1.创建OnlineSessionDao继承EnterpriseCacheSessionDAO,实现session持久化共享
package com.jsaas.core.security;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
import java.util.Collection;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.UnknownSessionException;
import org.apache.shiro.session.mgt.SimpleSession;
import org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO;
import com.jfinal.log.Log;
import com.jfinal.plugin.ehcache.CacheKit;
import com.jfinal.plugin.redis.Redis;
/**
* @ClassName: onlineSessionDao
* @Description: session管理,获取在线用户等(session持久化,配合nginx负载均衡,实现共享session)
* @author tuozq
* @date 2017年11月3日 上午9:48:01
*
*/
public class OnlineSessionDao extends EnterpriseCacheSessionDAO {
private static final Log log = Log.getLog(OnlineSessionDao.class);
//定义sessionDao缓存的前缀,可以通过 Redis.use().getJedis().keys(OnlineSessionDao.cacheNamePrefix + "*") 获取到sessionDao缓存的所有session
public static final String cacheNamePrefix = "shiro_sessionDao_cache:";
private void set(String key, Object value){
Redis.use().set(cacheNamePrefix + key, value);
}
private Object get(String key){
return Redis.use().get(cacheNamePrefix + key);
}
private void remove(String key){
Redis.use().del(cacheNamePrefix + key);
}
/**
* 创建session
*/
@Override
public Serializable doCreate(Session session) {
Serializable sessionId = super.doCreate(session);
log.info("创建 Session:"+session.getHost() + ";" + session.getId());
set(session.getId().toString(), sessionToByte(session));
return sessionId;
}
/**
* 删除session
*/
@Override
public void doDelete(Session session) {
log.info("删除 Session:"+session.getHost() + ";" + session.getId());
remove(session.getId().toString());
super.doDelete(session);
}
/**
* 更新session的最后一次访问时间
*/
@Override
public void doUpdate(Session session) throws UnknownSessionException {
log.info("更新 Session:"+session.getHost() + ";" + session.getId());
set(session.getId().toString(), sessionToByte(session));
super.doUpdate(session);
}
/**
* 获取session
*/
@Override
protected Session doReadSession(Serializable sessionId) {
Session session = super.doReadSession(sessionId);
if(session == null){
byte[] bytes = (byte[]) get(sessionId.toString());
if(bytes != null && bytes.length > 0){
session = byteToSession(bytes);
}
}
return session;
}
// 把session对象转化为byte保存到缓存中
public byte[] sessionToByte(Session session){
ByteArrayOutputStream bo = new ByteArrayOutputStream();
byte[] bytes = null;
try {
ObjectOutputStream oo = new ObjectOutputStream(bo);
oo.writeObject(session);
bytes = bo.toByteArray();
} catch (IOException e) {
e.printStackTrace();
}
return bytes;
}
// 把byte还原为session
public Session byteToSession(byte[] bytes){
ByteArrayInputStream bi = new ByteArrayInputStream(bytes);
ObjectInputStream in;
SimpleSession session = null;
try {
in = new ObjectInputStream(bi);
session = (SimpleSession) in.readObject();
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return session;
}
}
2.使用redis接管shiro cacheManage
创建RedisCacheManage类实现CacheManager接口,在shiro.ini中指定cacheManager为RedisCacheManage
package com.jsaas.core.security.cache;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheException;
import org.apache.shiro.cache.CacheManager;
import com.jfinal.log.Log;
import com.jfinal.plugin.redis.Redis;
/**
* @Title: RedisCacheManage.java
* @Package com.jsaas.core.security
* @Description: TODO(接管shiro缓存管理)
* @author tuozq
* @date 2017年12月7日 上午9:26:07
* @version V1.0
*/
@SuppressWarnings({"rawtypes","unchecked"})
public class RedisCacheManage implements CacheManager {
private static final Log log = Log.getLog(RedisCacheManage.class);
private final ConcurrentMap<String, Cache> caches = new ConcurrentHashMap<String, Cache>();
public <K, V> Cache<K, V> getCache(String name) throws CacheException {
// TODO Auto-generated method stub
log.info(String.format("获取redis %s 实例", name));
if(caches.containsKey(name)){
return caches.get(name);
}
RedisCache<K, V> redisCache = new RedisCache<K, V>(new RedisManage(name));
caches.put(name, redisCache);
return redisCache;
}
}
实现shiro的cache
package com.jsaas.core.security.cache;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheException;
import com.jfinal.log.Log;
import redis.clients.jedis.Jedis;
/**
* @Title: RedisCache.java
* @Package com.jsaas.core.security.cache
* @Description: TODO(shiro缓存cache)
* @author tuozq
* @date 2017年12月7日 上午9:50:19
* @version V1.0
*/
public class RedisCache<K, V> implements Cache<K, V> {
Log log = Log.getLog(RedisCache.class);
private RedisManage redisManage;
public RedisCache(RedisManage redisManage){
this.redisManage = redisManage;
}
private com.jfinal.plugin.redis.Cache getCache(){
log.info("user cache :" + redisManage.getPrefix());
return redisManage.getCache();
}
public void clear() throws CacheException {
// TODO Auto-generated method stub
getCache().getJedis().flushDB();
}
public V get(K key) throws CacheException {
// TODO Auto-generated method stub
return getCache().get(redisManage.getPrefix() + key);
}
@SuppressWarnings("unchecked")
public Set<K> keys() {
// TODO Auto-generated method stub
Jedis jedis = getCache().getJedis();
Set<String> keys = jedis.keys(redisManage.getPrefix() + "*");
Set<K> ks = new HashSet<K>();
for (String key : keys) {
ks.add((K)key);
}
return ks;
}
public V put(K key, V value) throws CacheException {
// TODO Auto-generated method stub
getCache().set(redisManage.getPrefix() + key, value);
return value;
}
public V remove(K key) throws CacheException {
// TODO Auto-generated method stub
V value = getCache().get(redisManage.getPrefix() + key);
getCache().del(redisManage.getPrefix() + key);
return value;
}
public int size() {
// TODO Auto-generated method stub
return keys().size();
}
public Collection<V> values() {
// TODO Auto-generated method stub
Set<K> ks = keys();
List<V> vs = new ArrayList<V>();
for (K k : ks) {
vs.add(get(k));
}
return vs;
}
}
shiro redisManage
package com.jsaas.core.security.cache;
import com.jfinal.plugin.redis.Redis;
import com.jsaas.common.Constant;
/**
* @Title: RedisManage.java
* @Package com.jsaas.core.security.cache
* @Description: TODO(shiro redis 缓存管理)
* @author tuozq
* @date 2017年12月7日 上午11:28:31
* @version V1.0
*/
public class RedisManage {
private com.jfinal.plugin.redis.Cache cache;
//用于区分shiro不同的cache name
private String prefix;
public RedisManage(String cachename) {
// TODO Auto-generated constructor stub
this.prefix = cachename + ":";
}
public com.jfinal.plugin.redis.Cache getCache() {
if(cache == null){
//在jfinalConfig中添加redis插件 me.add(new RedisPlugin(Constant.REDIS_SHIROMANAGE_CACHE, "127.0.0.1", 6379));
cache = Redis.use(Constant.REDIS_SHIROMANAGE_CACHE);
}
return cache;
}
public String getPrefix(){
return this.prefix;
}
}
3.nginx配置
#配置集群
upstream jsaas_server {
server localhost:81 weight=5;
server localhost:82 weight=5;
}
#gzip on;
server {
listen 80;
server_name localhost;
#配置代理服务器
location / {
proxy_pass http://jsaas_server;# http://localhost:80/ 请求转发到jsaas_server集群
proxy_set_header Host $http_host;
proxy_set_header Cookie $http_cookie;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 100m;
proxy_connect_timeout 1;#连接超时时间,不能设置过长,否则服务器宕机时无法快速切换服务器
#proxy_set_header Host $host:$server_port;
}4.shiro.ini
#指定sessiondao
sessionDAO = com.jsaas.core.security.OnlineSessionDao
sessionDAO.activeSessionsCacheName = shiro-activeSessionCache
sessionManager.sessionDAO = $sessionDAO
#指定cacheManager
cacheManager = com.jsaas.core.security.cache.RedisCacheManage
securityManager.cacheManager = $cacheManager
###############################全部shiro配置########################################
[main]
#realm
#自定义Realm
myRealm = com.jsaas.core.security.ShiroDbRealm
securityManager.realm = $myRealm
#配置shiro的密码验证方式为盐加密 也可以通过ShiroDbRealm 中 setCredentialsMatcher方法指定自定义的密码验证方式
credentialsMatcher=org.apache.shiro.authc.credential.HashedCredentialsMatcher
credentialsMatcher.hashAlgorithmName=SHA-1
credentialsMatcher.hashIterations=1024
credentialsMatcher.storedCredentialsHexEncoded=true
myRealm.credentialsMatcher=$credentialsMatcher
#没有登录的用户请求需要登录的页面时自动跳转到登录页面,不是必须的属性,不输入地址的话会自动寻找项目web项目的根目录下的”/login.jsp”
shiro.loginUrl = /login
#登录成功默认跳转页面,不配置则跳转至”/”。如果登陆前点击的一个需要登录的页面,则在登录自动跳转到那个需要登录的页面。不跳转到此。
shiro.successUrl = /sys/user/successUrl
#没有权限默认跳转的页面。
shiro.unauthorizedUrl = /403
#sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
sessionManager = com.jsaas.core.security.MyWebSessionManager
#ehcache
#shiroCacheManager = org.apache.shiro.cache.ehcache.EhCacheManager
#shiroCacheManager.cacheManagerConfigFile = classpath:ehcache.xml
#securityManager.cacheManager = $shiroCacheManager
#redis cache
cacheManager = com.jsaas.core.security.cache.RedisCacheManage
securityManager.cacheManager = $cacheManager
#session
#sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
sessionDAO = com.jsaas.core.security.OnlineSessionDao
sessionDAO.activeSessionsCacheName = shiro-activeSessionCache
sessionManager.sessionDAO = $sessionDAO
securityManager.sessionManager = $sessionManager
securityManager.sessionManager.globalSessionTimeout = 360000
[urls]
/res/** = anon
/login/** = anon
/user/** = anon
/** = authc