一、背景
當我們使用了nginx做專案叢集以後,就會出現一個很嚴重的問題亟待解決,那就是:tomcat叢集之間如何實現session共享的問題,如果這個問題不解決,就會出現登陸過後再次請求資源依舊需要登陸的問題。這篇文章我們就解決這個問題。
二、實現步驟
說明:本篇是在spring+shiro整合的基礎上進行改進的,如果不知道spring和shiro怎麼整合,請移步:spring整合shiro做登陸認證
1.在pom.xml中新增shiro-redis和jedis的依賴
<dependency> <groupId>org.crazycake</groupId> <artifactId>shiro-redis</artifactId> <version>2.4.2.1-RELEASE</version> </dependency> <dependency> <groupId>redis.clients</groupId> <artifactId>jedis</artifactId> <version>2.7.2</version> </dependency>
2.首先我們需要對redis進行整合,在resources下新建config.properties
#redis pool config
redis.pool.maxActive=200
redis.pool.maxIdle=100
redis.pool.maxWait=100
redis.pool.testOnBorrow=true
#redis config
redis.host=192.168.85.129
redis.port=6379
redis.timeout=2000
redis.password=123456
redis.dbindex=8
redis.default.expire=1800000
3.在resources/spring資料夾下新建spring-redis.xml來整合redis操作客戶端
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"> <description>Redis configuration</description> <bean id="redisPoolConfig" class="redis.clients.jedis.JedisPoolConfig"> <property name="maxTotal" value="${redis.pool.maxActive}"/> <property name="maxIdle" value="${redis.pool.maxIdle}"/> <property name="maxWaitMillis" value="${redis.pool.maxWait}"/> <property name="testOnBorrow" value="${redis.pool.testOnBorrow}"/> </bean> <bean id="jedisPool" class="redis.clients.jedis.JedisPool" destroy-method="destroy"> <constructor-arg ref="redisPoolConfig"/> <constructor-arg value="${redis.host}"/> <constructor-arg type="int" value="${redis.port}"/> <constructor-arg type="int" value="${redis.timeout}"/> <constructor-arg type="java.lang.String" value="${redis.password}"/> <constructor-arg type="int" value="${redis.dbindex}"/> </bean> <bean id="redisClient" class="com.hafiz.www.redis.RedisClient"> <constructor-arg name="jedisPool" ref="jedisPool"/> <property name="expire" value="${redis.default.expire}"/> </bean> </beans>
4.新增redisClient.java作為訪問redis的客戶端
package com.hafiz.www.redis; import org.crazycake.shiro.RedisManager; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import redis.clients.jedis.Jedis; import redis.clients.jedis.JedisPool; import java.util.Set; /** * Desc: Jedis 操作客戶端 * Created by hafiz.zhang on 2017/7/21. */ public class RedisClient extends RedisManager{ private static final Logger LOGGER = LoggerFactory.getLogger(RedisClient.class); private static JedisPool jedisPool = null; public RedisClient(JedisPool jedisPool) { this.jedisPool = jedisPool; } public void init() { super.init(); } @Override public byte[] get(byte[] key) { Jedis jedis = jedisPool.getResource(); byte[] value; try { value = jedis.get(key); } catch (Exception e) { LOGGER.error("redis key:{} get value occur exception", new String(key)); throw new RuntimeException("redis operation error:", e); } finally { jedis.close(); } return value; } @Override public byte[] set(byte[] key, byte[] value) { Jedis jedis = jedisPool.getResource(); try { jedis.set(key, value); Integer expire = getExpire(); if(expire != 0) { jedis.expire(key, expire); } } catch (Exception e) { LOGGER.error("redis key:{} set value:{} occur exception", new String(key), new String(value)); throw new RuntimeException("redis operation error:", e); } finally { jedis.close(); } return value; } @Override public byte[] set(byte[] key, byte[] value, int expire) { Jedis jedis = jedisPool.getResource(); try { jedis.set(key, value); if(expire != 0) { jedis.expire(key, expire); } } catch (Exception e) { LOGGER.error("redis key:{} set value:{} in expire:{} occur exception", new String(key), new String(value), expire); throw new RuntimeException("redis operation error:", e); } finally { jedis.close(); } return value; } @Override public void del(byte[] key) { Jedis jedis = jedisPool.getResource(); try { jedis.del(key); } catch (Exception e) { LOGGER.error("redis key:{} del value occur exception", new String(key)); throw new RuntimeException("redis operation error:", e); } finally { jedis.close(); } } @Override public void flushDB() { Jedis jedis = jedisPool.getResource(); try { jedis.flushDB(); } catch (Exception e) { LOGGER.error("redis flushDB occur exception"); throw new RuntimeException("redis operation error:", e); } finally { jedis.close(); } } @Override public Long dbSize() { Long dbSize = Long.valueOf(0L); Jedis jedis = jedisPool.getResource(); try { dbSize = jedis.dbSize(); } catch (Exception e) { LOGGER.error("redis get dbSize occur exception"); throw new RuntimeException("redis operation error:", e); } finally { jedis.close(); } return dbSize; } @Override public Set<byte[]> keys(String pattern) { Set keys = null; Jedis jedis = jedisPool.getResource(); try { keys = jedis.keys(pattern.getBytes()); } catch (Exception e) { LOGGER.error("redis get keys in pattern:{} occur exception", pattern); throw new RuntimeException("redis operation error:", e); } finally { jedis.close(); } return keys; } }
5.接著,我們對spring-shiro.xml做如下修改(紅色標記的部分)
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"> <description>Shiro Configuration</description> <!--shiro-redis redisCacheManager--> <bean id="redisCacheManager" class="org.crazycake.shiro.RedisCacheManager"> <property name="keyPrefix" value="shiro_redis_session:"/> <property name="redisManager" ref="redisClient"/> </bean> <!--custom myself realm--> <bean id="customRealm" class="com.hafiz.www.shiro.CustomRealm"> <property name="cacheManager" ref="redisCacheManager"/> </bean> <!--redisSessionDAO--> <bean id="redisSessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"></bean> <!--simpleCookie,不定義在叢集環境下會出現There is no session with id ....--> <bean id="simpleCookie" class="org.apache.shiro.web.servlet.SimpleCookie"> <constructor-arg name="name" value="custom.session"/> <property name="path" value="/"/> </bean> <!--sessionManager--> <bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager"> <property name="sessionDAO" ref="redisSessionDAO"/> <property name="sessionIdCookie" ref="simpleCookie"/> </bean> <!--Shiro`s main business-tier object for web-enable applications--> <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="customRealm"/> <property name="cacheManager" ref="redisCacheManager"/> <property name="sessionManager" ref="sessionManager"/> </bean> <!--shiro filter--> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="securityManager"/> <property name="loginUrl" value="/login.html"/> <property name="successUrl" value="/index.html"/> <property name="unauthorizedUrl" value="/unauthorized.html"/> <property name="filters"> <util:map> <entry key="auth"> <bean class="com.hafiz.www.filter.AuthorizeFilter"/> </entry> </util:map> </property> <property name="filterChainDefinitions"> <value> /login.json = anon /logout.json = anon /js/** = anon / = authc /** = auth </value> </property> </bean> </beans>
6.spring.xml做如下修改
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd"> <context:property-placeholder location="classpath:config.properties,classpath:jdbc.properties"/> <import resource="spring-*.xml"/> </beans>
到此我們就完了shiro+redis實現session共享的問題,其實也很簡單,其中的實現邏輯也很簡單,就是shiro的攔截器會首先去redis裡面獲取session,作為當本次請求的session.
其他程式碼以及簡單測試程式碼不再貼出,給出github地址:https://github.com/hafizzhang/shiro-session-cluster.git
三、總結
通過本文,我們就完成了spring+shiro+redis實現叢集session共享的問題,經過親測可行。但有一點遺憾的地方,就是每次請求至少會有8次redis的讀操作,一次寫操作,這個問題還沒有找到很好的解決辦法,本地使用ehcahe也不太現實,因為涉及到本地快取和redis快取同步的問題,如果你有好的辦法,歡迎討論交流學習!