• StatelessSessionManager重写

    package com.foen.security;

    import org.apache.shiro.session.mgt.SessionKey;
    import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
    import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
    import org.apache.shiro.web.util.WebUtils;
    import org.slf4j.Logger;
    import org.slf4j.LoggerFactory;

    import javax.servlet.ServletRequest;
    import javax.servlet.ServletResponse;
    import javax.servlet.http.HttpServletRequest;
    import javax.servlet.http.HttpServletResponse;
    import java.io.Serializable;
    import java.util.UUID;

    /**
     * 重写这个方法
     * @auther: 作者 gzh
     * @description: 类说明
     * @Date: created in 16:47 2020/4/28
     */
    public class StatelessSessionManager extends DefaultWebSessionManager {

        /**
         * 这个是服务端要返回给客户端,
         */
        public final static String TOKEN_NAME = "TOKEN";
        /**
         * 这个是客户端请求给服务端带的header
         */
        public final static String HEADER_TOKEN_NAME = "token";

        private static final Logger logger = LoggerFactory.getLogger(StatelessSessionManager.class);

        /**
         *
         * @param key
         * @return Serializable
         */
        @Override
        public Serializable getSessionId(SessionKey key) {
            Serializable sessionId = key.getSessionId();
            if(sessionId == null){
                HttpServletRequest request = WebUtils.getHttpRequest(key);
                HttpServletResponse response = WebUtils.getHttpResponse(key);
                sessionId = this.getSessionId(request,response);
            }
            HttpServletRequest request = WebUtils.getHttpRequest(key);
            request.setAttribute(TOKEN_NAME,sessionId.toString());
            return sessionId;
        }

        /**
         * 取数据getSessionId
         * @param servletRequest
         * @param servletResponse
         * @return Serializable
         */
        @Override
        public Serializable getSessionId(ServletRequest servletRequest, ServletResponse servletResponse) {
            HttpServletRequest request = (HttpServletRequest) servletRequest;
            String token = request.getHeader(HEADER_TOKEN_NAME);
            if(token == null){
                token = UUID.randomUUID().toString();
            }

            //这段代码还没有去查看其作用,但是这是其父类中所拥有的代码,重写完后我复制了过来...开始
            request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE,
                    ShiroHttpServletRequest.COOKIE_SESSION_ID_SOURCE);
            request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID, token);
            request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_IS_VALID, Boolean.TRUE);
            request.setAttribute(ShiroHttpServletRequest.SESSION_ID_URL_REWRITING_ENABLED, isSessionIdUrlRewritingEnabled());
            //这段代码还没有去查看其作用,但是这是其父类中所拥有的代码,重写完后我复制了过来...结束

            logger.info("=============>token:"+token);
            return token;
        }
    }
  • 相关阅读:
    ASP.NET中如何防范SQL注入式攻击?(转)
    打开D盘时速度奇慢?
    Visual Studio 2008 下载地址
    如何利用XML文件,做为配置参数?
    如何将一个表中的数据INSERT INTO 到另一个表中?
    拖延交货或惹万人诉讼 消费者称戴尔态度恶劣
    NHibernate Linq中Null值排序的解决方法
    NHibernate3剖析:Query篇之NHibernate.Linq标准查询
    Nhibernate出现No row with the given identifier exists问题的产生原因及解决方法
    Nhibernate使用动态Expression的问题解决
  • 原文地址:https://www.cnblogs.com/gzhbk/p/12799836.html
Copyright © 2020-2023  润新知