spring redis 配置子域名共享session (有点坑)

最新推荐文章于 2023-11-29 14:31:46 发布
最新推荐文章于 2023-11-29 14:31:46 发布
阅读量330 收藏 1
点赞数
文章标签: 数据库 java python
原文链接:https://my.oschina.net/u/1052192/blog/1023394
版权

2019独角兽企业重金招聘Python工程师标准>>> hot3.png


坑一  :**private String cookieName = "DTL_SESSION_ID";**

坑二 :	

 private String getCookiePath(HttpServletRequest request) {  
	        if (this.cookiePath == null) {  
	            // 此处改为返回根路径  
	            return "/";  
	        }  
	        return this.cookiePath;  
	 }  








redis添加

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jee="http://www.springframework.org/schema/jee"
	xmlns:context="http://www.springframework.org/schema/context"
	xsi:schemaLocation="http://www.springframework.org/schema/beans
						http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
						http://www.springframework.org/schema/jee
						http://www.springframework.org/schema/jee/spring-jee-4.0.xsd
						http://www.springframework.org/schema/context
						http://www.springframework.org/schema/context/spring-context-4.0.xsd
						http://www.springframework.org/schema/util
                        http://www.springframework.org/schema/util/spring-util-4.0.xsd"
	default-lazy-init="true">
	<description>Redis配置</description>

	<bean id="jedisPoolConfig" class="redis.clients.jedis.JedisPoolConfig">
		<property name="maxTotal" value="${redis.maxTotal}" />
		<property name="maxIdle" value="${redis.maxIdle}" />
		<property name="minIdle" value="${redis.minIdle}" />
		<property name="maxWaitMillis" value="${redis.maxWaitMillis}" />
		<property name="testOnBorrow" value="${redis.testOnBorrow}" />
	</bean>
	
	<bean id="jedisConnectionFactory"
		class="org.springframework.data.redis.connection.jedis.JedisConnectionFactory">
		<property name="hostName" value="${redis.ip}" />
		<property name="port" value="${redis.port}" />
		<property name="timeout" value="${redis.timeout}" />
		<property name="password" value="${redis.password}"></property>
		<property name="poolConfig" ref="jedisPoolConfig" />
	</bean>
	<!-- 使用jdk redis 序列化 -->
	<bean id="jdkRedisSerializer" class="cn.com.easy.redis.JdkRedisSerializer" />
	<bean id="redisTemplateWithJdkRedisSearializer" class="org.springframework.data.redis.core.RedisTemplate">
		<property name="connectionFactory" ref="jedisConnectionFactory" />
		<property name="valueSerializer" ref="jdkRedisSerializer" />
	</bean>
	<!--使用fastjson序列化 -->
	<bean id="fastjsonValueSerializer" class="cn.com.easy.redis.FastJsonRedisSerializer" />
	<bean id="redisTemplateWithFastjsonSearializer" class="org.springframework.data.redis.core.RedisTemplate">
		<property name="connectionFactory" ref="jedisConnectionFactory" />
		<property name="valueSerializer" ref="fastjsonValueSerializer" />
	</bean>
    
    <bean id="redisTemplate" class="org.springframework.data.redis.core.StringRedisTemplate">
        <property name="connectionFactory" ref="jedisConnectionFactory" />
    </bean>
    
      <!-- 将session放入redis -->
    <bean id="redisHttpSessionConfiguration"
        class="org.springframework.session.data.redis.config.annotation.web.http.RedisHttpSessionConfiguration">
        <property name="httpSessionStrategy" ref="cookieHttpSessionStrategy"/>
    </bean>
    
        <!--   设置cookieName和path -->
      <bean id="defaultCookieSerializer"  
        class="org.springframework.session.web.http.DefaultCookieSerializer">  
        <property name="domainName" value=".test.com"/>
        <property name="cookieName" value="DTL_SESSION_ID" />  
        <property name="cookiePath" value="/" />  
    </bean>  
           
     <bean id="cookieHttpSessionStrategy"  
        class="org.springframework.session.web.http.CookieHttpSessionStrategy">  
        <property name="cookieSerializer" ref="defaultCookieSerializer" />  
    </bean>  
    
</beans>




web.xml 添加到最前面

<!-- Session 共享 filter -->
	<filter>
		<filter-name>springSessionRepositoryFilter</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>springSessionRepositoryFilter</filter-name>
		<url-pattern>/*</url-pattern>
		<dispatcher>REQUEST</dispatcher>
		<dispatcher>ERROR</dispatcher>
	</filter-mapping>










package cn.com.czw.front.filter;

/*
 * Copyright 2014-2016 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

import java.util.ArrayList;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import javax.servlet.ServletRequest;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.session.web.http.CookieSerializer;

/**
 * The default implementation of {[@link](https://my.oschina.net/u/393) CookieSerializer}.
 *
 * [@author](https://my.oschina.net/arthor) Rob Winch
 * [@since](https://my.oschina.net/u/266547) 1.1
 */
public class CustomerCookiesSerializer implements CookieSerializer {
	private String cookieName = "DTL_SESSION_ID";

	private Boolean useSecureCookie;

	private boolean useHttpOnlyCookie = isServlet3();

	private String cookiePath;

	private int cookieMaxAge = -1;

	private String domainName;

	private Pattern domainNamePattern;

	private String jvmRoute;
	

	/*
	 * (non-Javadoc)
	 *
	 * [@see](https://my.oschina.net/weimingwei) org.springframework.session.web.http.CookieSerializer#readCookieValues(javax.
	 * servlet.http.HttpServletRequest)
	 */
	public List<String> readCookieValues(HttpServletRequest request) {
		Cookie[] cookies = request.getCookies();
		List<String> matchingCookieValues = new ArrayList<String>();
		if (cookies != null) {
			for (Cookie cookie : cookies) {
				if (this.cookieName.equals(cookie.getName())) {
					String sessionId = cookie.getValue();
					if (sessionId == null) {
						continue;
					}
					if (this.jvmRoute != null && sessionId.endsWith(this.jvmRoute)) {
						sessionId = sessionId.substring(0,
								sessionId.length() - this.jvmRoute.length());
					}
					matchingCookieValues.add(sessionId);
				}
			}
		}
		return matchingCookieValues;
	}

	/*
	 * (non-Javadoc)
	 *
	 * [@see](https://my.oschina.net/weimingwei) org.springframework.session.web.http.CookieWriter#writeCookieValue(org.
	 * springframework.session.web.http.CookieWriter.CookieValue)
	 */
	public void writeCookieValue(CookieValue cookieValue) {
		HttpServletRequest request = cookieValue.getRequest();
		HttpServletResponse response = cookieValue.getResponse();

		String requestedCookieValue = cookieValue.getCookieValue();
		String actualCookieValue = this.jvmRoute == null ? requestedCookieValue
				: requestedCookieValue + this.jvmRoute;

		Cookie sessionCookie = new Cookie(this.cookieName, actualCookieValue);
		sessionCookie.setSecure(isSecureCookie(request));
		sessionCookie.setPath(getCookiePath(request));
		String domainName = getDomainName(request);
		if (domainName != null) {
			sessionCookie.setDomain(domainName);
		}

		if (this.useHttpOnlyCookie) {
			sessionCookie.setHttpOnly(true);
		}

		if ("".equals(requestedCookieValue)) {
			sessionCookie.setMaxAge(0);
		}
		else {
			sessionCookie.setMaxAge(this.cookieMaxAge);
		}

		response.addCookie(sessionCookie);
	}

	/**
	 * Sets if a Cookie marked as secure should be used. The default is to use the value
	 * of {@link HttpServletRequest#isSecure()}.
	 *
	 * @param useSecureCookie determines if the cookie should be marked as secure.
	 */
	public void setUseSecureCookie(boolean useSecureCookie) {
		this.useSecureCookie = useSecureCookie;
	}

	/**
	 * Sets if a Cookie marked as HTTP Only should be used. The default is true in Servlet
	 * 3+ environments, else false.
	 *
	 * @param useHttpOnlyCookie determines if the cookie should be marked as HTTP Only.
	 */
	public void setUseHttpOnlyCookie(boolean useHttpOnlyCookie) {
		if (useHttpOnlyCookie && !isServlet3()) {
			throw new IllegalArgumentException(
					"You cannot set useHttpOnlyCookie to true in pre Servlet 3 environment");
		}
		this.useHttpOnlyCookie = useHttpOnlyCookie;
	}

	private boolean isSecureCookie(HttpServletRequest request) {
		if (this.useSecureCookie == null) {
			return request.isSecure();
		}
		return this.useSecureCookie;
	}

	/**
	 * Sets the path of the Cookie. The default is to use the context path from the
	 * {@link HttpServletRequest}.
	 *
	 * @param cookiePath the path of the Cookie. If null, the default of the context path
	 * will be used.
	 */
	public void setCookiePath(String cookiePath) {
		this.cookiePath = cookiePath;
	}

	public void setCookieName(String cookieName) {
		if (cookieName == null) {
			throw new IllegalArgumentException("cookieName cannot be null");
		}
		this.cookieName = cookieName;
	}

	/**
	 * Sets the maxAge property of the Cookie. The default is -1 which signals to delete
	 * the cookie when the browser is closed.
	 *
	 * @param cookieMaxAge the maxAge property of the Cookie
	 */
	public void setCookieMaxAge(int cookieMaxAge) {
		this.cookieMaxAge = cookieMaxAge;
	}

	/**
	 * Sets an explicit Domain Name. This allow the domain of "example.com" to be used
	 * when the request comes from www.example.com. This allows for sharing the cookie
	 * across subdomains. The default is to use the current domain.
	 *
	 * @param domainName the name of the domain to use. (i.e. "example.com")
	 * @throws IllegalStateException if the domainNamePattern is also set
	 */
	public void setDomainName(String domainName) {
		if (this.domainNamePattern != null) {
			throw new IllegalStateException(
					"Cannot set both domainName and domainNamePattern");
		}
		this.domainName = domainName;
	}

	/**
	 * <p>
	 * Sets a case insensitive pattern used to extract the domain name from the
	 * {@link HttpServletRequest#getServerName()}. The pattern should provide a single
	 * grouping that defines what the value is that should be matched. User's should be
	 * careful not to output malicious characters like new lines to prevent from things
	 * like <a href= "https://www.owasp.org/index.php/HTTP_Response_Splitting">HTTP
	 * Response Splitting</a>.
	 * </p>
	 *
	 * <p>
	 * If the pattern does not match, then no domain will be set. This is useful to ensure
	 * the domain is not set during development when localhost might be used.
	 * </p>
	 * <p>
	 * An example value might be "^.+?\\.(\\w+\\.[a-z]+)$". For the given input, it would
	 * provide the following explicit domain (null means no domain name is set):
	 * </p>
	 *
	 * <ul>
	 * <li>example.com - null</li>
	 * <li>child.sub.example.com - example.com</li>
	 * <li>localhost - null</li>
	 * <li>127.0.1.1 - null</li>
	 * </ul>
	 *
	 * @param domainNamePattern the case insensitive pattern to extract the domain name
	 * with
	 * @throws IllegalStateException if the domainName is also set
	 */
	public void setDomainNamePattern(String domainNamePattern) {
		if (this.domainName != null) {
			throw new IllegalStateException(
					"Cannot set both domainName and domainNamePattern");
		}
		this.domainNamePattern = Pattern.compile(domainNamePattern,
				Pattern.CASE_INSENSITIVE);
	}

	/**
	 * <p>
	 * Used to identify which JVM to route to for session affinity. With some
	 * implementations (i.e. Redis) this provides no performance benefit. However, this
	 * can help with tracing logs of a particular user. This will ensure that the value of
	 * the cookie is formatted as
	 * </p>
	 * <code>
	 * sessionId + "." jvmRoute
	 * </code>
	 * <p>
	 * To use set a custom route on each JVM instance and setup a frontend proxy to
	 * forward all requests to the JVM based on the route.
	 * </p>
	 *
	 * @param jvmRoute the JVM Route to use (i.e. "node01jvmA", "n01ja", etc)
	 */
	public void setJvmRoute(String jvmRoute) {
		this.jvmRoute = "." + jvmRoute;
	}

	private String getDomainName(HttpServletRequest request) {
		if (this.domainName != null) {
			return this.domainName;
		}
		if (this.domainNamePattern != null) {
			Matcher matcher = this.domainNamePattern.matcher(request.getServerName());
			if (matcher.matches()) {
				return matcher.group(1);
			}
		}
		return null;
	}
	
	 private String getCookiePath(HttpServletRequest request) {  
	        if (this.cookiePath == null) {  
	            // 此处改为返回根路径  
	            return "/";  
	        }  
	        return this.cookiePath;  
	 }  

	/**
	 * Returns true if the Servlet 3 APIs are detected.
	 *
	 * @return whether the Servlet 3 APIs are detected
	 */
	private boolean isServlet3() {
		try {
			ServletRequest.class.getMethod("startAsync");
			return true;
		}
		catch (NoSuchMethodException e) {
		}
		return false;
	}

}







package cn.com.czw.front.filter;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
import org.springframework.session.web.http.CookieHttpSessionStrategy;

@Configuration  
@EnableRedisHttpSession   
public class HttpSessionConfig {  
     @Bean  
     public CookieHttpSessionStrategy cookieHttpSessionStrategy() {  
         CookieHttpSessionStrategy strategy = new CookieHttpSessionStrategy();  
         strategy.setCookieSerializer(new CustomerCookiesSerializer());  
         return strategy;  
     }  
}

转载于:https://my.oschina.net/u/1052192/blog/1023394

weixin_34071713
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
SpringCloud实现Redis在各个微服务的Session共享问题
08-27
"Session共享问题解决方案:SpringCloud实现Redis在各个微服务的Session共享" 在微服务架构中,Session共享问题是一个常见的问题。随着微服务的增加,Session的管理变得越来越复杂。为了解决这个问题,使用Redis来...
cookie的跨域共享setDomain()方法
weixin_42053164的博客
11-05 4946
最近学习品优购day16,需要用到一个工具CookieUtil,里面有一端代码调用了setDomain方法,于是我大致看了这个知识点,通过:https://www.iteye.com/topic/34400。感觉大致了解了,记录一下。 这个方法是为了cookie的跨域共享实现的,比如访问京东商城,首页域名:www.jd.com,通过查询按钮,跳转到:search.jd.com,点击...
为你的域名添加子域名(二级域名)并绑定网站
热门推荐
XcantloadX的博客
11-19 3万+
可能更新不及时,建议去原文看最新版有没有想过为自己的域名添加一个子域名来建一个分站?或者用来测试? 那就进来吧 确定可添加子域名的个数访问你注册域名的注册商,仔细找找,这里拿 Namesilo 举例子 访问 Namesilo 官网,登录,进入你的域名管理界面,找到Sub-Domain Forwarding 进入后点击右上角的HELP,可以看见 Namesilo 最多可以创建 50 个子域
Spring Session 拦截器 学习笔记
m0_61815300的博客
01-09 932
SpringBoot学习中拦截器的学习,包含了Cookie、Session的部分基础以及拦截器的实现,末尾附代码
springboot集成springsession
飞在江湖的专栏
08-13 1162
springsession实现原理:将sessionid保存在客户端的cookie里面,然后将该sessionid作为key将session保存在redis服务端,可以就可以实现分布式及跨域(跨域指a.com站点跳转到b.com站点保持session,需要特殊处理一下)。开始我们的实验。 第一步:pom.xml引入相关jar <!--Redis起步依赖 --> <dependency> <groupId>or...
spring-cloud-gateway之子域名通配方法
chengque7086的博客
04-03 2545
背景 对于一般大型公司,会涉及有很多的子域名,例如XX1.zd.com, XX2.zd.com, XX3.zd.com,现有的spring技术体系里,跨域仅支持*通配全部,或者配置完整的origin路径。那么对于子域名过多的场景,就非常的不便捷。在此通过扩展源码能力,对这个功能进行了很好的支持...
spring boot整合redis实现shiro的分布式session共享的方法
08-28
Spring Boot 整合 Redis 实现 Shiro 的分布式 Session 共享 Shiro 是一个优秀的 Java 安全框架,提供了强大的身份验证、授权和会话管理功能。然而,在分布式架构中,Shiro 的会话管理机制需要进行特殊处理,以便...
学习Spring-Session+Redis实现session共享的方法
08-30
本篇文章主要介绍了使用Spring-Session+Redis实现session共享的方法,并提供了详细的配置步骤和示例代码。 Spring-Session简介 Spring-Session是一个基于Spring Framework的会话管理模块,它提供了一个一致的API来...
利用Spring SessionredisSession进行共享详解
08-29
2. **配置Redis连接**:在Spring Boot的配置文件(application.properties或application.yml)中,设置Redis的连接信息,如主机名、端口、密码等。 3. **启用Spring Session**:在Spring Boot的配置类中,通过`@...
Spring整合redis(jedis)实现Session共享的过程
08-27
Spring整合Redis(Jedis)实现Session共享是一种常见的解决分布式环境下用户会话管理问题的方法。Session共享使得在多个服务器之间能够访问同一用户的会话数据,提高了应用的可扩展性和用户体验。以下将详细介绍这一...
springsession 使用
hyhanyu的博客
04-14 941
springsession 获取到session会话 可以通过2种方式,一个是把token放在header,一个是放在cookie里面。如果所有的子系统域名之间的cookie信息 可以共享,可以考虑使用 cookie。 开启redis 存储session会话,使用redis存储session 是为了seesion 会话共享,主要就是实现seesion接口 ,重写session 1. 放在hea...
SpringSession——redis
武汉小喽啰
03-07 2052
官方参考手册:https://docs.spring.io/spring-session/docs/2.2.1.RELEASE/reference/html5/#samples 整合redis手册: 1. 项目整合 1.1 依赖 <dependency> <groupId>org.springframework.session</groupId> <artifactId>spring-session-data-redis</artif.
228、商城业务-认证服务-自定义SpringSession完成子域session共享
pyd1040201698的博客
09-15 230
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.data.redis.serializer.GenericJackson2JsonRedisSerializer; import org.springframework.data.redis.serializer.RedisS...
Spring Session 二级域名共享session配置
bo_hai的专栏
03-21 480
spring session redis
redis实现共享session
最新发布
u013592588的博客
11-29 257
同一域名下有时会存在多个系统,多个系统也可能有多个节点。为了各系统之间共享登录状态,避免二次登陆,需要将session统一存储。
redis实现跨服务器session共享
u012572955的专栏
05-03 7135
一般我们在做服务器集群的时候,都会配置nginx反向代理服务器。但是问题来了,多个服务器之间的session怎么共享的呢? 我在这里用的是redis,实现思路: 1.自己定义一个sessionId生成策略,在session.setAttribute操作的时候,生成一个CSESSIONID并写回服务器; 2.定义filter拦截请求,扩展HttpServletRequest,代理session
SpringBoot整合SpringSession以及自定义CookieSerializer和RedisSerializer详解
qq_47768542的博客
04-16 9185
官方文档:https://docs.spring.io/spring-session/docs/2.2.6.RELEASE/reference/html5/#api-cookieserializer 引入SpringSession依赖 <!-- SpringSession,解决分布式session共享问题--> <dependency> <groupId>org.springframework.session</groupId.
Spring-Redis实现分布式环境下主子域名Session共享
LabDNirvana的博客
09-20 1403
Spring@Configuration中关于Environment与@Value的相关分析 你好! 这是你第一次使用 Markdown编辑器 所展示的欢迎页。如果你想学习如何使用Markdown编辑器, 可以仔细阅读这篇文章,了解一下Markdown的基本语法知识。 背景: 之前一直采用通过注解的方式配置SSM框架,但是Spring官网推荐采用代码的方式进行配置,所以自己开始尝试通过代码的方式配...
使用SpringSession时cookies跨域导致Session不一致问题的解决
程序世界里的一万万万个为什么
11-11 2万+
SpringSession默认使用Cookies保存和传递SessionId,在单WebApp情况下,SessionId可以正常传递,但在多WebApp时SessionId则无法正常保存和传递,仍然会导致Session失效。这是典型的Cookies跨域导致的问题,本文将给出了具体的解决方案。
springboot中通过spring sessionredis实现session共享
04-01
Spring Boot中,可以使用Spring SessionRedis实现Session共享Spring Session是一个基于Spring的会话管理解决方案,它提供了一种统一的方式来管理用户会话,并且支持将会话存储在不同的后端存储中,包括Redis。...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值