I have a problem regarding an old spring-security/JSF app from a client. It runs on tomcat and I need to store the session into redis.
My idea was to add redisson to the tomcat and store the http session there, because I read that spring-security uses the http-session to store attributes.
But this doesn't work. Maybe because I need another conf to get the http-session to the tomcat? Or isn't this session implicitly also handled by tomcat?
Its not transparent to me how this works...