为何要修改sessionId名称

如果多个应用系统，访问使用同一个域名或IP,不同端口时，在同一个浏览器登陆这些系统系统，它们之间会出现用户会话会出现覆盖问题，即登录到其中一个应用系统，其他应用系统出现重新登陆现象；

具体操作

经过分析SpringHttpSessionConfiguration的源码（这里不带大家对源码进行分析了），可归纳出以下两种方式可修改sessionId名称

1、定义相关的Bean，SpringHttpSessionConfiguration会自动将这些Bean注入到自身的配置中；

@Configurationpublic class SpringSessionBeanConfiguration {     @Value("${spring.session.cookieName:'JSESSIONID'}")    private String cookieName;       //Cookie配置    @Bean    public CookieSerializer cookieSerializer(){        DefaultCookieSerializer cookieSerializer = new DefaultCookieSerializer();        cookieSerializer.setCookieName(cookieName);//sessionId名称        return  cookieSerializer;    }     //HttpSessionId配置    @Bean    public HttpSessionIdResolver httpSessionIdResolver(){        CookieHttpSessionIdResolver cookieHttpSessionIdResolver = new CookieHttpSessionIdResolver();        cookieHttpSessionIdResolver.setCookieSerializer(cookieSerializer());        return cookieHttpSessionIdResolver;    }}

2、自定义配置类并继承SpringHttpSessionConfiguration，然后直接对配置类中的属性进行修改，由于这里我用的是redis存储session,此时我直接继承RedisHttpSessionConfiguration（SpringHttpSessionConfiguration的子类）

@Configurationpublic class RedisSessionConfiguration extends RedisHttpSessionConfiguration  {     @Value("${spring.session.cookieName:'JSESSIONID'}")    private String cookieName;      @PostConstruct    @Override    public void init() {        DefaultCookieSerializer cookieSerializer = new DefaultCookieSerializer();        cookieSerializer.setCookieName(cookieName);//sessionId名称        CookieHttpSessionIdResolver cookieHttpSessionIdResolver = new CookieHttpSessionIdResolver();        cookieHttpSessionIdResolver.setCookieSerializer(cookieSerializer);        super.setHttpSessionIdResolver(cookieHttpSessionIdResolver);        super.setCookieSerializer(cookieSerializer);    }}

这里面我遇到有一个坑，要在这个地方特别说明下：在第二种方案中的配置类中，如果在该配置类中定义@Bean,则在@Bean的方法体中无法获取application.yml(properties)中的属性值，具体样例代码如下：

  @Configurationpublic class RedisSessionConfiguration extends RedisHttpSessionConfiguration  {     @Value("${spring.session.cookieName:'JSESSIONID'}")    private String cookieName;      //Cookie配置    @Bean    public CookieSerializer cookieSerializer(){        DefaultCookieSerializer cookieSerializer = new DefaultCookieSerializer();        //此处无法获取到通过@Value注入的cookieName的值        cookieSerializer.setCookieName(cookieName);//sessionId名称        return  cookieSerializer;    }     //HttpSessionId配置    @Bean    public HttpSessionIdResolver httpSessionIdResolver(){        CookieHttpSessionIdResolver cookieHttpSessionIdResolver = new CookieHttpSessionIdResolver();        cookieHttpSessionIdResolver.setCookieSerializer(cookieSerializer());        return cookieHttpSessionIdResolver;    }      @PostConstruct    @Override    public void init() {        DefaultCookieSerializer cookieSerializer = new DefaultCookieSerializer();        //此处可以获取到cookieName的值        cookieSerializer.setCookieName(cookieName);//sessionId名称        CookieHttpSessionIdResolver cookieHttpSessionIdResolver = new CookieHttpSessionIdResolver();        cookieHttpSessionIdResolver.setCookieSerializer(cookieSerializer);        super.setHttpSessionIdResolver(cookieHttpSessionIdResolver);        super.setCookieSerializer(cookieSerializer);    }}

原网址: 访问
创建于: 2021-01-28 14:46:30
目录: default
标签: 无

未标明原创文章均为采集，版权归作者所有，转载无需和我联系，请注明原出处，南摩阿彌陀佛，知识，不只知道，要得到

请先后发表评论