I think it should be enabled by default, but fail gracefully with a warning. This would allow the same configuration to be used between dev and prod, where dev would JustWork(tm) and prod would require some manual intervention (which would be obvious from the warning).

I was able to work around the problem by subclassing the RedisHttpSessionConfiguration with an implementation that disables the keyspace notifications initializer, and bringing it in through normal configuration means:

package org.springframework.session.data.redis.config.annotation.web.http

import org.springframework.beans.factory.annotation.Value
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.core.type.AnnotationMetadata
import org.springframework.data.redis.connection.RedisConnectionFactory
import org.springframework.data.redis.core.RedisTemplate
import org.springframework.session.ExpiringSession
import org.springframework.session.data.redis.RedisOperationsSessionRepository

@Configuration
class GateRedisHttpSessionConfiguration extends RedisHttpSessionConfiguration {

  @Value('${session.expiration:1800}')
  int expiration

  public void setImportMetadata(AnnotationMetadata importMetadata) {
  }

  @Bean
  public RedisOperationsSessionRepository sessionRepository(RedisTemplate<String, ExpiringSession> sessionRedisTemplate) {
    RedisOperationsSessionRepository sessionRepository = new RedisOperationsSessionRepository(sessionRedisTemplate);
    sessionRepository.setDefaultMaxInactiveInterval(expiration);
    return sessionRepository;
  }

  @Override
  public RedisHttpSessionConfiguration.EnableRedisKeyspaceNotificationsInitializer enableRedisKeyspaceNotificationsInitializer(RedisConnectionFactory connectionFactory) {
    null
  }
}

For posterity, here are the steps for enabling the keyspace notifications on AWS:

Log into the AWS console and choose the ElastiCache service

Choose the Cache Parameter Groups and click Create Parameter Group

Give the new group and name and description and click Create

With the new parameter group created, select it and click Edit Parameters

Page through the parameters until you find notify-keyspace-events and enter "eA" in the Value field and click Save Changes

@danveloper I'm glad you were able to work around the issue. Thank you for your feedback and for the useful directions on enabling keyspace notifications in AWS.

I have concerns with the configuration not failing when it tries to update the Redis configuration.

Developers likely did thorough testing within another environment. For example, they might be integrating with WebSocket support and validate that when an HttpSession is terminated the WebSocket is indeed closing properly.

This means they are confident that everything is working by the time the get to production. Many users may not even notice a warning being logged. Without Redis keyspace notifications being enabled, the applications WebSocket connections will not properly closed when the HttpSession is destroyed.

Obviously developers should read the instructions completely, look for warnings, and perform some smoke tests in production to avoid such issues. However, I fear that by not failing we are setting up users for failure.

A compromise might be to require users to explicitly set a property to allow "fall back". This means users would be aware that they need to do something in production. Of course this is one more piece of configuration users would need. Thoughts?

Could it provide a different strategy for ascertaining the database's configuration? Maybe in the absence of the CONFIG command, the event notification initializer could run a test to determine if expirations were working? This might introduce some slowness during startup, but might be favorable to total failure.

I'd probably prefer a slower startup over managing feature flags between dev & prod. If this isn't possible or is otherwise infeasible, then feature flag might be the only way to go.

Great idea! I think this may be doable, but we will see when I get into the details. Thanks for your feedback!

RedisHttpSessionConfiguration.EnableRedisKeyspaceNotificationsInitializer is not visible for outsiders extending RedisHttpSessionConfiguration. The workaround doesn't work. Can you help me with this?

@njariwala You would need to place it in the same package as illustrated in the example above.

If the class is semantically usable for non-core extensions, it seems like a bad practice to trespass on the distribution package, especially since that can fail in interesting ways with particular classloader hierarchies.

@chrylis Yes this is considered a workaround until we can get a fix out. The alternative is to use the more verbose workaround I provided.

I am facing the same issue even after trying the solutions provided above

I think it should be enabled by default, but fail gracefully with a warning. This would allow the same configuration to be used between dev and prod, where dev would JustWork(tm) and prod would require some manual intervention (which would be obvious from the warning).

I was able to work around the problem by subclassing the RedisHttpSessionConfiguration with an implementation that disables the keyspace notifications initializer, and bringing it in through normal configuration means:

package org.springframework.session.data.redis.config.annotation.web.http

import org.springframework.beans.factory.annotation.Value
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.core.type.AnnotationMetadata
import org.springframework.data.redis.connection.RedisConnectionFactory
import org.springframework.data.redis.core.RedisTemplate
import org.springframework.session.ExpiringSession
import org.springframework.session.data.redis.RedisOperationsSessionRepository

@Configuration
class GateRedisHttpSessionConfiguration extends RedisHttpSessionConfiguration {

  @Value('${session.expiration:1800}')
  int expiration

  public void setImportMetadata(AnnotationMetadata importMetadata) {
  }

  @Bean
  public RedisOperationsSessionRepository sessionRepository(RedisTemplate<String, ExpiringSession> sessionRedisTemplate) {
    RedisOperationsSessionRepository sessionRepository = new RedisOperationsSessionRepository(sessionRedisTemplate);
    sessionRepository.setDefaultMaxInactiveInterval(expiration);
    return sessionRepository;
  }

  @Override
  public RedisHttpSessionConfiguration.EnableRedisKeyspaceNotificationsInitializer enableRedisKeyspaceNotificationsInitializer(RedisConnectionFactory connectionFactory) {
    null
  }
}

For posterity, here are the steps for enabling the keyspace notifications on AWS:

Log into the AWS console and choose the ElastiCache service

Choose the Cache Parameter Groups and click Create Parameter Group

Give the new group and name and description and click Create

With the new parameter group created, select it and click Edit Parameters

Page through the parameters until you find notify-keyspace-events and enter "eA" in the Value field and click Save Changes__

__ #### Choose Cache Clusters from the context navigation and create a new Redis cache cluster #### When specifying your cluster detail, choose the newly created parameter group __

The value to set in notify-keyspace-events obbeys to the below information :

K — Keyspace events, published with a prefix of __keyspace@<db>__
E — Key-event events, published with a prefix of __keyevent@<db>__
g — Generic, non-specific commands such as DEL, EXPIRE, RENAME, etc.
$ — String commands
l — List commands
s — Set commands
h — Hash commands
z — Sorted set commands
x — Expired events (events generated every time a key expires)
e — Evicted events (events generated when a key is evicted for maxmemory)
A — An alias for g$lshzxe

This information is located in https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/ParameterGroups.Redis.html#ParameterGroups.Redis.2-8-6

Thanks @danveloper for your explanation.

When I configured the elasticache (Redis on AWS) using the guide from previous post I fugured out that the eA parameter for notify-keyspace-events does not work correctly. Correct configuration is EA (E with capital letter).
In the documentation (https://redis.io/topics/notifications) you can see that the A is an alias e.g. for e which means, that eA is effectively just A.
Redis Spring Session functionality needs this E because it consumes those key-events.
So, specify there EA.

Did anyone found how to use this with Memorystore for Redis on Google Cloud? It looks like it has the same issue, however it doesn't have any interface to control data :|

We encountered this issue recently after securing our AWS Redis (ElasticCache) 6.2.6 cluster (running in clustered mode). Adding a ConfigureRedisAction.NO_OP bean meant adding the spring-session-data-redis (v2.5.1) dependency, previously not required.

Issue
This has led to sporadic exceptions on startup when the container is subscribing to patterned topics.

Exception in thread "springSessionRedisMessageListenerContainer-2" java.lang.NullPointerException
	at redis.clients.jedis.BinaryJedisPubSub.psubscribe(BinaryJedisPubSub.java:57)
	at org.springframework.data.redis.connection.jedis.JedisSubscription.doPsubscribe(JedisSubscription.java:59)
	at org.springframework.data.redis.connection.util.AbstractSubscription.pSubscribe(AbstractSubscription.java:159)
	at org.springframework.data.redis.listener.RedisMessageListenerContainer$SubscriptionTask$PatternSubscriptionTask.run(RedisMessageListenerContainer.java:707)
	at java.lang.Thread.run(Thread.java:750)

When these failures occur, keyspace events are no longer received. I believe the sporadic nature of these exceptions is due to the potentially asynchronous behavior of PatternSubscriptionTask.

Application Details
We do not use any patterned topics in our application, and only use ChannelTopics. I understand Spring Session may be subscribing to patterned topics (e.g. spring:session:event:0:created:*)?

The notify-keyspace-events property is configured with KE$. (We only care about the keyspace events on strings.)

I learned another aspect of subscribing to keyspace events in a secured Redis cluster is that the application must subscribe to the topic on each node in the cluster. Redis keystore events are not broadcast cluster-wide, and are only broadcast to topics local to that node. We have 9 nodes in our cluster and the application is configured to subscribe to the topic on each node.

Could this be causing issues with how RedisHttpSessionConfiguration is subscribing to its patterned topics?

Is there a way to disable Spring Session from subscribing to these patterned topics, or disabling Spring Session altogether?

Like I mentioned above, we didn't need Spring Session and only included it when we needed to add the ConfigureRedisAction.NO_OP bean.

Desired Result
We want to prevent Spring Redis from auto-configuring our Redis cluster, and for the application to subscribe to the topic on each node of the cluster to receive the keyspace notifications. We don't care about "delete" or "expiration" notifications - only notifications triggered by the SET operations on a key in the keystore.

Adding a ConfigureRedisAction.NO_OP bean meant adding the spring-session-data-redis (v2.5.1) dependency, previously not required.

That doesn't sound right - ConfigureRedisAction.NO_OP is intended specifically as a configuration option for Spring Session's Redis integration.

If you're not using Spring Session at all, you need something else to resolve the issue. I'd suggest taking a look at Spring Data Redis reference manual, or opening an issue over there if you don't find anything.