对是否开启spring session增加一个开关

198dd7f7 · naan1993 · e64ec4b3 · 198dd7f7 · 198dd7f7 · 198dd7f7
Commit 198dd7f7 authored Jul 16, 2017 by naan1993
7 changed files
--- a/pom.xml
+++ b/pom.xml
@@ -116,6 +116,7 @@
        <dependency>
            <groupId>org.springframework.session</groupId>
            <artifactId>spring-session</artifactId>
+            <scope>provided</scope><!-- 需要分布式session的话需要改为compile -->
        </dependency>
        <dependency>
            <groupId>com.baomidou</groupId>

--- a/src/main/java/com/stylefeng/guns/config/SpringSessionConfig.java
+++ b/src/main/java/com/stylefeng/guns/config/SpringSessionConfig.java
 package com.stylefeng.guns.config;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
 /**
@@ -9,6 +10,7 @@ import org.springframework.session.data.redis.config.annotation.web.http.EnableR
 * @date 2017-07-13 21:05
 */
 @EnableRedisHttpSession(maxInactiveIntervalInSeconds = 1800)  //session过期时间
+@ConditionalOnProperty(prefix = "guns", name = "spring-session-open", havingValue = "true")
 public class SpringSessionConfig {

--- a/src/main/java/com/stylefeng/guns/config/properties/GunsProperties.java
+++ b/src/main/java/com/stylefeng/guns/config/properties/GunsProperties.java
@@ -28,6 +28,12 @@ public class GunsProperties {
    private Boolean haveCreatePath = false;
+    private Boolean springSessionOpen = false;
+    private Integer sessionInvalidateTime = 30 * 60;  //session 失效时间（默认为30分钟 单位：秒）
+    private Integer sessionValidationInterval = 15 * 60;  //session 验证失效时间（默认为15分钟 单位：秒）
    public String getFileUploadPath() {
        //如果没有写文件上传路径,保存到临时目录
        if (isEmpty(fileUploadPath)) {
@@ -67,4 +73,27 @@ public class GunsProperties {
        this.swaggerOpen = swaggerOpen;
    }
+    public Boolean getSpringSessionOpen() {
+        return springSessionOpen;
+    }
+    public void setSpringSessionOpen(Boolean springSessionOpen) {
+        this.springSessionOpen = springSessionOpen;
+    }
+    public Integer getSessionInvalidateTime() {
+        return sessionInvalidateTime;
+    }
+    public void setSessionInvalidateTime(Integer sessionInvalidateTime) {
+        this.sessionInvalidateTime = sessionInvalidateTime;
+    }
+    public Integer getSessionValidationInterval() {
+        return sessionValidationInterval;
+    }
+    public void setSessionValidationInterval(Integer sessionValidationInterval) {
+        this.sessionValidationInterval = sessionValidationInterval;
+    }
 }
--- a/src/main/java/com/stylefeng/guns/config/web/ShiroConfig.java
+++ b/src/main/java/com/stylefeng/guns/config/web/ShiroConfig.java
 package com.stylefeng.guns.config.web;
+import com.stylefeng.guns.config.properties.GunsProperties;
 import com.stylefeng.guns.core.shiro.ShiroDbRealm;
 import org.apache.shiro.cache.CacheManager;
 import org.apache.shiro.cache.ehcache.EhCacheManager;
 import org.apache.shiro.codec.Base64;
+import org.apache.shiro.session.mgt.SessionManager;
 import org.apache.shiro.spring.LifecycleBeanPostProcessor;
 import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
 import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
 import org.apache.shiro.web.mgt.CookieRememberMeManager;
 import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
+import org.apache.shiro.web.servlet.Cookie;
+import org.apache.shiro.web.servlet.ShiroHttpSession;
 import org.apache.shiro.web.servlet.SimpleCookie;
+import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
 import org.apache.shiro.web.session.mgt.ServletContainerSessionManager;
 import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
 import org.springframework.beans.factory.config.MethodInvokingFactoryBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.cache.ehcache.EhCacheManagerFactoryBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -34,24 +40,45 @@ public class ShiroConfig {
     * 安全管理器
     */
    @Bean
-    public DefaultWebSecurityManager securityManager(CookieRememberMeManager rememberMeManager, CacheManager cacheShiroManager, ServletContainerSessionManager servletContainerSessionManager) {
+    public DefaultWebSecurityManager securityManager(CookieRememberMeManager rememberMeManager, CacheManager cacheShiroManager, SessionManager sessionManager) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(this.shiroDbRealm());
        securityManager.setCacheManager(cacheShiroManager);
        securityManager.setRememberMeManager(rememberMeManager);
-        securityManager.setSessionManager(servletContainerSessionManager);
+        securityManager.setSessionManager(sessionManager);
        return securityManager;
    }
    /**
-     * spring session管理器
+     * spring session管理器（多机环境）
     */
    @Bean
+    @ConditionalOnProperty(prefix = "guns", name = "spring-session-open", havingValue = "true")
    public ServletContainerSessionManager servletContainerSessionManager() {
        return new ServletContainerSessionManager();
    }
    /**
+     * session管理器(单机环境)
+     */
+    @Bean
+    @ConditionalOnProperty(prefix = "guns", name = "spring-session-open", havingValue = "false")
+    public DefaultWebSessionManager defaultWebSessionManager(CacheManager cacheShiroManager, GunsProperties gunsProperties) {
+        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
+        sessionManager.setCacheManager(cacheShiroManager);
+        sessionManager.setSessionValidationInterval(gunsProperties.getSessionValidationInterval() * 1000);
+        sessionManager.setGlobalSessionTimeout(gunsProperties.getSessionInvalidateTime() * 1000);
+        sessionManager.setDeleteInvalidSessions(true);
+        sessionManager.setSessionValidationSchedulerEnabled(true);
+        Cookie cookie = new SimpleCookie(ShiroHttpSession.DEFAULT_SESSION_ID_NAME);
+        cookie.setName("shiroCookie");
+        cookie.setHttpOnly(true);
+        sessionManager.setSessionIdCookie(cookie);
+        return sessionManager;
+    }
+    /**
     * 缓存管理器 使用Ehcache实现
     */
    @Bean

--- a/src/main/java/com/stylefeng/guns/core/intercept/SessionTimeoutInterceptor.java
+++ b/src/main/java/com/stylefeng/guns/core/intercept/SessionTimeoutInterceptor.java
@@ -8,7 +8,6 @@ import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
 import org.aspectj.lang.annotation.Pointcut;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.stereotype.Component;
 /**
@@ -19,7 +18,6 @@ import org.springframework.stereotype.Component;
 */
 @Aspect
 @Component
-@ConditionalOnProperty(prefix = "guns", name = "session-open", havingValue = "true")
 public class SessionTimeoutInterceptor extends BaseController {
    @Pointcut("execution(* com.stylefeng.guns.*..controller.*.*(..))")

--- a/src/main/java/com/stylefeng/guns/modular/system/controller/LoginController.java
+++ b/src/main/java/com/stylefeng/guns/modular/system/controller/LoginController.java
@@ -2,8 +2,6 @@ package com.stylefeng.guns.modular.system.controller;
 import com.google.code.kaptcha.Constants;
 import com.stylefeng.guns.common.controller.BaseController;
-import com.stylefeng.guns.common.exception.BizExceptionEnum;
-import com.stylefeng.guns.common.exception.BussinessException;
 import com.stylefeng.guns.common.exception.InvalidKaptchaException;
 import com.stylefeng.guns.common.node.MenuNode;
 import com.stylefeng.guns.common.persistence.dao.UserMapper;

--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -9,6 +9,9 @@ guns:
  session-open: false #是否开启session验证 (true/false)
  #file-upload-path: d:/tmp  #文件上传目录(不配置的话为java.io.tmpdir目录)
  muti-datasource-open: false #是否开启多数据源(true/false)
+  spring-session-open: false #是否开启spring session,如果是多机环境需要开启(true/false)
+  session-invalidate-time: 1800 #session失效时间(只在单机环境下生效，多机环境在SpringSessionConfig类中配置) 单位：秒
+  session-validation-interval: 900 #多久检测一次失效的session(只在单机环境下生效) 单位：秒
 ###################  项目启动端口  ###################
 server: