I'm using spring-boot + OAuth2 with Redis managing sessions. I would save some data in one request and retrieve the data in another. And I use the X-Auth-Token header to identify sessions, as shown below:
@Bean
public HttpSessionIdResolver httpSessionIdResolver() {
return HeaderHttpSessionIdResolver.xAuthToken();
}
I noticed that I got a new X-Auth-Token with every response and I have to use the new one (from the response, instead of the one that I used in the request) to be able to access the session data.
Screenshot from postman:
This seems quite unnecessary (does this mean that data is being moved around in Redis all the time?), and I wonder if there are settings that I can use to just use one X-Auth-Token instead.