I am using Spring Session Redis Data (configured with autoconfiguration, no customizations so far) which defaults to using FindByIndexNameSessionRepository as the SessionRepository implementation.
However, sometimes in Redis (after sessions have already expired but no logout is performed), key with prefix of spring:session:index:org.springframework.session.FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME: persists with a TTL of -1, meaning Redis won't expire the key.
Why isn't Spring Session (Redis Data) cleaning this key up when sessions expire? I can't find mention in the documentation either.
I've stored attribute with the principal's name to the session as described in the documentation, but that doesn't solve this issue. See https://docs.spring.io/spring-session/reference/api.html#api-findbyindexnamesessionrepository for details.
Redis version used: 6.2.6 (docker image of bitnami/redis:6.2.6)
Relevant Dependencies:
The reason why I wouldn't want the index to persist is that if there are many users who have logged in at least once and having a key persisted to Redis which acts like index, then Redis would have to store data that may not be accessed for long time (or at all).
This is a bug in Spring Session version 2.5.3 and prior.
If you update to Spring Session 2.5.4 or any 2.6.x, the issue is fixed.