x-hansong / Redishttpsession
Programming Languages
RedisHttpSession
RedisHttpSession provides an way to transparently store http session in redis, which allows multi-clients to share the sessions.
Features
- RESTful APIs - RedisHttpSession allows providing session ids in headers to work with RESTful APIs.
- Transparently - RedisHttpSession allows using HttpSession APIs directly, while the magic work with redis is totally transparent.
Quick Start
maven
<dependency>
<groupId>com.github.x-hansong</groupId>
<artifactId>redis-http-session</artifactId>
<version>1.0</version>
</dependency>
gradle
dependencies {
compile "com.github.x-hansong:redis-http-session:1.0"
}
Usage
Configures redis in redis.json, and put it to the src folder or resources folder.(see example)
{
"connectionConfig": {
"maxTotal": "10",
"maxIdle": "10",
"maxWait": "10000",
"timeout": "10000"
},
"redisServers":[
{
"ip":"127.0.0.1",
"port":"3679",
"password":"if no password, remove this property"
}
]
}
Use RedisHttpSessionFilter or a subclass of it as a Filter.
For example:
-
With
web.xml<filter> <filter-name>redisHttpSessionFilter</filter-name> <filter-class>com.hansong.session.RedisHttpSessionFilter</filter-class> </filter> <filter-mapping> <filter-name>redisHttpSessionFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> -
With Spring-boot
@Component public class MySessionFilter extends RedisHttpSessionFilter{} -
With Other
make sure the
RedisHttpSessionFilteror a subclass of it to be a Filter for each request.
After that, for each request/response, their header will have a field -- x-auth-token, which is the session id.
And we can use the HttpSession as we always do, but the session is now in redis. If you check the redis, you will see something following.
localhost:63679> keys *
1) "session:fd9ec3cf-fb9b-4672-ade6-67a810e7db9f"
2) "session:cbaa057c-85a4-475d-b399-38c320e85dcc"
3) "session:13e030f5-de3d-458f-8d25-fd5643c40ff0"
4) "session:262596b3-3d13-4df1-8328-714153c1ae83"
5) "session:0b7d04c6-eaac-4eed-a9aa-8366f25f04f0"
localhost:63679> hgetall session:fd9ec3cf-fb9b-4672-ade6-67a810e7db9f
1) "lastAccessedTime"
2) "\xac\xed\x00\x05sr\x00\x0ejava.lang.Long;\x8b\xe4\x90\xcc\x8f#\xdf\x02\x00\x01J\x00\x05valuexr\x00\x10java.lang.Number\x86\xac\x95\x1d\x0b\x94\xe0\x8b\x02\x00\x00xp\x00\x00\x01T\x91\x03\"\xec"
3) "maxInactiveInterval"
4) "\xac\xed\x00\x05sr\x00\x11java.lang.Integer\x12\xe2\xa0\xa4\xf7\x81\x878\x02\x00\x01I\x00\x05valuexr\x00\x10java.lang.Number\x86\xac\x95\x1d\x0b\x94\xe0\x8b\x02\x00\x00xp\x00\x00\a\b"
5) "creationTime"
6) "\xac\xed\x00\x05sr\x00\x0ejava.lang.Long;\x8b\xe4\x90\xcc\x8f#\xdf\x02\x00\x01J\x00\x05valuexr\x00\x10java.lang.Number\x86\xac\x95\x1d\x0b\x94\xe0\x8b\x02\x00\x00xp\x00\x00\x01T\x91\x03\"\xb4"
As you see, RedisHttpSession store the Serialized Object to the redis. For each request(except the first request), it needs have a x-auth-token in headers, which can be got from the response, so the server can use the session associated with the request.