Springboot+redis管理shiroセッション実装セッションクラスタ
6336 ワード
Springboot統合shiro後、shiroはjava web sessionをカプセル化し、独自のsession管理メカニズムを実現し、sessionをクラスタ下の共有機能に達させるには、sessionを統一管理する必要があります.ここではredisキャッシュデータベースを使用してsessionのストレージを実現できます.
実現構想:1、RedisSessionDaoはEnterpriseCacheSessionDAOを継承し、sessionの下位CRUDデータベース操作を完了した.
具体的な実装:
1. RedisSessionDao
2. ShiroConfig
実現構想:1、RedisSessionDaoはEnterpriseCacheSessionDAOを継承し、sessionの下位CRUDデータベース操作を完了した.
具体的な実装:
1. RedisSessionDao
package com.sj.vip.shiro;
import java.io.Serializable;
import java.util.Collection;
import java.util.concurrent.TimeUnit;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import com.sj.vip.utils.LoggerUtil;
/**
* redis session
* @author Administrator
*
*/
@Component
public class RedisSessionDao extends EnterpriseCacheSessionDAO{
//session redis :30 30*60s
private static final int expireTime = 1800;
//redis session
private static String prefix = "sessionId:";
@Autowired
private RedisTemplate
2. ShiroConfig
package com.sj.vip.shiro;
import java.util.LinkedHashMap;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class ShiroConfig {
@Autowired
RedisSessionDao sessionDao;
@Bean
public SessionManager sessionManager() {
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setSessionDAO(sessionDao);
// sessionManager.setGlobalSessionTimeout(1800);
// SecurityUtils.getSubject().getSession().setTimeout(-1000l);
return sessionManager;
}
//
@Bean
public DefaultWebSecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(authRealm());
securityManager.setSessionManager(sessionManager());
return securityManager;
}
@Bean
public ShiroFilterFactoryBean shiroFilter(@Qualifier("securityManager") SecurityManager manager){
MyShiroFilterFactoryBean bean = new MyShiroFilterFactoryBean();
bean.setSecurityManager(manager);
//LoginUrl
//SuccessUrl
//authc
//anon
bean.setLoginUrl("/login");
bean.setUnauthorizedUrl("/403");
//
LinkedHashMap filterChainDefinitionMap=new LinkedHashMap();
filterChainDefinitionMap.put("/static/**", "anon");//
filterChainDefinitionMap.put("/", "anon");
filterChainDefinitionMap.put("/index", "anon");
filterChainDefinitionMap.put("/login", "anon");
filterChainDefinitionMap.put("/logout", "anon");
filterChainDefinitionMap.put("/register","anon");
filterChainDefinitionMap.put("/checkUsernameExists","anon");
filterChainDefinitionMap.put("/403","anon");
filterChainDefinitionMap.put("/qqLogin", "anon");
filterChainDefinitionMap.put("/qqCallback", "anon");
filterChainDefinitionMap.put("/wxLogin", "anon");
filterChainDefinitionMap.put("/wxCallback", "anon");
filterChainDefinitionMap.put("/*", "authc");//
bean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return bean;
}
//
@Bean
public AuthRealm authRealm() {
AuthRealm authRealm = new AuthRealm();
return authRealm;
}
// //
// @Bean(name="authRealm")
// public AuthRealm authRealm(@Qualifier("credentialsMatcher") CredentialsMatcher matcher) {
// AuthRealm authRealm=new AuthRealm();
// authRealm.setCredentialsMatcher(matcher);
// return authRealm;
// }
}