As we have seen in the preceding section, there are several moments when Spring Social stores things in the HTTP session. Our user profile is also stored in the session. This is a classical approach to keeping things in memory as long as a user is navigating the site.

However, this can prove troublesome if we want to scale our application and distribute the load to multiple backend servers. We have now entered the cloud era, and Chapter 8, Optimizing Your Requests will be about deploying our application to the cloud.

To make our session work in a distributed environment, we have a few options:

In this chapter, we will see how to set up the third approach. It is really easy to set up and provides the amazing benefit that it can be turned off without impacting the functionality of our application.

The first thing we need to do is to install Redis. To install it on Mac, use the brew command:

brew install redis

For other platforms, follow the instructions at http://redis.io/download.

You can then start the server by using the following command:

redis-server

Add the following dependencies to your build.gradle file:

compile 'org.springframework.boot:spring-boot-starter-redis'
compile 'org.springframework.session:spring-session:1.0.1.RELEASE'

Create a new configuration file next to application.properties called application-redis.properties:

spring.redis.host=localhost
spring.redis.port=6379

Spring Boot provides a convenient way of associating configuration files with a profile. In this case, the application-redis.properties file will only be loaded if the Redis profile is active.

Then, create a RedisConfig class in the config package:

package masterSpringMvc.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;

@Configuration
@Profile("redis")
@EnableRedisHttpSession
public class RedisConfig {
}

As you can see, this configuration will only be active if the redis profile is on.

We're done! We can now launch our app with the following flag:

-Dspring.profiles.active=redis

You can also generate the JAR with gradlew build and launch it with the following command:

java -Dserver.port=$PORT -Dspring.profiles.active=redis -jar app.jar

Alternatively, you can launch it with Gradle in Bash, as follows:

SPRING_PROFILES_ACTIVE=redis ./gradlew bootRun

You can also simply set it up as a JVM option in the run configuration of your IDE.

And that's it! You now have a server storing the details of your logged-in users. This means that we can scale and have multiple servers for our web resources and our users won't notice. And we didn't have to write any code on our side.

This also means that you will keep your session even if you restart your server.

To see that it works, connect to Redis with the redis-cli command. At the beginning, it will not contain any keys:

> redis-cli
127.0.0.1:6379> KEYS *
(empty list or set)

Navigate to your app and start putting things in the session:

127.0.0.1:6379> KEYS *
1) "spring:session:expirations:1432487760000"
2) "spring:session:sessions:1768a55b-081a-4673-8535-7449e5729af5"
127.0.0.1:6379> HKEYS spring:session:sessions:1768a55b-081a-4673-8535-7449e5729af5
1) "sessionAttr:SPRING_SECURITY_CONTEXT"
2) "sessionAttr:org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository.CSRF_TOKEN"
3) "lastAccessedTime"
4) "maxInactiveInterval"
5) "creationTime"