我有一个项目想要支持 android,ios,pc web。我尝试使用 https://github.com/spring-projects/spring-session,是否可以仅在应用程序中配置以支持 HttpSession 和休息令牌?
如果可以,我该如何配置?
问问题
2115 次
2 回答
2
对我有用的一件事是重新实现***HttpSessionStrategy来自 Cookie 和 Header 实现的 using 代码。
你可以在这里看到这些类的具体实现:
- https://github.com/spring-projects/spring-session/blob/master/spring-session/src/main/java/org/springframework/session/web/http/HeaderHttpSessionStrategy.java
- https://raw.githubusercontent.com/spring-projects/spring-session/master/spring-session/src/main/java/org/springframework/session/web/http/CookieHttpSessionStrategy.java
所以getRequestedSessionId变成:
public String getRequestedSessionId(HttpServletRequest request) {
// header part
String sessionId = request.getHeader(headerName);
if(sessionId != null && !sessionId.isEmpty())
return sessionId;
// cookie part
Map<String,String> sessionIds = getSessionIds(request);
String sessionAlias = getCurrentSessionAlias(request);
return sessionIds.get(sessionAlias);
}
onInvalidateSession变成:
public void onInvalidateSession(HttpServletRequest request, HttpServletResponse response) {
// header part
response.setHeader(headerName, "");
// cookie part
Map<String,String> sessionIds = getSessionIds(request);
String requestedAlias = getCurrentSessionAlias(request);
sessionIds.remove(requestedAlias);
Cookie sessionCookie = createSessionCookie(request, sessionIds);
response.addCookie(sessionCookie);
}
onNewSession变成:
public void onNewSession(Session session, HttpServletRequest request, HttpServletResponse response) {
// header part
response.setHeader(headerName, session.getId());
// cookie part
Set<String> sessionIdsWritten = getSessionIdsWritten(request);
if(sessionIdsWritten.contains(session.getId())) {
return;
}
sessionIdsWritten.add(session.getId());
Map<String,String> sessionIds = getSessionIds(request);
String sessionAlias = getCurrentSessionAlias(request);
sessionIds.put(sessionAlias, session.getId());
Cookie sessionCookie = createSessionCookie(request, sessionIds);
response.addCookie(sessionCookie);
}
我在生产中将它用于浏览器/移动 REST API,它满足了我的所有需求。
于 2015-10-23T13:11:57.403 回答
0
您可以利用spring的 BeanFactoryPostProcessor 覆盖 postProcessAfterInitialization() 来配置 SessionRepositoryFilter 的 httpSessionStrategy,方法是在 spring 初始化后调用它的 setHttpSessionStrategy() 方法。
于 2016-06-27T18:18:58.240 回答