使用HTTPSessionBindingListener处理会话绑定与解除绑定
使用HTTPSessionBindingListener处理会话绑定与解除绑定
以统计登录用户为例
在业务场景中存在需要获取登录目前登录用户的需求,或者需要在HttpSession绑定属性时进行特定的业务处理,可以使用HTTPSessionBindingListener进行处理,具体来说需要:
- 实现HTTPSessionBindingListener接口
将会话绑定与解除绑定的业务处理逻辑分别通过valueBound与valueUnbound实现。
底层处理逻辑的实现细节:
HttpSession session = request.getSession();
session.setAttribute("user", user);
session.removeAttribute("user");在这两个方法中会判断对象是否为HTTPSessionBindingListener的实现,若是,则将该对象放入到一个HttpSessionBindingEvent事件中,并调用该对象的valueBound与valueUnbound方法。
具体代码:
@Component
public class LoggedUser implements HttpSessionBindingListener {
private String username;
//登录用户容器
private ActiveUserStore activeUserStore;
public LoggedUser(String username, ActiveUserStore activeUserStore) {
this.username = username;
this.activeUserStore = activeUserStore;
}
public LoggedUser() {}
@Override
public void valueBound(HttpSessionBindingEvent event) {
List<String> users = activeUserStore.getUsers();
LoggedUser user = (LoggedUser) event.getValue();
if (!users.contains(user.getUsername())) {
users.add(user.getUsername());
}
}
@Override
public void valueUnbound(HttpSessionBindingEvent event) {
List<String> users = activeUserStore.getUsers();
LoggedUser user = (LoggedUser) event.getValue();
if (users.contains(user.getUsername())) {
users.remove(user.getUsername());
}
}
// standard getter and setter
}
-
触发监听事件
只需要调用session.setAttribute("user", user);session.removeAttribute("user");即可。
//AuthenticationSuccessHandler为认证成功处理器,在Spring Security中认证成功将会调用该处理器的onAuthenticationSuccess方法,比较经典的实现为SimpleUrlAuthenticationSuccessHandler,用于成功认证后的重定向
@Component("myAuthenticationSuccessHandler")
public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
@Autowired
ActiveUserStore activeUserStore;
@Override
public void onAuthenticationSuccess(HttpServletRequest request,
HttpServletResponse response, Authentication authentication)
throws IOException {
HttpSession session = request.getSession(false);
if (session != null) {
LoggedUser user = new LoggedUser(authentication.getName(), activeUserStore);
session.setAttribute("user", user);
}
}
}
以及登出时:
@Component("myLogoutSuccessHandler")
public class MyLogoutSuccessHandler implements LogoutSuccessHandler{
@Override
public void onLogoutSuccess(HttpServletRequest request,
HttpServletResponse response, Authentication authentication)
throws IOException, ServletException {
HttpSession session = request.getSession();
if (session != null){
session.removeAttribute("user");
}
}
}
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 【自荐】一款简洁、开源的在线白板工具 Drawnix
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
· Docker 太简单,K8s 太复杂?w7panel 让容器管理更轻松!