session共享问题、springboot 版本不统一问题

问题:按照正常的程序将session 共享引入工程,但是一直取不到

原因:springboot 的版本不同导致,存session的springboot 用的是springboot1.5.6,而取session的springboot版本是2.1.5。

解决方式1:统一springboot的版本(特别推荐)

解决方式2:改变部分jar的版本(权宜之计-兼容)

compile('org.springframework.session:spring-session-data-redis')
compile('org.springframework.security.oauth:spring-security-oauth2:2.0.14.RELEASE')
        {
            exclude module: 'org.slf4j:slf4j-api'

            exclude module: 'org.springframework.security:spring-security-core'
            exclude module: 'org.springframework.security:spring-security-config'
            exclude module: 'org.springframework.security:spring-security-crypto'
            exclude module: 'org.springframework.security:spring-security-web'
        }
compile('org.springframework.security:spring-security-core:4.2.19.RELEASE')
compile('org.springframework.security:spring-security-config:4.2.19.RELEASE')
compile('org.springframework.security:spring-security-crypto:4.2.19.RELEASE')
compile('org.springframework.security:spring-security-web:4.2.19.RELEASE')

 共享session的配置类 

@Configuration
@EnableRedisHttpSession
public class HttpSessionConfig {

    @Bean
    public DefaultCookieSerializer defaultCookieSerializer(){
        DefaultCookieSerializer cookieSerializer = new DefaultCookieSerializer();
        cookieSerializer.setUseBase64Encoding(false);
        return cookieSerializer;
    }

}

 请求

   head:

Cookie:SESSION=145485qwedwa778djwahijheqw

 

 

spring.session.store-type = redis
security.headers.cache = false
security.sessions = NEVER
security.user.name = 
security.user.password =

 

package com.XXXXXXX.marketcontrol.manager.config;

import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@Order(SecurityProperties.BASIC_AUTH_ORDER)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .httpBasic()
                .and()
                .authorizeRequests()
                .antMatchers("/", "/app/**", "/pub/**", "/api/**","/opera/**").permitAll()
                .antMatchers("/**").permitAll()
                .anyRequest().authenticated()
                .and()
                .csrf().disable()
                .headers().defaultsDisabled().cacheControl();
    }
}

 

posted @ 2021-06-28 10:14  品书读茶  阅读(384)  评论(0编辑  收藏  举报