/RedisIndexedSessionRepositoryITests.java

@@ -18,6 +18,7 @@ package org.springframework.session.data.redis;
 
 import java.nio.charset.StandardCharsets;
 import java.util.Map;
+import java.util.Set;
 import java.util.UUID;
 
 import org.junit.jupiter.api.BeforeEach;
@@ -134,6 +135,22 @@ class RedisIndexedSessionRepositoryITests extends AbstractRedisITests {
 				.isEqualTo(expectedAttributeValue);
 	}
 
+	@Test
+	void removeAttributeRemovedAttributeKey() {
+		RedisSession toSave = this.repository.createSession();
+		toSave.setAttribute("a", "b");
+		this.repository.save(toSave);
+
+		toSave.removeAttribute("a");
+		this.repository.save(toSave);
+
+		String id = toSave.getId();
+		String key = "RedisIndexedSessionRepositoryITests:sessions:" + id;
+
+		Set<Map.Entry<Object, Object>> entries = this.redis.boundHashOps(key).entries().entrySet();
+		assertThat(entries).extracting(Map.Entry::getKey).doesNotContain("sessionAttr:a");
+	}
+
 	@Test
 	void putAllOnSingleAttrDoesNotRemoveOld() {
 		RedisSession toSave = this.repository.createSession();

spring-session-data-redis/src/main/java/org/springframework/session/data/redis/RedisIndexedSessionRepository.java

@@ -792,7 +792,8 @@ public class RedisIndexedSessionRepository
 				return;
 			}
 			String sessionId = getId();
-			getSessionBoundHashOperations(sessionId).putAll(this.delta);
+			BoundHashOperations<Object, Object, Object> boundHashOperations = getSessionBoundHashOperations(sessionId);
+			boundHashOperations.putAll(this.delta);
 			String principalSessionKey = getSessionAttrNameKey(
 					FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME);
 			String securityPrincipalSessionKey = getSessionAttrNameKey(SPRING_SECURITY_CONTEXT);
@@ -811,6 +812,11 @@ public class RedisIndexedSessionRepository
 							.add(sessionId);
 				}
 			}
+			for (final Map.Entry<String, Object> attribute : this.delta.entrySet()) {
+				if (attribute.getValue() == null) {
+					boundHashOperations.delete(attribute.getKey());
+				}
+			}
 
 			this.delta = new HashMap<>(this.delta.size());
 

spring-session-docs/spring-session-docs.gradle

@@ -25,7 +25,22 @@ dependencies {
 
 def versions = dependencyManagement.managedVersions
 
+asciidoctorPdf {
+    clearSources()
+    sources {
+        include "index.adoc"
+    }
+}
+
 asciidoctor {
+    clearSources()
+    sources {
+        include "index.adoc"
+        include "guides/*.adoc"
+    }
+}
+
+asciidoctorj {
 	def ghTag = snapshotBuild ? 'master' : project.version
 	def ghUrl = "https://github.com/spring-projects/spring-session/tree/$ghTag"
 

spring-session-docs/src/docs/asciidoc/guides/boot-findbyusername.adoc

@@ -28,7 +28,7 @@ Consider the following scenario:
 
 * User goes to library and authenticates to the application.
 * User goes home and realizes they forgot to log out.
-* User can log in and terminate the session from the library using clues like the location, created time, last accessed time, and so on.
+* User can log in and end the session from the library using clues like the location, created time, last accessed time, and so on.
 
 Would it not be nice if we could let the user invalidate the session at the library from any device with which they authenticate?
 This sample demonstrates how this is possible.
@@ -145,5 +145,5 @@ You can emulate the flow we discussed in the <<About the Sample>> section by doi
 * Enter the following to log in:
 ** *Username* _user_
 ** *Password* _password_
-* Terminate your original session.
+* End your original session.
 * Refresh the original window and see that you are logged out.

spring-session-docs/src/docs/asciidoc/guides/boot-jdbc.adoc

@@ -52,6 +52,9 @@ spring.session.store-type=jdbc # Session store type.
 ----
 ====
 
+If a single Spring Session module is present on the classpath, Spring Boot uses that store implementation automatically.
+If you have more than one implementation, you must choose the StoreType that you wish to use to store the sessions, as shows above.
+
 Under the hood, Spring Boot applies configuration that is equivalent to manually adding the `@EnableJdbcHttpSession` annotation.
 This creates a Spring bean with the name of `springSessionRepositoryFilter`. That bean implements `Filter`.
 The filter is in charge of replacing the `HttpSession` implementation to be backed by Spring Session.

spring-session-docs/src/docs/asciidoc/guides/boot-redis.adoc

@@ -59,7 +59,7 @@ Further customization is possible by using `application.properties`, as the foll
 .src/main/resources/application.properties
 ----
 server.servlet.session.timeout= # Session timeout. If a duration suffix is not specified, seconds is used.
-spring.session.redis.flush-mode=on-save # Sessions flush mode.
+spring.session.redis.flush-mode=on_save # Sessions flush mode.
 spring.session.redis.namespace=spring:session # Namespace for keys used to store sessions.
 ----
 ====

spring-session-docs/src/docs/asciidoc/guides/boot-webflux-custom-cookie.adoc

@@ -0,0 +1,66 @@
+= Spring Session - WebFlux with Custom Cookie
+Eleftheria Stein-Kousathana
+:toc: left
+:stylesdir: ../
+:highlightjsdir: ../js/highlight
+:docinfodir: guides
+
+This guide describes how to configure Spring Session to use custom cookies in a WebFlux based application.
+The guide assumes you have already set up Spring Session in your project using your chosen data store. For example, link:./boot-redis.html[HttpSession with Redis].
+
+NOTE: You can find the completed guide in the <<webflux-custom-cookie-sample, WebFlux Custom Cookie sample application>>.
+
+[#index-link]
+link:../index.html[Index]
+
+[[webflux-custom-cookie-spring-configuration]]
+== Spring Boot Configuration
+
+Once you have set up Spring Session, you can customize how the session cookie is written by exposing a `WebSessionIdResolver` as a Spring bean.
+Spring Session uses a `CookieWebSessionIdResolver` by default.
+Exposing the `WebSessionIdResolver` as a Spring bean augments the existing configuration when you use configurations like `@EnableRedisHttpSession`.
+The following example shows how to customize Spring Session's cookie:
+
+====
+[source,java]
+----
+include::{samples-dir}spring-session-sample-boot-webflux-custom-cookie/src/main/java/sample/CookieConfig.java[tags=webflux-cookie-serializer]
+----
+
+<1> We customize the name of the cookie to be `JSESSIONID`.
+<2> We customize the path of the cookie to be `/` (rather than the default of the context root).
+<3> We customize the `SameSite` cookie directive to be `Strict`.
+====
+
+[[webflux-custom-cookie-sample]]
+== `webflux-custom-cookie` Sample Application
+
+This section describes how to work with the `webflux-custom-cookie` sample application.
+
+=== Running the `webflux-custom-cookie` Sample Application
+
+You can run the sample by obtaining the {download-url}[source code] and invoking the following command:
+
+====
+----
+$ ./gradlew :spring-session-sample-boot-webflux-custom-cookie:bootRun
+----
+====
+
+NOTE: For the sample to work, you must https://redis.io/download[install Redis 2.8+] on localhost and run it with the default port (6379).
+Alternatively, you can update the `RedisConnectionFactory` to point to a Redis server.
+Another option is to use https://www.docker.com/[Docker] to run Redis on localhost. See https://hub.docker.com/_/redis/[Docker Redis repository] for detailed instructions.
+
+You should now be able to access the application at http://localhost:8080/
+
+=== Exploring the `webflux-custom-cookie` Sample Application
+
+Now you can use the application. Fill out the form with the following information:
+
+* *Attribute Name:* _username_
+* *Attribute Value:* _rob_
+
+Now click the *Set Attribute* button.
+You should now see the values displayed in the table.
+
+If you look at the cookies for the application, you can see the cookie is saved to the custom name of `JSESSIONID`.

spring-session-docs/src/docs/asciidoc/guides/boot-websocket.adoc

@@ -20,7 +20,7 @@ link:../index.html[Index]
 
 == HttpSession Setup
 
-The first step is to integrate Spring Session with the HttpSession. These steps are already outlined in the link:httpsession.html[HttpSession Guide].
+The first step is to integrate Spring Session with the HttpSession. These steps are already outlined in the link:./boot-redis.html[HttpSession with Redis Guide].
 
 Please make sure you have already integrated Spring Session with HttpSession before proceeding.
 
@@ -59,14 +59,14 @@ What does `AbstractSessionWebSocketMessageBrokerConfigurer` do behind the scenes
 
 * `WebSocketConnectHandlerDecoratorFactory` is added as a `WebSocketHandlerDecoratorFactory` to `WebSocketTransportRegistration`.
 This ensures a custom `SessionConnectEvent` is fired that contains the `WebSocketSession`.
-The `WebSocketSession` is necessary to terminate any WebSocket connections that are still open when a Spring Session is terminated.
+The `WebSocketSession` is necessary to end any WebSocket connections that are still open when a Spring Session is ended.
 * `SessionRepositoryMessageInterceptor` is added as a `HandshakeInterceptor` to every `StompWebSocketEndpointRegistration`.
 This ensures that the `Session` is added to the WebSocket properties to enable updating the last accessed time.
 * `SessionRepositoryMessageInterceptor` is added as a `ChannelInterceptor` to our inbound `ChannelRegistration`.
 This ensures that every time an inbound message is received, that the last accessed time of our Spring Session is updated.
 * `WebSocketRegistryListener` is created as a Spring bean.
 This ensures that we have a mapping of all of the `Session` IDs to the corresponding WebSocket connections.
-By maintaining this mapping, we can close all the WebSocket connections when a Spring Session (HttpSession) is terminated.
+By maintaining this mapping, we can close all the WebSocket connections when a Spring Session (HttpSession) is ended.
 
 
 // end::config[]
@@ -131,7 +131,7 @@ You can see that the message is no longer sent.
 ====
 Spring Session expires in 60 seconds, but the notification from Redis is not guaranteed to happen within 60 seconds.
 To ensure the socket is closed in a reasonable amount of time, Spring Session runs a background task every minute at 00 seconds that forcibly cleans up any expired sessions.
-This means you need to wait at most two minutes before the WebSocket connection is terminated.
+This means you need to wait at most two minutes before the WebSocket connection is closed.
 ====
 
 You can now try accessing http://localhost:8080/

spring-session-docs/src/docs/asciidoc/guides/java-custom-cookie.adoc

@@ -6,7 +6,7 @@ Rob Winch; Eleftheria Stein-Kousathana
 :docinfodir: guides
 
 This guide describes how to configure Spring Session to use custom cookies with Java Configuration.
-The guide assumes you have already link:./httpsession.html[set up Spring Session in your project].
+The guide assumes you have already set up Spring Session in your project using your chosen data store. For example, link:./boot-redis.html[HttpSession with Redis].
 
 NOTE: You can find the completed guide in the <<custom-cookie-sample, Custom Cookie sample application>>.
 

spring-session-docs/src/docs/asciidoc/guides/java-jdbc.adoc

@@ -128,6 +128,36 @@ Doing so ensures that the Spring bean named `springSessionRepositoryFilter` is r
 <2> `AbstractHttpSessionApplicationInitializer` also provides a mechanism to ensure Spring loads our `Config`.
 ====
 
+== Multiple DataSources
+Spring Session provides the `@SpringSessionDataSource` qualifier, allowing you to explicitly declare which `DataSource` bean should be injected in `JdbcIndexedSessionRepository`.
+This is particularly useful in scenarios with multiple `DataSource` beans present in the application context.
+
+The following example shows how to do so:
+
+====
+.Config.java
+[source,java]
+----
+@EnableJdbcHttpSession
+public class Config {
+
+	@Bean
+	@SpringSessionDataSource // <1>
+	public EmbeddedDatabase firstDataSource() {
+		return new EmbeddedDatabaseBuilder()
+				.setType(EmbeddedDatabaseType.H2).addScript("org/springframework/session/jdbc/schema-h2.sql").build();
+	}
+
+	@Bean
+	public HikariDataSource secondDataSource() {
+		// ...
+	}
+}
+----
+
+<1> This qualifier declares that firstDataSource is to be used by Spring Session.
+====
+
 // end::config[]
 
 [[httpsession-jdbc-sample]]

spring-session-docs/src/docs/asciidoc/guides/xml-jdbc.adoc

@@ -107,7 +107,7 @@ For additional information on how to configure data access-related concerns, see
 
 == XML Servlet Container Initialization
 
-Our <<httpsession-xml-spring-configuration,Spring Configuration>> created a Spring bean named `springSessionRepositoryFilter` that implements `Filter`.
+Our <<httpsession-jdbc-xml-spring-configuration,Spring Configuration>> created a Spring bean named `springSessionRepositoryFilter` that implements `Filter`.
 The `springSessionRepositoryFilter` bean is responsible for replacing the `HttpSession` with a custom implementation that is backed by Spring Session.
 
 In order for our `Filter` to do its magic, we need to instruct Spring to load our `session.xml` configuration.

spring-session-docs/src/docs/asciidoc/index.adoc

@@ -70,6 +70,10 @@ To get started with Spring Session, the best place to start is our Sample Applic
 | Demonstrates how to use Spring Session to replace the Spring WebFlux's `WebSession` with Redis.
 |
 
+| {gh-samples-url}spring-session-sample-boot-webflux-custom-cookie[WebFlux with Custom Cookie]
+| Demonstrates how to use Spring Session to customize the Session cookie in a WebFlux based application.
+| link:guides/boot-webflux-custom-cookie.html[WebFlux with Custom Cookie Guide]
+
 | {gh-samples-url}spring-session-sample-boot-redis-json[HttpSession with Redis JSON serialization]
 | Demonstrates how to use Spring Session to replace the `HttpSession` with Redis using JSON serialization.
 |
@@ -289,7 +293,7 @@ Any method that returns an `HttpSession` is overridden.
 All other methods are implemented by `HttpServletRequestWrapper` and delegate to the original `HttpServletRequest` implementation.
 
 We replace the `HttpServletRequest` implementation by using a servlet `Filter` called `SessionRepositoryFilter`.
-The pseudocode belows:
+The following pseudocode shows how it works:
 
 ====
 [source, java]
@@ -1173,8 +1177,8 @@ include::{session-jdbc-main-resources-dir}org/springframework/session/jdbc/schem
 
 ==== Transaction Management
 
-All JDBC operations in `JdbcIndexedSessionRepository` are executed in a transactional manner.
-Transactions are executed with propagation set to `REQUIRES_NEW` in order to avoid unexpected behavior due to interference with existing transactions (for example, running a `save` operation in a thread that already participates in a read-only transaction).
+All JDBC operations in `JdbcIndexedSessionRepository` are performed in a transactional manner.
+Transactions are performed with propagation set to `REQUIRES_NEW` in order to avoid unexpected behavior due to interference with existing transactions (for example, running a `save` operation in a thread that already participates in a read-only transaction).
 
 [[api-hazelcastindexedsessionrepository]]
 === Using `HazelcastIndexedSessionRepository`

spring-session-jdbc/spring-session-jdbc.gradle

@@ -16,7 +16,7 @@ dependencies {
 	integrationTestCompile "com.h2database:h2"
 	integrationTestCompile "com.ibm.db2:jcc"
 	integrationTestCompile "com.microsoft.sqlserver:mssql-jdbc"
-	integrationTestCompile "com.oracle.ojdbc:ojdbc8"
+	integrationTestCompile "com.oracle.database.jdbc:ojdbc8"
 	integrationTestCompile "com.zaxxer:HikariCP"
 	integrationTestCompile "mysql:mysql-connector-java"
 	integrationTestCompile "org.apache.derby:derby"

spring-session-samples/gradle/dependency-management.gradle

@@ -1,23 +1,23 @@
 dependencyManagement {
 	imports {
-		mavenBom 'com.fasterxml.jackson:jackson-bom:2.10.0'
+		mavenBom 'com.fasterxml.jackson:jackson-bom:2.11.0'
 	}
 
 	dependencies {
 		dependency 'ch.qos.logback:logback-classic:1.2.3'
-		dependency 'com.maxmind.geoip2:geoip2:2.3.1'
+		dependency 'com.maxmind.geoip2:geoip2:2.14.0'
 		dependency 'javax.servlet.jsp.jstl:javax.servlet.jsp.jstl-api:1.2.2'
 		dependency 'javax.servlet.jsp:javax.servlet.jsp-api:2.3.3'
 		dependency 'org.apache.taglibs:taglibs-standard-jstlel:1.2.5'
-		dependency 'org.seleniumhq.selenium:htmlunit-driver:2.33.0'
-		dependency 'org.slf4j:jcl-over-slf4j:1.7.28'
-		dependency 'org.slf4j:log4j-over-slf4j:1.7.28'
+		dependency 'org.seleniumhq.selenium:htmlunit-driver:2.36.0'
+		dependency 'org.slf4j:jcl-over-slf4j:1.7.30'
+		dependency 'org.slf4j:log4j-over-slf4j:1.7.30'
 		dependency 'org.webjars:bootstrap:2.3.2'
 		dependency 'org.webjars:html5shiv:3.7.3'
 		dependency 'org.webjars:jquery:1.12.4'
 		dependency 'org.webjars:knockout:2.3.0'
 		dependency 'org.webjars:sockjs-client:0.3.4'
-		dependency 'org.webjars:stomp-websocket:2.3.0'
+		dependency 'org.webjars:stomp-websocket:2.3.3'
 		dependency 'org.webjars:webjars-taglib:0.3'
 	}
 }

spring-session-samples/spring-session-sample-boot-findbyusername/src/integration-test/java/sample/FindByUsernameTests.java

@@ -53,6 +53,8 @@ class FindByUsernameTests {
 
 	private WebDriver driver;
 
+	private WebDriver driver2;
+
 	@BeforeEach
 	void setup() {
 		this.driver = MockMvcHtmlUnitDriverBuilder.mockMvcSetup(this.mockMvc).build();
@@ -61,6 +63,9 @@ class FindByUsernameTests {
 	@AfterEach
 	void tearDown() {
 		this.driver.quit();
+		if (this.driver2 != null) {
+			this.driver2.quit();
+		}
 	}
 
 	@Test
@@ -79,6 +84,25 @@ class FindByUsernameTests {
 		home.terminateButtonDisabled();
 	}
 
+	@Test
+	void terminateOtherSession() throws Exception {
+		HomePage forgotToLogout = home(this.driver);
+
+		this.driver2 = MockMvcHtmlUnitDriverBuilder.mockMvcSetup(this.mockMvc).build();
+		HomePage terminateFogotSession = home(this.driver2);
+		terminateFogotSession.terminateSession(forgotToLogout.getSessionId()).assertAt();
+
+		LoginPage login = HomePage.go(this.driver);
+		login.assertAt();
+	}
+
+	private static HomePage home(WebDriver driver) {
+		LoginPage login = HomePage.go(driver);
+		HomePage home = login.form().login(HomePage.class);
+		home.assertAt();
+		return home;
+	}
+
 	@TestConfiguration
 	static class Config {
 

spring-session-samples/spring-session-sample-boot-findbyusername/src/integration-test/java/sample/pages/HomePage.java

@@ -56,6 +56,18 @@ public class HomePage extends BasePage {
 	}
 
 	public void terminateButtonDisabled() {
+		String sessionId = getSessionId();
+		WebElement element = getDriver().findElement(By.id("terminate-" + sessionId));
+		assertThat(element.isEnabled()).isFalse();
+	}
+
+	public HomePage terminateSession(String sessionId) {
+		WebElement terminate = getDriver().findElement(By.id("terminate-" + sessionId));
+		terminate.click();
+		return new HomePage(getDriver());
+	}
+
+	public String getSessionId() {
 		Set<Cookie> cookies = getDriver().manage().getCookies();
 		String cookieValue = null;
 		for (Cookie cookie : cookies) {
@@ -63,8 +75,7 @@ public class HomePage extends BasePage {
 				cookieValue = new String(Base64.getDecoder().decode(cookie.getValue()));
 			}
 		}
-		WebElement element = getDriver().findElement(By.id("terminate-" + cookieValue));
-		assertThat(element.isEnabled()).isFalse();
+		return cookieValue;
 	}
 
 	public HomePage logout() {

spring-session-samples/spring-session-sample-boot-findbyusername/src/main/java/sample/mvc/IndexController.java

@@ -26,8 +26,8 @@ import org.springframework.session.Session;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
 
 /**
  * Controller for sending the user to the login view.
@@ -50,7 +50,7 @@ public class IndexController {
 	}
 	// end::findbyusername[]
 
-	@RequestMapping(value = "/sessions/{sessionIdToDelete}", method = RequestMethod.DELETE)
+	@PostMapping("/sessions/{sessionIdToDelete}")
 	public String removeSession(Principal principal, @PathVariable String sessionIdToDelete) {
 		Set<String> usersSessionIds = this.sessions.findByPrincipalName(principal.getName()).keySet();
 		if (usersSessionIds.contains(sessionIdToDelete)) {

spring-session-samples/spring-session-sample-boot-findbyusername/src/main/resources/templates/index.html

@@ -25,7 +25,7 @@
 				<td th:text="${#temporals.format(sessionElement.lastAccessedTime.atZone(T(java.time.ZoneId).systemDefault()),'dd/MMM/yyyy HH:mm:ss')}"></td>
 				<td th:text="${details?.accessType}"></td>
 				<td>
-					<form th:action="@{'/sessions/' + ${sessionElement.id}}" th:method="delete">
+					<form th:action="@{'/sessions/' + ${sessionElement.id}}" th:method="post">
 						<input th:id="'terminate-' + ${sessionElement.id}" type="submit" value="Terminate" th:disabled="${sessionElement.id == #httpSession.id}"/>
 					</form>
 				</td>

spring-session-samples/spring-session-sample-boot-webflux-custom-cookie/spring-session-sample-boot-webflux-custom-cookie.gradle

@@ -0,0 +1,17 @@
+apply plugin: 'io.spring.convention.spring-sample-boot'
+
+dependencies {
+	compile project(':spring-session-data-redis')
+	compile "org.springframework.boot:spring-boot-starter-webflux"
+	compile "org.springframework.boot:spring-boot-starter-thymeleaf"
+	compile "org.springframework.boot:spring-boot-starter-data-redis"
+	compile "org.springframework.boot:spring-boot-devtools"
+	compile 'org.webjars:bootstrap'
+
+	testCompile "org.springframework.boot:spring-boot-starter-test"
+	testCompile "org.junit.jupiter:junit-jupiter-api"
+	testRuntime "org.junit.jupiter:junit-jupiter-engine"
+
+	integrationTestCompile seleniumDependencies
+	integrationTestCompile "org.testcontainers:testcontainers"
+}

spring-session-samples/spring-session-sample-boot-webflux-custom-cookie/src/integration-test/java/sample/AttributeTests.java

@@ -0,0 +1,112 @@
+/*
+ * Copyright 2014-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample;
+
+import java.util.List;
+
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.openqa.selenium.WebDriver;
+import org.openqa.selenium.htmlunit.HtmlUnitDriver;
+import org.testcontainers.containers.GenericContainer;
+import sample.pages.HomePage;
+import sample.pages.HomePage.Attribute;
+
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.boot.test.context.TestConfiguration;
+import org.springframework.boot.web.server.LocalServerPort;
+import org.springframework.context.annotation.Bean;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+import org.springframework.test.context.junit.jupiter.SpringExtension;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+/**
+ * @author Eleftheria Stein
+ */
+@ExtendWith(SpringExtension.class)
+@SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT)
+class AttributeTests {
+
+	private static final String DOCKER_IMAGE = "redis:5.0.9";
+
+	@LocalServerPort
+	private int port;
+
+	private WebDriver driver;
+
+	@BeforeEach
+	void setup() {
+		this.driver = new HtmlUnitDriver();
+	}
+
+	@AfterEach
+	void tearDown() {
+		this.driver.quit();
+	}
+
+	@Test
+	void home() {
+		HomePage home = HomePage.go(this.driver, this.port);
+		home.assertAt();
+	}
+
+	@Test
+	void noAttributes() {
+		HomePage home = HomePage.go(this.driver, this.port);
+		assertThat(home.attributes()).isEmpty();
+	}
+
+	@Test
+	void createAttribute() {
+		HomePage home = HomePage.go(this.driver, this.port);
+		// @formatter:off
+		home = home.form()
+				.attributeName("a")
+				.attributeValue("b")
+				.submit(HomePage.class);
+		// @formatter:on
+
+		List<Attribute> attributes = home.attributes();
+		assertThat(attributes).hasSize(1);
+		Attribute row = attributes.get(0);
+		assertThat(row.getAttributeName()).isEqualTo("a");
+		assertThat(row.getAttributeValue()).isEqualTo("b");
+	}
+
+	@TestConfiguration
+	static class Config {
+
+		@Bean
+		GenericContainer redisContainer() {
+			GenericContainer redisContainer = new GenericContainer(DOCKER_IMAGE).withExposedPorts(6379);
+			redisContainer.start();
+			return redisContainer;
+		}
+
+		@Bean
+		LettuceConnectionFactory redisConnectionFactory() {
+			return new LettuceConnectionFactory(redisContainer().getContainerIpAddress(),
+					redisContainer().getFirstMappedPort());
+		}
+
+	}
+
+}

spring-session-samples/spring-session-sample-boot-webflux-custom-cookie/src/integration-test/java/sample/pages/HomePage.java

@@ -0,0 +1,138 @@
+/*
+ * Copyright 2014-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample.pages;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.openqa.selenium.SearchContext;
+import org.openqa.selenium.WebDriver;
+import org.openqa.selenium.WebElement;
+import org.openqa.selenium.support.FindBy;
+import org.openqa.selenium.support.PageFactory;
+import org.openqa.selenium.support.pagefactory.DefaultElementLocatorFactory;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+/**
+ * @author Eleftheria Stein
+ */
+public class HomePage {
+
+	private WebDriver driver;
+
+	@FindBy(css = "form")
+	WebElement form;
+
+	@FindBy(css = "table tbody tr")
+	List<WebElement> trs;
+
+	List<Attribute> attributes;
+
+	public HomePage(WebDriver driver) {
+		this.driver = driver;
+		this.attributes = new ArrayList<>();
+	}
+
+	private static void get(WebDriver driver, int port, String get) {
+		String baseUrl = "http://localhost:" + port;
+		driver.get(baseUrl + get);
+	}
+
+	public static HomePage go(WebDriver driver, int port) {
+		get(driver, port, "/");
+		return PageFactory.initElements(driver, HomePage.class);
+	}
+
+	public void assertAt() {
+		assertThat(this.driver.getTitle()).isEqualTo("Session Attributes");
+	}
+
+	public List<Attribute> attributes() {
+		List<Attribute> rows = new ArrayList<>();
+		for (WebElement tr : this.trs) {
+			rows.add(new Attribute(tr));
+		}
+		this.attributes.addAll(rows);
+		return this.attributes;
+	}
+
+	public Form form() {
+		return new Form(this.form);
+	}
+
+	public class Form {
+
+		@FindBy(name = "attributeName")
+		WebElement attributeName;
+
+		@FindBy(name = "attributeValue")
+		WebElement attributeValue;
+
+		@FindBy(css = "input[type=\"submit\"]")
+		WebElement submit;
+
+		public Form(SearchContext context) {
+			PageFactory.initElements(new DefaultElementLocatorFactory(context), this);
+		}
+
+		public Form attributeName(String text) {
+			this.attributeName.sendKeys(text);
+			return this;
+		}
+
+		public Form attributeValue(String text) {
+			this.attributeValue.sendKeys(text);
+			return this;
+		}
+
+		public <T> T submit(Class<T> page) {
+			this.submit.click();
+			return PageFactory.initElements(HomePage.this.driver, page);
+		}
+
+	}
+
+	public static class Attribute {
+
+		@FindBy(xpath = ".//td[1]")
+		WebElement attributeName;
+
+		@FindBy(xpath = ".//td[2]")
+		WebElement attributeValue;
+
+		public Attribute(SearchContext context) {
+			PageFactory.initElements(new DefaultElementLocatorFactory(context), this);
+		}
+
+		/**
+		 * @return the attributeName
+		 */
+		public String getAttributeName() {
+			return this.attributeName.getText();
+		}
+
+		/**
+		 * @return the attributeValue
+		 */
+		public String getAttributeValue() {
+			return this.attributeValue.getText();
+		}
+
+	}
+
+}

spring-session-samples/spring-session-sample-boot-webflux-custom-cookie/src/integration-test/resources/testcontainers.properties

@@ -0,0 +1 @@
+ryuk.container.timeout=120

spring-session-samples/spring-session-sample-boot-webflux-custom-cookie/src/main/java/sample/CookieConfig.java

@@ -0,0 +1,41 @@
+/*
+ * Copyright 2014-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.server.session.CookieWebSessionIdResolver;
+import org.springframework.web.server.session.WebSessionIdResolver;
+
+/**
+ * @author Eleftheria Stein
+ */
+@Configuration
+public class CookieConfig {
+
+	// tag::webflux-cookie-serializer[]
+	@Bean
+	public WebSessionIdResolver webSessionIdResolver() {
+		CookieWebSessionIdResolver resolver = new CookieWebSessionIdResolver();
+		resolver.setCookieName("JSESSIONID"); // <1>
+		resolver.addCookieInitializer((builder) -> builder.path("/")); // <2>
+		resolver.addCookieInitializer((builder) -> builder.sameSite("Strict")); // <3>
+		return resolver;
+	}
+	// end::webflux-cookie-serializer[]
+
+}

spring-session-samples/spring-session-sample-boot-webflux-custom-cookie/src/main/java/sample/HelloWebFluxApplication.java

@@ -0,0 +1,32 @@
+/*
+ * Copyright 2014-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+/**
+ * @author Eleftheria Stein
+ */
+@SpringBootApplication
+public class HelloWebFluxApplication {
+
+	public static void main(String[] args) {
+		SpringApplication.run(HelloWebFluxApplication.class, args);
+	}
+
+}

spring-session-samples/spring-session-sample-boot-webflux-custom-cookie/src/main/java/sample/SessionAttributeForm.java

@@ -0,0 +1,44 @@
+/*
+ * Copyright 2014-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample;
+
+/**
+ * @author Eleftheria Stein
+ */
+public class SessionAttributeForm {
+
+	private String attributeName;
+
+	private String attributeValue;
+
+	public String getAttributeName() {
+		return this.attributeName;
+	}
+
+	public void setAttributeName(String attributeName) {
+		this.attributeName = attributeName;
+	}
+
+	public String getAttributeValue() {
+		return this.attributeValue;
+	}
+
+	public void setAttributeValue(String attributeValue) {
+		this.attributeValue = attributeValue;
+	}
+
+}

spring-session-samples/spring-session-sample-boot-webflux-custom-cookie/src/main/java/sample/SessionController.java

@@ -0,0 +1,43 @@
+/*
+ * Copyright 2014-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.server.WebSession;
+
+// tag::class[]
+@Controller
+public class SessionController {
+
+	@PostMapping("/session")
+	public String setAttribute(@ModelAttribute SessionAttributeForm sessionAttributeForm, WebSession session) {
+		session.getAttributes().put(sessionAttributeForm.getAttributeName(), sessionAttributeForm.getAttributeValue());
+		return "redirect:/";
+	}
+
+	@GetMapping("/")
+	public String index(Model model, WebSession webSession) {
+		model.addAttribute("webSession", webSession);
+		return "home";
+	}
+
+}
+// tag::end[]

spring-session-samples/spring-session-sample-boot-webflux-custom-cookie/src/main/resources/templates/home.html

@@ -0,0 +1,42 @@
+<!DOCTYPE html>
+
+<html>
+
+<head>
+    <title>Session Attributes</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+</head>
+<body>
+<div class="container">
+    <h1>Description</h1>
+    <p>This application demonstrates how to customize the session cookie. Notice that the name of the cookie is JSESSIONID.</p>
+
+    <h1>Try it</h1>
+
+    <form class="form-inline" role="form" action="./session" method="post">
+        <label for="attributeName">Attribute Name</label>
+        <input id="attributeName" type="text" name="attributeName"/>
+        <label for="attributeValue">Attribute Value</label>
+        <input id="attributeValue" type="text" name="attributeValue"/>
+        <input type="submit" value="Set Attribute"/>
+    </form>
+
+    <hr/>
+
+    <table class="table table-striped">
+        <thead>
+        <tr>
+            <th>Attribute Name</th>
+            <th>Attribute Value</th>
+        </tr>
+        </thead>
+        <tbody>
+        <tr th:each="attr : ${webSession.attributes}">
+            <td th:text="${attr.key}"/></td>
+            <td th:text="${attr.value}"/></td>
+        </tr>
+        </tbody>
+    </table>
+</div>
+</body>
+</html>

spring-session-samples/spring-session-sample-boot-webflux/src/main/java/sample/SessionController.java

@@ -36,7 +36,7 @@ public class SessionController {
 	@GetMapping("/")
 	public String index(Model model, WebSession webSession) {
 		model.addAttribute("webSession", webSession);
-		return "index";
+		return "home";
 	}
 
 	private static final long serialVersionUID = 2878267318695777395L;

spring-session-samples/spring-session-sample-boot-websocket/spring-session-sample-boot-websocket.gradle

@@ -8,6 +8,7 @@ dependencies {
 	compile "org.springframework.boot:spring-boot-starter-data-jpa"
 	compile "org.springframework.boot:spring-boot-starter-data-redis"
 	compile "org.springframework.boot:spring-boot-starter-websocket"
+	compile "org.springframework.boot:spring-boot-starter-validation"
 	compile "org.springframework.boot:spring-boot-devtools"
 	compile "org.springframework:spring-websocket"
 	compile "org.springframework.security:spring-security-messaging"

spring-session-samples/spring-session-sample-javaconfig-rest/spring-session-sample-javaconfig-rest.gradle

@@ -22,4 +22,5 @@ dependencies {
 
 gretty {
 	jvmArgs = ['-Dspring.profiles.active=embedded-redis']
+	servletContainer = 'tomcat9'
 }