In the previous step, the servlet filter needs to be enabled on every request to the servlet container (Tomcat). The following snippet shows the code involved:

    public class Initializer extends AbstractHttpSessionApplicationInitializer {

      public Initializer() {
        super(ApplicationConfiguration.class); 
      }

    }

That's all the configuration you would need. The great thing with Spring Session is that when talking to HTTPSession, your application code does not change! You can continue using the HttpSession interface, but in the background, Spring Session ensures that the session data is stored to an external data store (Redis in this example):

    req.getSession().setAttribute(name, value);

Spring Session provides simple options to connect to an external session store. Backing up your session on an external session store ensures that your user can fail even when one of your application instances goes down.