com.github.onepiecex:session-share-spring-boot-starter

session share 通常的做法放入redis/memcached/jdbc/hazelcast等我的做法是把session的所有数据通过AES对称加密放入cookie中我使用cookie来存放session的所有数据思想来源于ninjaframework 的 session实现

License	License The Apache Software License, Version 2.0 Eclipse Public License - v 1.0
Categories	Categories Spring Boot Container Microservices
GroupId	GroupId com.github.onepiecex
ArtifactId	ArtifactId session-share-spring-boot-starter
Last Version	Last Version 1.65
Release Date	Release Date Aug 27, 2017
Type	Type jar
Description	Description session share 通常的做法放入redis/memcached/jdbc/hazelcast等我的做法是把session的所有数据通过AES对称加密放入cookie中我使用cookie来存放session的所有数据思想来源于ninjaframework 的 session实现

Download session-share-spring-boot-starter

Filename	Size
session-share-spring-boot-starter-1.65.pom
session-share-spring-boot-starter-1.65.jar	5 KB
session-share-spring-boot-starter-1.65-sources.jar	2 KB
session-share-spring-boot-starter-1.65-javadoc.jar	32 KB
Browse

How to add to project

Apache Maven

<!-- https://jarcasting.com/artifacts/com.github.onepiecex/session-share-spring-boot-starter/ -->
<dependency>
    <groupId>com.github.onepiecex</groupId>
    <artifactId>session-share-spring-boot-starter</artifactId>
    <version>1.65</version>
</dependency>

Gradle Groovy

// https://jarcasting.com/artifacts/com.github.onepiecex/session-share-spring-boot-starter/
implementation 'com.github.onepiecex:session-share-spring-boot-starter:1.65'

Gradle Kotlin

// https://jarcasting.com/artifacts/com.github.onepiecex/session-share-spring-boot-starter/
implementation ("com.github.onepiecex:session-share-spring-boot-starter:1.65")

Apache Buildr

'com.github.onepiecex:session-share-spring-boot-starter:jar:1.65'

Apache Ivy

<dependency org="com.github.onepiecex" name="session-share-spring-boot-starter" rev="1.65">
  <artifact name="session-share-spring-boot-starter" type="jar" />
</dependency>

Groovy Grape

@Grapes(
@Grab(group='com.github.onepiecex', module='session-share-spring-boot-starter', version='1.65')
)

Scala SBT

libraryDependencies += "com.github.onepiecex" % "session-share-spring-boot-starter" % "1.65"

Leiningen

[com.github.onepiecex/session-share-spring-boot-starter "1.65"]

Dependencies

compile (1)

Group / Artifact	Type	Version
com.github.onepiecex : session-share-core	jar	1.65

provided (3)

Group / Artifact	Type	Version
org.springframework.boot : spring-boot-starter	jar	1.5.3.RELEASE
javax.servlet : javax.servlet-api	jar	3.1.0
org.springframework : spring-web	jar	4.3.9.RELEASE

Project Modules

There are no modules declared in this project.

session-share

session 共享通常的做法放入redis/memcached/jdbc/hazelcast等

我的做法是把session的所有数据通过AES对称加密放入cookie中我使用cookie来存放session的所有数据

session里不应该存放大数据, 建议只存放一些简单的ID

思想来源于ninjaframework 的 session实现

基于servlet-3.1

参考 spring-session的设计思路

加入一个filter
利用HttpServletRequestWrapper, 实现自己的 getSession()方法接管创建和管理Session数据的工作
利用HttpServletResponseWrapper 进行session数据的 save操作
client request -> filter -> decrypt cookie to session
response close(send or flush) -> encrypt session data to cookie

使用

spring-boot

<dependency>
    <groupId>com.github.onepiecex</groupId>
    <artifactId>onepiecex-session-share-spring-boot-starter</artifactId>
    <version>1.65</version>
</dependency>

配置(application.yaml)

session :
  # session cookie 的名称前缀
  prefix : prefix_cookie
  #设置为true 之后 js脚本将无法读取到cookie信息
  http_only : false
  #设置为true 之后 cookie 只能在 HTTPS 连接中被浏览器传递到服务器端进行会话验证
  transferred_over_https_only : false
  # 过期时间
  expire_time_in_seconds : 86400
  # domain
  domain : localhost
  # 加密密钥
  secret : eti8KrqgL2VYtizjeti8KrqgL2VYtizj

@GetMapping
public Map<String,String> login(Session session){
    session.setAttribute("uid", RandomUtils.nextInt());
    Integer uid = session.getAttribute("uid",Integer.class);
    return session.getData();
}

Session Interface

public interface Session extends HttpSession {
    String getString(String name);
    
    <T> T getAttribute(String name,Class<T> cls);
    
    <T> T getValue(String name,Class<T> cls);
    
    Map<String,String> getData();
}

解密

String data = CookieEncryption.getInstance(secret).decrypt(data)
Map<String, String> sessionData = new HashMap();
CookieDataCodec.decode(sessionData,data);

其他框架

<dependency>
  <groupId>com.github.onepiecex</groupId>
  <artifactId>onepiecex-session-share-core</artifactId>
  <version>1.65</version>
</dependency>

自行加入Filter

SessionShareRequestWrapper requestWrapper = new SessionShareRequestWrapper(request,springSessionConfig);
SessionShareResponseWrapper responseWrapper = new SessionShareResponseWrapper(response,requestWrapper);
chain.doFilter(requestWrapper,responseWrapper);

License

This work is licensed under the Apache License, Version 2.0. See LICENSE for details.

Versions

Version
1.65 Aug 27, 2017
1.64 Aug 27, 2017
1.63 Jul 26, 2017

com.github.onepiecex:session-share-spring-boot-starter

License

Categories

GroupId

ArtifactId

Last Version

Release Date

Type

Description

Download session-share-spring-boot-starter

How to add to project

Dependencies

compile (1)

provided (3)

Project Modules

session-share

基于servlet-3.1

参考 spring-session的设计思路

使用

spring-boot

Session Interface

解密

其他框架

License

Versions