核心点就是spring-session没有对session在url重写后进行处理。我实现了一个
在applicat-context.xml中,如下配置(只配置了核心的部分代码,不是全部):
<bean id="redisHttpSessionConfiguration" class="org.springframework.session.data.redis.config.annotation.web.http.RedisHttpSessionConfiguration">
<property name="maxInactiveIntervalInSeconds" value="3600" />
<property name="httpSessionStrategy" ref="cookieHttpSessionStrategy"/>
</bean>
<bean id="customCookieSerializer" class="com.a.b.CustomCookieSerializer">
<property name="cookieName" value="SESSION"/>
</bean>
<bean id="cookieHttpSessionStrategy" class="org.springframework.session.web.http.CookieHttpSessionStrategy">
<property name="cookieSerializer" ref="customCookieSerializer"/>
</bean>
其中CustomCookieSerializer代码如下(比较简陋,请大家帮忙修正):
public class CustomCookieSerializer extends DefaultCookieSerializer {
private String cookieName = "SESSION";
@Override
public void setCookieName(String cookieName) {
this.cookieName = cookieName;
super.setCookieName(cookieName);
}
@Override
public List<String> readCookieValues(HttpServletRequest request) {
List<String> cookies = super.readCookieValues(request);
String reqUri = request.getRequestURI();
if(reqUri.contains(";"))
{
String s = reqUri.substring(reqUri.indexOf(";")+1);
if(s.contains(this.cookieName))
{
String jssionid = s.substring(s.indexOf(this.cookieName) + this.cookieName.length() + 1);
if(!cookies.contains(jssionid))
cookies.add(jssionid);
}
}
return cookies;
}
}
浏览器URL重写session时的调用方式是:http://xxxx/aaa;SESSION=xxxxxxxx