文章目錄
- Shiro會話管理2
-
- 1.1 session的增删改查操作通過自定義的RedisCacheManager來操作
Shiro會話管理2
1.1 session的增删改查操作通過自定義的RedisCacheManager來操作
spring-shiro.xml
<!-- 系統預設SessionManager -->
<bean class="com.shiro.session.DefaultWebSessionManager" id="sessionManager">
<property name="sessionDAO" ref="redisSessionDao"></property>
</bean>
<bean class="com.shiro.session.RedisSessionDao" id="redisSessionDao"></bean>
在securityManager中配置sessionManager
<!-- 建立SecurityManager對象 -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="realm" />
<property name="sessionManager" ref="sessionManager" />
</bean>
解決每次擷取session都從redis中讀取
package com.shiro.session;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.UnknownSessionException;
import org.apache.shiro.session.mgt.SessionKey;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.apache.shiro.web.session.mgt.WebSessionKey;
import javax.servlet.ServletRequest;
import java.io.Serializable;
/**
* 解決每次擷取session都從redis中讀取
*
* SessionKey裡面存儲着request對象,
* 可以把session放到request對象裡面,這樣就沒必要每次擷取session都從redis裡面讀取了
* 改變後讀取session的順序:sessionId->request->session
*/
public class CustomSessionManager extends DefaultWebSessionManager {
@Override
protected Session retrieveSession(SessionKey sessionKey) throws UnknownSessionException {
//擷取到sessionId
Serializable sessionId = getSessionId(sessionKey);
//擷取request
ServletRequest request = null;
if (sessionKey instanceof WebSessionKey) {
request = ((WebSessionKey) sessionKey).getServletRequest();
}
//若request不為空,并且sessionID不為空,則從request中擷取session
if (request != null && sessionId != null) {
Session session = (Session) request.getAttribute(sessionId.toString());
//擷取到的session不為空,則傳回
if (session != null) {
return session;
}
}
//否則從redisSessionDao中擷取session
Session session = super.retrieveSession(sessionKey);
//若擷取的session不為空,則設值到request的作用域中
if (request != null && sessionId != null) {
request.setAttribute(sessionId.toString(), session);
}
return session;
}
}
spring-shiro.xml
<!-- 自定義SessionManager -->
<bean class="com.shiro.session.CustomSessionManager" id="sessionManager">
<property name="sessionDAO" ref="redisSessionDao"></property>
</bean>
<bean class="com.shiro.session.RedisSessionDao" id="redisSessionDao"></bean>