**
* 远程Session
* 存放在Memcached缓存服务器里的Session
* @author lx
*
*/
public class CacheSessionProvider implements SessionProvider {
@Autowired
private MemCachedClient memCachedClient;
private final String SESSIONID="sessionId";
private final Integer expiry=30*60;
/**
* 将session的值通过sessionId值存入memcached中
*/
public void setAttribute(HttpServletRequest request, String name, Serializable value,HttpServletResponse response) {
Map<String, Serializable> session=new HashMap<String, Serializable>();
session.put(name, value);
String sessionId=getSessionId(request, response);
memCachedClient.set(sessionId, session, expiry);
}
/**
* 通过用户本地的sessionId值到服务器获取session
* 从缓存服务器memcached中获取sessionId值对应的session
*/
public Serializable getAttribute(HttpServletRequest request, String name,HttpServletResponse response) {
String sessionId=getSessionId(request, response);
Map<String, Serializable> session = (Map<String, Serializable>)memCachedClient.get(sessionId);
if(session!=null){
return session.get(name);
}
return null;
}
/**
*
* 删除缓存服务器memcached中中key=sessionId,这样用户即使
* 通过本地的sessionID也获取不到用户的数据
*/
public void logout(HttpServletRequest request,HttpServletResponse response) {
String sessionId=getSessionId(request, response);
if(memCachedClient.keyExists(sessionId)){
memCachedClient.delete(sessionId);
}
}
/**
* 获取sessionId,如果用户没有sessionId,则为用户创建一个sessionId
*/
public String getSessionId(HttpServletRequest request,HttpServletResponse response) {
Cookie[] cookies = request.getCookies();
if(cookies!=null && cookies.length>0){
for (Cookie cookie : cookies) {
if(SESSIONID.equals(cookie.getName())){
return cookie.getValue();
}
}
}
String sessionId=UUID.randomUUID().toString().replaceAll("-", "");
Cookie cookie=new Cookie(SESSIONID, sessionId);
cookie.setMaxAge(-1);
cookie.setPath("/");
response.addCookie(cookie);
return sessionId;
}