为实现Web应用的分布式集群部署,要解决登录session的统一。本文利用shiro做权限控制,redis做session存储,结合spring boot快速配置实现session共享。

  1、引入相关依赖

        <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter-data-redis</artifactId>

        </dependency>

             <dependency>

            <groupId>org.apache.shiro</groupId>

            <artifactId>shiro-spring</artifactId>

            <version>1.3.2</version>

        </dependency>

  2、Redis相关

  2.1.redis配置

  spring.redis.host=localhost

  spring.redis.port=6379

  spring.redis.password=

  2.2.redis缓存的对象必须序列化,通用序列化 

import org.springframework.core.convert.converter.Converter;

import org.springframework.core.serializer.support.DeserializingConverter;

import org.springframework.core.serializer.support.SerializingConverter;

import org.springframework.data.redis.serializer.RedisSerializer;

import org.springframework.data.redis.serializer.SerializationException;

/**

 * redis序列化对象

 */

public class RedisObjectSerializer implements RedisSerializer<Object> {

    private Converter<Object, byte[]> serializer = new SerializingConverter();

    private Converter<byte[], Object> deserializer = new DeserializingConverter();

    static final byte[] EMPTY_ARRAY = new byte[0];

    public Object deserialize(byte[] bytes) {

        if (isEmpty(bytes)) {

            return null;

        }

        try {

            return deserializer.convert(bytes);

        } catch (Exception ex) {

            throw new SerializationException("Cannot deserialize", ex);

        }

    }

    public byte[] serialize(Object object) {

        if (object == null) {

            return EMPTY_ARRAY;

        }

        try {

            return serializer.convert(object);

        } catch (Exception ex) {

            return EMPTY_ARRAY;

        }

    }

    private boolean isEmpty(byte[] data) {

        return (data == null || data.length == 0);

    }

}

  2.3 RedisTemplate 配置

import org.springframework.cache.CacheManager;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.data.redis.cache.RedisCacheManager;

import org.springframework.data.redis.connection.RedisConnectionFactory;

import org.springframework.data.redis.core.RedisTemplate;

import org.springframework.data.redis.serializer.StringRedisSerializer;

/**

 * redis 配置

 */

@Configuration

public class RedisConfig {

    @Bean

    public CacheManager cacheManager(RedisTemplate<Object, Object> redisTemplate) {

        RedisCacheManager cacheManager = new RedisCacheManager(redisTemplate);

        cacheManager.setDefaultExpiration(1800);

        return cacheManager;

    }

    @Bean

    public RedisTemplate<Object, Object> redisTemplate(RedisConnectionFactory factory) {

        RedisTemplate<Object, Object> template = new RedisTemplate<Object, Object>();

        template.setConnectionFactory(factory);

        template.setKeySerializer(new StringRedisSerializer());

        template.setValueSerializer(new RedisObjectSerializer());

        return template;

    }

}

  3.Redis实现shiro的SessionDao存取session

import java.io.Serializable;

import java.util.concurrent.TimeUnit;

import javax.annotation.Resource;

import org.apache.shiro.session.Session;

import org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO;

import org.slf4j.Logger;

import org.slf4j.LoggerFactory;

import org.springframework.data.redis.core.RedisTemplate;

import org.springframework.stereotype.Component;

/**

 * redis实现共享session

 */

@Component

public class RedisSessionDAO extends EnterpriseCacheSessionDAO {

    private static Logger logger = LoggerFactory.getLogger(RedisSessionDAO.class);

    // session 在redis过期时间是30分钟30*60

    private static int expireTime = 1800;

    private static String prefix = "weiyou-shiro-session:";

    @Resource

    private RedisTemplate<String, Object> redisTemplate;

    // 创建session,保存到数据库

    @Override

    protected Serializable doCreate(Session session) {

        Serializable sessionId = super.doCreate(session);

        logger.debug("创建session:{}", session.getId());

        redisTemplate.opsForValue().set(prefix + sessionId.toString(), session);

        return sessionId;

    }

    // 获取session

    @Override

    protected Session doReadSession(Serializable sessionId) {

        logger.debug("获取session:{}", sessionId);

        // 先从缓存中获取session,如果没有再去数据库中获取

        Session session = super.doReadSession(sessionId);

        if (session == null) {

            session = (Session) redisTemplate.opsForValue().get(prefix + sessionId.toString());

        }

        return session;

    }

    // 更新session的最后一次访问时间

    @Override

    protected void doUpdate(Session session) {

        super.doUpdate(session);

        logger.debug("获取session:{}", session.getId());

        String key = prefix + session.getId().toString();

        if (!redisTemplate.hasKey(key)) {

            redisTemplate.opsForValue().set(key, session);

        }

        redisTemplate.expire(key, expireTime, TimeUnit.SECONDS);

    }

    // 删除session

    @Override

    protected void doDelete(Session session) {

        logger.debug("删除session:{}", session.getId());

        super.doDelete(session);

        redisTemplate.delete(prefix + session.getId().toString());

    }

}

  4.实现cache共享

import java.util.ArrayList;

import java.util.Collection;

import java.util.List;

import java.util.Set;

import java.util.concurrent.TimeUnit;

import org.apache.shiro.cache.Cache;

import org.apache.shiro.cache.CacheException;

import org.springframework.data.redis.core.RedisTemplate;

@SuppressWarnings("unchecked")

public class ShiroCache<K, V> implements Cache<K, V> {

    private static final String REDIS_SHIRO_CACHE = "weiyou-shiro-cache:";

    private String cacheKey;

    private RedisTemplate<K, V> redisTemplate;

    private long globExpire = 30;

    @SuppressWarnings("rawtypes")

    public ShiroCache(String name, RedisTemplate client) {

        this.cacheKey = REDIS_SHIRO_CACHE + name + ":";

        this.redisTemplate = client;

    }

    @Override

    public V get(K key) throws CacheException {

        redisTemplate.boundValueOps(getCacheKey(key)).expire(globExpire, TimeUnit.MINUTES);

        return redisTemplate.boundValueOps(getCacheKey(key)).get();

    }

    @Override

    public V put(K key, V value) throws CacheException {

        V old = get(key);

        redisTemplate.boundValueOps(getCacheKey(key)).set(value);

        return old;

    }

    @Override

    public V remove(K key) throws CacheException {

        V old = get(key);

        redisTemplate.delete(getCacheKey(key));

        return old;

    }

    @Override

    public void clear() throws CacheException {

        redisTemplate.delete(keys());

    }

    @Override

    public int size() {

        return keys().size();

    }

    @Override

    public Set<K> keys() {

        return redisTemplate.keys(getCacheKey("*"));

    }

    @Override

    public Collection<V> values() {

        Set<K> set = keys();

        List<V> list = new ArrayList<>();

        for (K s : set) {

            list.add(get(s));

        }

        return list;

    }

    private K getCacheKey(Object k) {

        return (K) (this.cacheKey + k);

    }

}

  实现shiro 的CacheManager

import javax.annotation.Resource;

import org.apache.shiro.cache.Cache;

import org.apache.shiro.cache.CacheException;

import org.apache.shiro.cache.CacheManager;

import org.springframework.data.redis.core.RedisTemplate;

public class RedisCacheManager implements CacheManager {

    @Resource

    private RedisTemplate<String, Object> redisTemplate;

    @Override

    public <K, V> Cache<K, V> getCache(String name) throws CacheException {

        return new ShiroCache<K, V>(name, redisTemplate);

    }

    public RedisTemplate<String, Object> getRedisTemplate() {

        return redisTemplate;

    }

    public void setRedisTemplate(RedisTemplate<String, Object> redisTemplate) {

        this.redisTemplate = redisTemplate;

    }

}

5.配置

  

import java.util.HashMap;

import java.util.Map;

import javax.annotation.Resource;

import org.apache.shiro.session.mgt.SessionManager;

import org.apache.shiro.spring.LifecycleBeanPostProcessor;

import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;

import org.apache.shiro.spring.web.ShiroFilterFactoryBean;

import org.apache.shiro.web.mgt.DefaultWebSecurityManager;

import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;

import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

/**

 *

 * @author April.Chen

 */

//@Configuration

public class ShiroConfig {

    @Resource

    private RedisSessionDAO sessionDAO;

    @Bean

    public UserRealm getUserRealm() {

        return new UserRealm();

    }

    @Bean

    public LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {

        return new LifecycleBeanPostProcessor();

    }

    @Bean

    public RedisCacheManager redisCacheManager() {

        return new RedisCacheManager();

    }

    @Bean

    public SessionManager sessionManager() {

        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();

        sessionManager.setSessionDAO(sessionDAO);

        sessionManager.setGlobalSessionTimeout(1800);

        sessionManager.setCacheManager(redisCacheManager());

        return sessionManager;

    }

    @Bean

    public DefaultWebSecurityManager securityManager() {

        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();

        securityManager.setSessionManager(sessionManager());

        securityManager.setCacheManager(redisCacheManager());

        return securityManager;

    }

    @Bean

    public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor() {

        AuthorizationAttributeSourceAdvisor aasa = new AuthorizationAttributeSourceAdvisor();

        aasa.setSecurityManager(securityManager());

        return new AuthorizationAttributeSourceAdvisor();

    }

    @Bean

    public DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator() {

        DefaultAdvisorAutoProxyCreator daap = new DefaultAdvisorAutoProxyCreator();

        daap.setProxyTargetClass(true);

        return daap;

    }

    @Bean

    public ShiroFilterFactoryBean getShiroFilterFactoryBean() {

        Map<String, String> filterChainDefinitionMap = new HashMap<>();

        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();

        shiroFilterFactoryBean.setSecurityManager(securityManager());

        shiroFilterFactoryBean.setLoginUrl("/login");

        shiroFilterFactoryBean.setSuccessUrl("/index");

        filterChainDefinitionMap.put("/sa/**", "authc");

        filterChainDefinitionMap.put("/**", "anon");

        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);

        return shiroFilterFactoryBean;

    }

}

Spring Boot + Redis 实现Shiro集群的更多相关文章

  1. Spring Boot集成Hazelcast实现集群与分布式内存缓存

    Hazelcast是Hazelcast公司开源的一款分布式内存数据库产品,提供弹性可扩展.高性能的分布式内存计算.并通过提供诸如Map,Queue,ExecutorService,Lock和JCach ...

  2. Spring Boot项目配置RabbitMQ集群

    //具体参看了配置的源码 org.springframework.boot.autoconfigure.amqp.RabbitProperties //RabbitMQ单机 spring:   rab ...

  3. spring + spring-data-redist + Redis 单机、集群(cluster模式,哨兵模式)

    一.单机redis配置 1. 配置redis连接池 <bean id="jedisPoolConfig" class="redis.clients.jedis.Je ...

  4. Apache shiro集群实现 (七)分布式集群系统下---cache共享

    Apache shiro集群实现 (一) shiro入门介绍 Apache shiro集群实现 (二) shiro 的INI配置 Apache shiro集群实现 (三)shiro身份认证(Shiro ...

  5. Apache shiro集群实现 (六)分布式集群系统下的高可用session解决方案---Session共享

    Apache shiro集群实现 (一) shiro入门介绍 Apache shiro集群实现 (二) shiro 的INI配置 Apache shiro集群实现 (三)shiro身份认证(Shiro ...

  6. Redis 高可用集群

    Redis 高可用集群 Redis 的集群主从模型是一种高可用的集群架构.本章主要内容有:高可用集群的搭建,Jedis连接集群,新增集群节点,删除集群节点,其他配置补充说明. 高可用集群搭建 集群(c ...

  7. Apache shiro集群实现 (八) web集群时session同步的3种方法

    Apache shiro集群实现 (一) shiro入门介绍 Apache shiro集群实现 (二) shiro 的INI配置 Apache shiro集群实现 (三)shiro身份认证(Shiro ...

  8. Apache shiro集群实现 (五)分布式集群系统下的高可用session解决方案

    Apache shiro集群实现 (一) shiro入门介绍 Apache shiro集群实现 (二) shiro 的INI配置 Apache shiro集群实现 (三)shiro身份认证(Shiro ...

  9. Apache shiro集群实现 (四)shiro授权(Authentication)--访问控制

    Apache shiro集群实现 (一) shiro入门介绍 Apache shiro集群实现 (二) shiro 的INI配置 Apache shiro集群实现 (三)shiro身份认证(Shiro ...

随机推荐

  1. 多层mvc,thikphp进阶

    程序员,是一种生活态度. 我尽忠恪守,我努力进取,热衷于解决问题,希望得到同样的回报. 我遇到问题,将所有的力量用在解决问题,而不是抱怨,推卸责任上. ------------------------ ...

  2. c++语言的组合类的使用,用组合类的方法计算两点间距离。

    组合类的使用主要涉及到类的构造函数,类的复制构造函数. #include <iostream> #include<cmath> class Point{ public: Poi ...

  3. django 学习之DRF (三)

    Django学习之DRF-03 视图集    1.视图集介绍    2.视图集基本使⽤        1.需求 使⽤视图集获取列表数据和单⼀数据        2.实现 class BookInfoV ...

  4. js数据类型基础

    一.数据类型 数据类型包括:基本数据类型和引用数据类型 基本数据类型指的是简单的数据段,引用数据类型指的是有多个值构成的对象. 当我们把变量赋值给一个变量时,解析器首先要确认的就是这个值是基本类型值还 ...

  5. Java Web之数据库连接池

    数据库连接池 一.数据库连接池 1. 数据库连接池就是存放数据库连接(Connection)的集合 2. 我们获取一个数据库连接是一个相对很麻烦的过程,如果我们获取一个数据库连接,使用一次以后就给它关 ...

  6. P3943 星空 区间异或差分

    \(\color{#0066ff}{ 题目描述 }\) 逃不掉的那一天还是来了,小 F 看着夜空发呆. 天上空荡荡的,没有一颗星星--大概是因为天上吹不散的乌云吧. 心里吹不散的乌云,就让它在那里吧, ...

  7. Linq中的group by多表多字段,Sum求和

    //Line to Sql 写法 var data = (from a in Items group a by new { a.GroupId, a.Id } into b //orderby new ...

  8. [USACO09FEB]改造路Revamping Trails 分层最短路 Dijkstra BZOJ 1579

    题意翻译 约翰一共有N)个牧场.由M条布满尘埃的小径连接.小径可 以双向通行.每天早上约翰从牧场1出发到牧场N去给奶牛检查身体. 通过每条小径都需要消耗一定的时间.约翰打算升级其中K条小径,使之成为高 ...

  9. 牛客寒假算法基础集训营4 F Applese 的QQ群

    链接:https://ac.nowcoder.com/acm/contest/330/F来源:牛客网 Applese 有一个QQ群.在这个群中,大家互相请教问题.如 b 向 a 请教过问题,就把 a ...

  10. Linux系统之ssh命令

    ssh命令用于远程登录上Linux主机. 常用格式:ssh [-l login_name] [-p port] [user@]hostname更详细的可以用ssh -h查看. 不指定用户: ssh 1 ...