本人在分布式中通过redis共享session的方式实现权限控制,即sessionId放到redis中,userId放于session中,可实现权限控制。
session共享实例
@ConditionalOnProperty(prefix = "rkele", name = "spring-session-open", havingValue = "true") public class SpringSessionConfig { }
@Configuration @EnableRedisHttpSession public class RedisSessionConfig { }
测试类
@Controller @RequestMapping("/rkele/redis") public class testRedisSession { @ResponseBody @RequestMapping(value = "/first", method = RequestMethod.GET) public Map<String, Object> firstResp (HttpServletRequest request){ Map<String, Object> map = new HashMap<>(); request.getSession().setAttribute("request Url", request.getRequestURL()); map.put("request Url", request.getRequestURL()); return map; } @ResponseBody @RequestMapping(value = "/sessions", method = RequestMethod.GET) public Object sessions (HttpServletRequest request){ Map<String, Object> map = new HashMap<>(); map.put("sessionId", request.getSession().getId()); map.put("message", request.getSession().getAttribute("request Url")); return map; } }