Nutz
  1. 主页/
  2. 问答
NutzCN Logo
问答 Shiro+redis做session共享无效
发布于 1597天前 作者 liumaobudao 1393 次浏览 复制 上一个帖子 下一个帖子
标签: nutzwk

使用地址A登录,然后刷新地址B为未登录,然后地址A也变成未登录
版本nutzwk4.0
shiro.ini 如下

[main]
# cacheManager
;-------------Redis作为shiro二级缓存时注释掉这里---------
;cacheManager = org.apache.shiro.cache.ehcache.EhCacheManager
;cacheManager.cacheManagerConfigFile = classpath:ehcache.xml
;-------------Redis作为shiro二级缓存时注释掉这里---------

;-------------Redis作为shiro二级缓存时启用这里---------
jedisAgent = org.nutz.integration.jedis.JedisAgent
cacheManager_ehcache = org.apache.shiro.cache.ehcache.EhCacheManager
cacheManager_ehcache.cacheManagerConfigFile=classpath:ehcache.xml
cacheManager_redis = org.nutz.plugins.cache.impl.redis.RedisCacheManager
cacheManager_redis.mode=kv
cacheManager_redis.debug=true
cacheManager = org.nutz.plugins.cache.impl.lcache.LCacheManager
cacheManager.jedisAgent = $jedisAgent
cacheManager.level2 = $cacheManager_ehcache
cacheManager.level1 = $cacheManager_redis
;-------------Redis作为shiro二级缓存时启用这里---------



# Session
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
sessionManager.sessionValidationSchedulerEnabled = false

# Session Cache
sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
sessionDAO.cacheManager = $cacheManager
sessionDAO.activeSessionsCacheName = shiro-activeSessionCache
sessionManager.sessionDAO = $sessionDAO
securityManager.sessionManager = $sessionManager

# Cookie
sessionIdCookie = org.apache.shiro.web.servlet.SimpleCookie
sessionIdCookie.name = sid
#sessionIdCookie.domain=wizzer.cn
#sessionIdCookie.path=
sessionIdCookie.maxAge = 946080000
sessionIdCookie.httpOnly = true
sessionManager.sessionIdCookie = $sessionIdCookie
sessionManager.sessionIdCookieEnabled = true
sessionManager.globalSessionTimeout = 1800000

#bak...
#sessionManager=org.apache.shiro.web.session.mgt.DefaultWebSessionManager
#sessionListener1 = cn.wizzer.common.shiro.listener.MySessionListener
#sessionManager.sessionListeners = $sessionListener1
#sessionManager.globalSessionTimeout=50000
#securityManager.sessionManager=$sessionManager

rememberMeCookie = org.apache.shiro.web.servlet.SimpleCookie
rememberMeCookie.name = remember
rememberMeCookie.maxAge = 604800
rememberMeCookie.httpOnly = true
rememberMeManager = cn.wizzer.framework.shiro.remember.LightCookieRememberMeManager
rememberMeManager.cookie = $rememberMeCookie

sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
sha256Matcher.storedCredentialsHexEncoded = false
sha256Matcher.hashIterations = 1024
sha256Matcher.hashSalted = true

shiroDbRealm = cn.wizzer.app.web.commons.shiro.realm.PlatformAuthorizingRealm
shiroDbRealm.credentialsMatcher = $sha256Matcher

securityManager.realms = $shiroDbRealm
authcStrategy = cn.wizzer.framework.shiro.pam.AnySuccessfulStrategy
securityManager.authenticator.authenticationStrategy = $authcStrategy
;securityManager.cacheManager = $cacheManager
;securityManager.sessionManager.cacheManager = $cacheManager
securityManager.rememberMeManager = $rememberMeManager

authc = cn.wizzer.app.web.commons.shiro.filter.PlatformAuthenticationFilter
authc.captchaParam=platformCaptcha
authc.loginUrl = /platform/login
logout.redirectUrl = /platform/login

[urls]
/platform/doLogin = anon
/assets/** = anon
/** = anon
/platform/** = authc
4 回复

前端页面是同一个域名,同一个端口, 才会ok. 例如一个nginx后面接2服务器.

session id是记录在cookie的. 不同域名, 浏览器就不会把cookie共享过去, 还怎么找到原本的session

或许, 你要的是SSO单点登录?

好的 明白了,谢谢

@wendal 大神好,现在有一个情况是 部分用户 访问的地址A,登录进去,一操作页面就会被跳出返回到登录页面。
这个是nginx的配置文件。你看是否是配置的问题?还是其他?

http {
	include mime.types;
	default_type application/octet-stream; 
	#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
	#		'$status $body_bytes_sent "$http_referer" '
	#	'"$http_user_agent" "$http_x_forwarded_for"'; 
	#access_log logs/access.log main; 
	sendfile on;
	#tcp_nopush on; 
	#keepalive_timeout 0;
	keepalive_timeout 65; 
	gzip on; 
#	proxy_intercept_errors on;
#	proxy_request_buffering off;
#	proxy_buffering off;
#	fastcgi_intercept_errors on;
	
	#upstream的负载均衡,weight是权重,可以根据机器配置定义权重。weigth参数表 示权值,权值越高被分配到的几率越大,此处为配置权值,默认为轮巡方式。
	upstream bdcjedu {
        	ip_hash;
            server 100.24.24.10:8082 weight=1;
            server 100.24.24.11:8082 weight=1;
	}

	server {
		listen 8080; #nginx监听端口 
		server_name 100.24.24.10;
	
		location / {
			proxy_redirect off;
			proxy_connect_timeout 10;
			proxy_send_timeout 300;
			proxy_read_timeout 300;
			client_max_body_size 1024m;
		        proxy_ignore_client_abort on;
		        #proxy_busy_buffers_size 128k;
                        #proxy_set_header Host www.msheas.com ;
                        proxy_set_header Host $host:$server_port;
                        
			#proxy_set_header Host 100.127.55.148:8080;
			#proxy_set_header Host 200.205.185.118:8080;
			#proxy_set_header Host 100.247.107.21:8080;
				
			#proxy_set_header X-Real-IP $remote_addr;
			#iproxy_set_header X-Real-IP 202.205.185.116;
                        proxy_set_header X-Forwarded-Host $host;
                        proxy_set_header X-Forwarded-Server $host;
                        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                        proxy_set_header Upgrade $http_upgrade;
			proxy_set_header Connection "upgrade";
			proxy_pass http://bdcjedu;
		}
	}
	
}

写个入口方法,打印session id

添加回复
请先登陆
回到顶部