spring-boot - 带有 Hazelcast 和 Tomcat 的 Spring Boot

Question

您如何使用 Hazelcast 作为带有 Spring Boot 和 Spring Security 的嵌入式 Tomcat 的 http 会话存储？我看到有一个 EmbeddedServletContainerCustomizer 和 SpringAwareWebFilter 但我不明白如何使用它。

Answer 1

如Hazelcast 的文档中所述，您需要配置 HazelcastSpringAwareWebFilter和SessionListener. 您可以通过分别声明 aFilterRegistrationBean和 a在 Spring Boot 中执行此操作ServletListenerRegistrationBean：

@Bean
public FilterRegistrationBean hazelcastFilter() {
    FilterRegistrationBean registration = new FilterRegistrationBean(new SpringAwareWebFilter());

    registration.addUrlPatterns("/*");
    registration.setDispatcherTypes(DispatcherType.REQUEST, DispatcherType.FORWARD, DispatcherType.INCLUDE);

    // Configure init parameters as appropriate:
    // registration.addInitParameter("foo", "bar");

    return registration;
}

@Bean
public ServletListenerRegistrationBean<SessionListener> hazelcastSessionListener() {
    return new ServletListenerRegistrationBean<SessionListener>(new SessionListener());
}

SpringAwareWebFilter并且SessionListener都在 Hazelcast 的hazelcast-wm模块中，因此您需要在 or 上添加com.hazelcast:hazelcast-wm依赖pom.xml项build.gradle。hazelcast-wm还要求 Spring Security 在类路径上。

现在，当您运行应用程序时，您应该会在启动期间看到 Hazelcast 的日志输出，类似于以下内容：

2014-12-17 10:29:32.401  INFO 94332 --- [ost-startStop-1] com.hazelcast.config.XmlConfigLocator    : Loading 'hazelcast-default.xml' from classpath.
2014-12-17 10:29:32.435  INFO 94332 --- [ost-startStop-1] c.hazelcast.web.HazelcastInstanceLoader  : Creating a new HazelcastInstance for session replication
2014-12-17 10:29:32.582  INFO 94332 --- [ost-startStop-1] c.h.instance.DefaultAddressPicker        : [LOCAL] [dev] [3.3.3] Prefer IPv4 stack is true.
2014-12-17 10:29:32.590  INFO 94332 --- [ost-startStop-1] c.h.instance.DefaultAddressPicker        : [LOCAL] [dev] [3.3.3] Picked Address[169.254.144.237]:5701, using socket ServerSocket[addr=/0:0:0:0:0:0:0:0,localport=5701], bind any local is true
2014-12-17 10:29:32.612  INFO 94332 --- [ost-startStop-1] c.h.spi.impl.BasicOperationScheduler     : [169.254.144.237]:5701 [dev] [3.3.3] Starting with 16 generic operation threads and 16 partition operation threads.
2014-12-17 10:29:32.657  INFO 94332 --- [ost-startStop-1] com.hazelcast.system                     : [169.254.144.237]:5701 [dev] [3.3.3] Hazelcast 3.3.3 (20141112 - eadb69c) starting at Address[169.254.144.237]:5701
2014-12-17 10:29:32.657  INFO 94332 --- [ost-startStop-1] com.hazelcast.system                     : [169.254.144.237]:5701 [dev] [3.3.3] Copyright (C) 2008-2014 Hazelcast.com
2014-12-17 10:29:32.661  INFO 94332 --- [ost-startStop-1] com.hazelcast.instance.Node              : [169.254.144.237]:5701 [dev] [3.3.3] Creating MulticastJoiner
2014-12-17 10:29:32.664  INFO 94332 --- [ost-startStop-1] com.hazelcast.core.LifecycleService      : [169.254.144.237]:5701 [dev] [3.3.3] Address[169.254.144.237]:5701 is STARTING
2014-12-17 10:29:38.482  INFO 94332 --- [ost-startStop-1] com.hazelcast.cluster.MulticastJoiner    : [169.254.144.237]:5701 [dev] [3.3.3] 


Members [1] {
    Member [169.254.144.237]:5701 this
}  

2014-12-17 10:29:38.503  INFO 94332 --- [ost-startStop-1] com.hazelcast.core.LifecycleService      : [169.254.144.237]:5701 [dev] [3.3.3] Address[169.254.144.237]:5701 is STARTED

Answer 2

为什么不使用 Spring-session？这很容易。

我们实际上没有使用 Tomcat 的 HttpSession，而是将值持久化在 Redis 中。Spring Session 将 HttpSession 替换为由 Redis 支持的实现。当 Spring Security 的 SecurityContextPersistenceFilter 将 SecurityContext 保存到 HttpSession 时，它会被持久化到 Redis 中。

@EnableRedisHttpSession 
public class HttpSessionConfig {
}


#src/main/resources/application.properties
spring.redis.host=localhost
spring.redis.password=secret
spring.redis.port=6379

http://docs.spring.io/spring-session/docs/current/reference/html5/guides/boot.html