I have a project want to support android,ios,pc web. I try to use https://github.com/spring-projects/spring-session, can it be just config in an application to support HttpSession and rest token?
if it can,how i can config it?
Asked
Active
Viewed 2,558 times
2 Answers
2
One thing that worked for me was to reimplement the ***HttpSessionStrategy using code from both Cookie and Header implementations.
You can see the concrete implementation of these classes here:
- https://github.com/spring-projects/spring-session/blob/master/spring-session/src/main/java/org/springframework/session/web/http/HeaderHttpSessionStrategy.java
- https://raw.githubusercontent.com/spring-projects/spring-session/master/spring-session/src/main/java/org/springframework/session/web/http/CookieHttpSessionStrategy.java
So the getRequestedSessionId becomes:
public String getRequestedSessionId(HttpServletRequest request) {
// header part
String sessionId = request.getHeader(headerName);
if(sessionId != null && !sessionId.isEmpty())
return sessionId;
// cookie part
Map<String,String> sessionIds = getSessionIds(request);
String sessionAlias = getCurrentSessionAlias(request);
return sessionIds.get(sessionAlias);
}
onInvalidateSession becomes:
public void onInvalidateSession(HttpServletRequest request, HttpServletResponse response) {
// header part
response.setHeader(headerName, "");
// cookie part
Map<String,String> sessionIds = getSessionIds(request);
String requestedAlias = getCurrentSessionAlias(request);
sessionIds.remove(requestedAlias);
Cookie sessionCookie = createSessionCookie(request, sessionIds);
response.addCookie(sessionCookie);
}
onNewSession becomes:
public void onNewSession(Session session, HttpServletRequest request, HttpServletResponse response) {
// header part
response.setHeader(headerName, session.getId());
// cookie part
Set<String> sessionIdsWritten = getSessionIdsWritten(request);
if(sessionIdsWritten.contains(session.getId())) {
return;
}
sessionIdsWritten.add(session.getId());
Map<String,String> sessionIds = getSessionIds(request);
String sessionAlias = getCurrentSessionAlias(request);
sessionIds.put(sessionAlias, session.getId());
Cookie sessionCookie = createSessionCookie(request, sessionIds);
response.addCookie(sessionCookie);
}
I used this in production for a browser/mobile REST API and it suits all my needs.
arghtype
- 4,376
- 11
- 45
- 60
Misael Neto
- 163
- 2
- 8
-
Given github link is broken. Is there any other link to refer? – Sulthan Mar 11 '20 at 13:30
0
you can utilize spring's BeanFactoryPostProcessor ,to overwrite the postProcessAfterInitialization() to config the SessionRepositoryFilter's httpSessionStrategy by call it's setHttpSessionStrategy() method after it's initialization in spring.
