我想在spring-boot和zuul中使用Redis Session管理会话。
要启用Redis会话,我们已如下激活。 (所有服务)
@Configuration
@EnableRedisHttpSession(redisFlushMode = RedisFlushMode.IMMEDIATE)
public class SessionConfig extends AbstractHttpSessionApplicationInitializer {
}
保存身份验证对象如下所示。
securityContext.setAuthentication(appInstanceContext.authentication);
session.setAttribute("SPRING_SECURITY_CONTEXT", securityContext);
通常在实际使用该会话的服务中检查过滤器中的SecurityContext,如下所示。
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest)request;
SecurityContext securityContext = SecurityContextHolder.getContext();
Authentication authentication = securityContext.getAuthentication();
HttpSession session = httpServletRequest.getSession();
System.out.println(httpServletRequest.getRequestURI() + " :: " + session.getId() + " // " + authentication);
chain.doFilter(request, response);
}
-> / api / test :: 0feafb3f-7694-459f-aa39-ddb413d46b79 // com.xxxx.AuthenticationToken@5540979
但是,执行SecurityContextHolder.getContext()。 Controller方法中的GetAuthentication()返回Null。