Avoid getting the session from redis every time, first from the servlet, if not found, get it from redis, and then save it to the servlet
1. Create a CustomSessionManager that inherits from DefaultWebSessionManager
package com.springshirodemo.Realm;
import java.io.Serializable;
import javax.servlet.ServletRequest;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.UnknownSessionException;
import org.apache.shiro.session.mgt.SessionKey;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.apache.shiro.web.session.mgt.WebSessionKey;
public class CustoMsessionManager extends DefaultWebSessionManager {
@Override
protected Session retrieveSession(SessionKey sessionKey) throws UnknownSessionException {
// TODO Auto-generated method stub
Serializable sessionId = getSessionId(sessionKey);
ServletRequest request = null;
if(sessionKey instanceof WebSessionKey) {
request = ((WebSessionKey)sessionKey).getServletRequest();
}
if(request != null && sessionId != null) {
System.out.println("Get session1 from request");
Session session = (Session)request.getAttribute(sessionId.toString());
if (session != null) {
System.out.println("Get session2 from request");
return session;
}
}
Session session = super.retrieveSession(sessionKey);
System.out.println("Get session from Redis");
if(request != null && sessionId != null) {
request.setAttribute(sessionId.toString(), session);
}
return session;
}
}
2. Spring's xml configuration
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="bosRealm"/> <property name="sessionManager" ref="sessionManager" /> <property name="cacheManager" ref="redisCacheManager" /> </bean>
<bean id="sessionManager" class="com.springshirodemo.Realm.CustoMsessionManager">
<property name="sessionDAO" ref="sessionDAO" />
</bean>