As described in Hazelcast's documentation, you need to configure Hazelcast's SpringAwareWebFilter and SessionListener. You can do so in Spring Boot by declaring a FilterRegistrationBean and a ServletListenerRegistrationBean respectively:

@Bean
public FilterRegistrationBean hazelcastFilter() {
    FilterRegistrationBean registration = new FilterRegistrationBean(new SpringAwareWebFilter());

    registration.addUrlPatterns("/*");
    registration.setDispatcherTypes(DispatcherType.REQUEST, DispatcherType.FORWARD, DispatcherType.INCLUDE);

    // Configure init parameters as appropriate:
    // registration.addInitParameter("foo", "bar");

    return registration;
}

@Bean
public ServletListenerRegistrationBean<SessionListener> hazelcastSessionListener() {
    return new ServletListenerRegistrationBean<SessionListener>(new SessionListener());
}

SpringAwareWebFilter and SessionListener are both in Hazelcast's hazelcast-wm module so you'll need to add a dependency on com.hazelcast:hazelcast-wm to your pom.xml or build.gradle. hazelcast-wm also requires Spring Security to be on the classpath.

Now, when you run your application, you should see log output from Hazelcast during startup that's similar to the following:

2014-12-17 10:29:32.401  INFO 94332 --- [ost-startStop-1] com.hazelcast.config.XmlConfigLocator    : Loading 'hazelcast-default.xml' from classpath.
2014-12-17 10:29:32.435  INFO 94332 --- [ost-startStop-1] c.hazelcast.web.HazelcastInstanceLoader  : Creating a new HazelcastInstance for session replication
2014-12-17 10:29:32.582  INFO 94332 --- [ost-startStop-1] c.h.instance.DefaultAddressPicker        : [LOCAL] [dev] [3.3.3] Prefer IPv4 stack is true.
2014-12-17 10:29:32.590  INFO 94332 --- [ost-startStop-1] c.h.instance.DefaultAddressPicker        : [LOCAL] [dev] [3.3.3] Picked Address[169.254.144.237]:5701, using socket ServerSocket[addr=/0:0:0:0:0:0:0:0,localport=5701], bind any local is true
2014-12-17 10:29:32.612  INFO 94332 --- [ost-startStop-1] c.h.spi.impl.BasicOperationScheduler     : [169.254.144.237]:5701 [dev] [3.3.3] Starting with 16 generic operation threads and 16 partition operation threads.
2014-12-17 10:29:32.657  INFO 94332 --- [ost-startStop-1] com.hazelcast.system                     : [169.254.144.237]:5701 [dev] [3.3.3] Hazelcast 3.3.3 (20141112 - eadb69c) starting at Address[169.254.144.237]:5701
2014-12-17 10:29:32.657  INFO 94332 --- [ost-startStop-1] com.hazelcast.system                     : [169.254.144.237]:5701 [dev] [3.3.3] Copyright (C) 2008-2014 Hazelcast.com
2014-12-17 10:29:32.661  INFO 94332 --- [ost-startStop-1] com.hazelcast.instance.Node              : [169.254.144.237]:5701 [dev] [3.3.3] Creating MulticastJoiner
2014-12-17 10:29:32.664  INFO 94332 --- [ost-startStop-1] com.hazelcast.core.LifecycleService      : [169.254.144.237]:5701 [dev] [3.3.3] Address[169.254.144.237]:5701 is STARTING
2014-12-17 10:29:38.482  INFO 94332 --- [ost-startStop-1] com.hazelcast.cluster.MulticastJoiner    : [169.254.144.237]:5701 [dev] [3.3.3] 


Members [1] {
    Member [169.254.144.237]:5701 this
}  

2014-12-17 10:29:38.503  INFO 94332 --- [ost-startStop-1] com.hazelcast.core.LifecycleService      : [169.254.144.237]:5701 [dev] [3.3.3] Address[169.254.144.237]:5701 is STARTED

Why not uses Spring-session? It is pretty easy.

Instead of using Tomcat’s HttpSession, we are actually persisting the values in Redis. Spring Session replaces the HttpSession with an implementation that is backed by Redis. When Spring Security’s SecurityContextPersistenceFilter saves the SecurityContext to the HttpSession it is then persisted into Redis.

@EnableRedisHttpSession 
public class HttpSessionConfig {
}


#src/main/resources/application.properties
spring.redis.host=localhost
spring.redis.password=secret
spring.redis.port=6379

http://docs.spring.io/spring-session/docs/current/reference/html5/guides/boot.html