springCloud中处理session一致性问题
session不一致
由于使用了springcloud网关进行接口服务转发,这样会导致前端请求中的session不一致,导致无法正常获取所需要的数据
解决办法
步骤一:
每个服务都加上这个工具类
1、在每个模块中的pom中都引入spring-session和redis的包。
<dependency> <groupId>org.springframework.session</groupId> <artifactId>spring-session-data-redis</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-redis</artifactId> </dependency>
步骤二:
要给每个服务都配置redis的链接信息
redis:
database: 0
host: 127.0.0.1
port: 6379
password:xxxxx # redis的密码
要给每个服务的启动都加上这个主键
@EnableRedisHttpSession(flushMode = FlushMode.IMMEDIATE) // 解决session不一致问题
步骤三:
所有的实体类都需要实例化
@SuppressWarnings("serial")
@Data
@AllArgsConstructor
@NoArgsConstructor
@TableName("sys_user")
public class User implements Serializable { // 实例化
private static final long serialVersionUID = 1L;
步骤四:
用Gateway做网关的需要特被处理网关项目,而用zuul做网关的则不需要
网关项目结构
全局session共享
1.pom.xml
依赖jar包:
<!--redis-reactive 也是redis,他是高效的redis-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis-reactive</artifactId>
</dependency>
<!--将session存到redist中,处理全局session问题-->
<dependency>
<groupId>org.springframework.session</groupId>
<artifactId>spring-session-data-redis</artifactId>
</dependency>
<!--连接池-->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-pool2</artifactId>
</dependency>
<!--处理全局session问题,需要结合这个安全框架-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
2.相关yml配置:
配置将session存到redis中
spring.session.store-type
Spring默认就是redis实现的,也有其他的,配置不同罢了。
spring:
redis:
database: 0
host: localhost
port: 6379
password: xxxx # redis密码
lettuce:
pool:
max-active: 300
max-idle: 8
max-wait: -1ms
min-idle: 0
session:
store-type: redis
3.放行Security所有请求
安装每个项目所选进行配置
package com.yep.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;
@Configuration
@EnableWebFluxSecurity
public class GatewaySecurityConfig {
@Bean
SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity serverHttpSecurity)
throws Exception {
serverHttpSecurity
.csrf().disable()
.authorizeExchange().pathMatchers("/**").permitAll()
.anyExchange()
.authenticated();
return serverHttpSecurity.build();
}
}
4.session相关设置
package com.yep.config;
import com.yep.resolver.MyCookieWebSessionIdResolver;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.ResponseCookie;
import org.springframework.session.data.redis.config.annotation.web.server.EnableRedisWebSession;
import org.springframework.web.server.session.CookieWebSessionIdResolver;
import org.springframework.web.server.session.WebSessionIdResolver;
import java.util.function.Consumer;
/**
* 配置session存到redis中的相关操作
*/
@Configuration
@EnableRedisWebSession(maxInactiveIntervalInSeconds = 10*60*60, redisNamespace = "my:spring:session")
public class WebSessionConfig {
@Bean
public WebSessionIdResolver webSessionIdResolver() {
CookieWebSessionIdResolver resolver = new MyCookieWebSessionIdResolver();
resolver.setCookieName("SESSIONID");
Consumer<ResponseCookie.ResponseCookieBuilder> consumer = responseCookieBuilder -> {
responseCookieBuilder.path("/");
};
resolver.addCookieInitializer(consumer);
return resolver;
}
}
5.自定义WebSessionId解析器
package com.yep.resolver;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.HttpCookie;
import org.springframework.session.web.http.DefaultCookieSerializer;
import org.springframework.util.MultiValueMap;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.session.CookieWebSessionIdResolver;
import java.util.Base64;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
@Slf4j
public class MyCookieWebSessionIdResolver extends CookieWebSessionIdResolver {
@Override
public List<String> resolveSessionIds(ServerWebExchange exchange) {
MultiValueMap<String, HttpCookie> cookieMap = exchange.getRequest().getCookies();
List<HttpCookie> cookies = cookieMap.get(getCookieName());
if (cookies == null) {
return Collections.emptyList();
}
return cookies.stream().map(HttpCookie::getValue).map(this::base64Decode).collect(Collectors.toList());
}
/**
* base64解码
*
* @param base64Value base64Value
* @return 解码后的字符串
*/
private String base64Decode(String base64Value) {
try {
byte[] decodedCookieBytes = Base64.getDecoder().decode(base64Value);
return new String(decodedCookieBytes);
} catch (Exception ex) {
log.debug("Unable to Base64 decode value: " + base64Value);
return null;
}
}
}