v5.0

What's Changed

• Add guide link. by @enozcan in #87
• Make WebFilterConfig property names public. by @vivekvara in #91
• Bump Hazelcast version to 4.1. by @enozcan in #92
• Bump junit from 4.12 to 4.13.1 by @dependabot in #89
• Bump httpclient from 4.3.1 to 4.3.6 by @dependabot in #82
• Allow non-string configuration values for the filter. by @OmarMorales71 in #97
• Add PR-builder GitHub Workflow by @kwart in #123
• Update hazelcast wm to 5.x.y compatibility (redux) [HZG-17] by @srknzl in #135
• Use diamond operator by @orcunc in #139
• Revert "Use diamond operator" by @JackPGreen in #141

New Contributors

• @vivekvara made their first contribution in #91
• @OmarMorales71 made their first contribution in #97

Upgrade guide from v4.0

https://github.com/hazelcast/hazelcast-wm/blob/v5.0/upgrade-guides/v4.0-v5.0.md

Full Changelog: v4.0...v5.0

4.0

This document includes the new features, enhancements, and fixed issues.

New Features

• There is no new feature for this release.

Enhancements

• Hazelcast version is upgraded to 4.0
• KeepRemoteActive option is introduced to prevent session eviction.

Fixes

• Transient attribute bug. (#62)
• Eviction of active sessions due to expired idle-time on cluster map. (#77)

Known Issues

None.

3.8.4

This document includes the new features, enhancements, and fixed issues.

New Features

• There is no new feature for this release.

Enhancements

• Hazelcast version is upgraded to 3.12.6
• KeepRemoteActive option is introduced to prevent session eviction.

Fixes

• Transient attribute bug. (#62)
• Eviction of active sessions due to expired idle-time on cluster map. (#77)

Known Issues

None.

3.8.3

This document includes the new features, enhancements, and fixed issues for Hazelcast WM 3.8.3 release.

New Features

There are no new features for this release.

Enhancements

• Added the method changeSessionId to WebFilter#HazelcastRequestWrapper.

Fixes

• Missing null pointer check when removing an attribute. [#60]
• Multiple user sessions are created when user logs out the application (Spring Security). [#53]

Known Issues

None.

3.8.2

This document includes the new features, enhancements, and fixed issues for Hazelcast WM 3.8.2 release.

New Features

There are no new features for this release.

Enhancements

• Add new configuration option - cookie max age. [#56]

Fixes

• Fix Spring session fixation&stale session issues. [#52]
• Log exceptions instead of ignoring them. [#54]

Known Issues

None.

3.8.1

This document includes the new features, enhancements, and fixed issues for Hazelcast WM 3.8.1 release.

New Features

There are no new features for this release.

Enhancements

• Session should not be created if create flag is false and session doesn't exist in the cluster. [#41]

Fixes

• Session map entries are not removed when session expires. [#48]
• Allow WebFilter configuration parameters to be set in both FilterConfig and properties. [#46]
• Undocumented local integrity implications of com.hazelcast.web.WebFilter's deferred-write parameter. [#45]
• JvmRoute is not updated after HttpSession failover. [#43]
• [#43]

Known Issues

None.

3.8

This document includes the new features, enhancements, and fixed issues for Hazelcast Web Module (WM) 3.8 release.

New Features

• use-request-parameter option added. It enables getting Hazelcast session ID through request parameters

Enhancements

• Config object or Hazelcast instance doesn't get created if instance name is specified: When you upgrade to Hazelcast WM 3.8, now you should have created a Hazelcast instance. [#38]

Fixes

• Clear dirty flag after attribute removal

v3.7.1

This document provides the list of new features, enhancements, and fixed issues for Hazelcast Web Module (WM) release.

Fixes

• When using multiple contexts in a web container, a session cookie will always have a path of the context it's created in. This makes it impossible to have container wide sessions, where the path should be "/".
  This should be fixed either with a boolean override (whether to use root) or by allowing to set a specific path. [#17]
• Sessions is created for every request even when getSession(false) is called. [#14]
• When setting up session clustering with a Spring Security application, session clustering works but a proper session fixation protection cannot be set. It'd be a good idea to change Hazelcast's session ID on login. Currently, it does not change. [#6]

v3.7

This document provides the list of new features, enhancements, and fixed issues for Hazelcast Web Module (WM) release.

Fixes

• In Hazelcast web session cluster (Client/Server Architecture), the exception No DataSerializerFactory registered for namespace: -1000 is thrown. The exception text is not clear; it should be improved. [#10]
• HazelcastInstanceLoader ignores "instance-name" for clients. [#8]
• When hazelcast.jar, hazelcast-client.jar, and hazelcast-wm.jar built from Hazelcast master branch are tried to be used, it turned out that hazelcast-wm.jar is not compatible with hazelcast.jar and hazelcast-client.jar. [#7]