shiro+ehcache

ileler 发布于 2015/12/04 08:44
阅读 1K+
收藏 0

使用springmvc整合shiro,使用ehcache做缓存,在服务器上总是报【The shiro-activeSessionCache Cache is not alive (STATUS_SHUTDOWN)】这个错误

ehcache.xml

<?xml version="1.0" encoding="UTF-8"?>
<ehcache name="shirocache">

    <diskStore path="java.io.tmpdir"/>

    <!-- 登录记录缓存 锁定10分钟 -->
    <cache name="passwordRetryCache"
            eternal="false" maxElementsInMemory="1000"
		overflowToDisk="true" diskPersistent="false" timeToIdleSeconds="0"
		timeToLiveSeconds="600" memoryStoreEvictionPolicy="LRU">
    </cache>

    <cache name="authorizationCache"
          eternal="false" maxElementsInMemory="1000"
		overflowToDisk="true" diskPersistent="false" timeToIdleSeconds="0"
		timeToLiveSeconds="600" memoryStoreEvictionPolicy="LRU">
    </cache>

    <cache name="authenticationCache"
          eternal="false" maxElementsInMemory="1000"
		overflowToDisk="true" diskPersistent="false" timeToIdleSeconds="0"
		timeToLiveSeconds="600" memoryStoreEvictionPolicy="LRU">
    </cache>

    <cache name="shiro-activeSessionCache"
          eternal="true" maxElementsInMemory="1000"
		overflowToDisk="true" diskPersistent="false" timeToIdleSeconds="0"
		timeToLiveSeconds="1800" memoryStoreEvictionPolicy="LRU">
    </cache>
    
</ehcache>



applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
	xmlns:tx="http://www.springframework.org/schema/tx" xmlns:osgi="http://www.springframework.org/schema/osgi"
	xmlns:ehcache="http://ehcache-spring-annotations.googlecode.com/svn/schema/ehcache-spring"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd 
		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
		http://www.springframework.org/schema/osgi http://www.springframework.org/schema/osgi/spring-osgi-1.2.xsd
		http://ehcache-spring-annotations.googlecode.com/svn/schema/ehcache-spring http://ehcache-spring-annotations.googlecode.com/svn/schema/ehcache-spring/ehcache-spring-1.1.xsd">
		
    <context:property-placeholder
		location="file:///${catalina.base}/configuration/pdri/prms/system-config.properties" />
	<!-- <context:property-placeholder location="classpath:/META-INF/properties/system-config.properties" /> -->

    <!-- spring对ehcache的缓存工厂支持 -->
	<bean id="ehCacheManagerFactory" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
	    <property name="configLocation" value="file:///${catalina.base}/configuration/pdri/prms/ehcache.xml" />
		<!-- <property name="configLocation" value="classpath:/META-INF/ehcache/ehcache.xml" /> -->
		<property name="shared" value="false" />
	</bean>
    
    <bean id="passwordHelper" class="org.pdri.prms.filter.PasswordHelper">
		<property name="algorithmName" value="${pdri.prms.passwordhelper.algoname}" />
		<property name="hashIterations" value="${pdri.prms.passwordhelper.hashiter}" />
	</bean>
	
    <!-- 缓存管理器 使用EHcache实现 -->
	<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
		<property name="cacheManager" ref="ehCacheManagerFactory" />
	</bean>
	
    <!-- 凭证匹配器 -->
	<bean id="credentialsMatcher" class="org.pdri.prms.filter.RetryLimitHashedCredentialsMatcher">
		<constructor-arg ref="cacheManager" />
		<property name="hashAlgorithmName" value="${pdri.prms.passwordhelper.algoname}" />
		<property name="hashIterations" value="${pdri.prms.passwordhelper.hashiter}" />
		<property name="storedCredentialsHexEncoded" value="true" />
		<property name="retryCount" value="10" />
	</bean>
    
    <!-- Realm实现 -->
	<bean id="userRealm" class="org.pdri.prms.filter.UserRealm">
		<property name="loadUserURL" value="${pdri.pasc.loadUserURL}"/>
		<property name="loadRolesURL" value="${pdri.pasc.loadRolesURL}"/>
		<property name="passwordHelper" ref="passwordHelper" />
		<property name="credentialsMatcher" ref="credentialsMatcher" />
		<property name="cachingEnabled" value="false" />
		<!-- 暂时先关闭用户信息缓存功能 ,避免SP和后台用户认证混合-->
		<property name="authenticationCachingEnabled" value="true" />
		<property name="authenticationCacheName" value="authenticationCache" />
		<property name="authorizationCachingEnabled" value="true" />
		<property name="authorizationCacheName" value="authorizationCache" />
	</bean>
	
	<!-- 会话验证调度器 -->
	<!-- 
	<bean id="sessionValidationScheduler" class="org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler"> 
		<property name="sessionValidationInterval" value="1800000"/> 
		<property name="sessionManager" ref="sessionManager"/> 
	</bean> 
	-->

	<!-- 相当于调用SecurityUtils.setSecurityManager(securityManager) -->
	<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
		<property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager" />
		<property name="arguments" ref="securityManager" />
	</bean>
	
	<!-- 会话ID生成器 -->
	<bean id="sessionIdGenerator"
		class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator" />
	
	<!-- 会话Cookie模板 -->
	<bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
		<constructor-arg value="sid" />
		<property name="httpOnly" value="true" />
		<property name="maxAge" value="180000" />
	</bean>
	
	<!-- 会话DAO -->
	<bean id="sessionDAO"
		class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
		<property name="activeSessionsCacheName" value="shiro-activeSessionCache" />
		<property name="sessionIdGenerator" ref="sessionIdGenerator" />
	</bean>
	
	<!-- 会话管理器 -->
	<bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
		<property name="globalSessionTimeout" value="1800000" />
		<property name="deleteInvalidSessions" value="true" />
		<!-- 
		<property name="sessionValidationSchedulerEnabled" value="true"/> 
		<property name="sessionValidationScheduler" ref="sessionValidationScheduler"/> 
		-->
		<property name="sessionDAO" ref="sessionDAO" />
		<property name="sessionIdCookieEnabled" value="true" />
		<property name="sessionIdCookie" ref="sessionIdCookie" />
	</bean>
	
	<bean id="rememberMeCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
		<constructor-arg value="rememberMe" />
		<property name="httpOnly" value="true" />
		<property name="maxAge" value="2592000" /><!-- 30天 -->
	</bean>
	
	<!-- rememberMe管理器 -->
	<bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager">
		<!-- rememberMe cookie加密的密钥 建议每个项目都不一样 默认AES算法 密钥长度(128 256 512 位) -->
		<property name="cipherKey" value="#{T(org.apache.shiro.codec.Base64).decode('4AvVhmFLUs0KTA3Kprsdag==')}" />
		<property name="cookie" ref="rememberMeCookie" />
	</bean>
    
    <!-- 安全管理器 -->
	<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
		<property name="realm" ref="userRealm" />
		<property name="sessionManager" ref="sessionManager" />
		<property name="cacheManager" ref="cacheManager" />
		<property name="rememberMeManager" ref="rememberMeManager" />
	</bean>
    
    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
		<property name="securityManager" ref="securityManager" />
		<!-- <property name="successUrl" value="/pdri/prms/openapiindex/v101/" />
		<property name="loginUrl" value="/openapiindex/v101/login/unlogin" />
		<property name="unauthorizedUrl" value="/openapiindex/v101/login/unauthd" /> -->
		<property name="filters">
			<map>
				<entry key="anyRoles" value-ref="hasAnyRoles"/>
				<entry key="sysUser" value-ref="sysUserFilter"/>
			</map>
		</property>
		<!-- 注入URL-拦截器链 -->
		<property name="filterChainDefinitionMap" ref="securityMetaDataSource"/>
	</bean>
	
    <bean id="hasAnyRoles" class="org.pdri.prms.filter.HasAnyRolesAuthorizationFilter"/>
	
    <bean id="sysUserFilter" class="org.pdri.prms.filter.SysUserFilter"/>
	
	<bean id="filterChainDefinitionsService" class="org.pdri.prms.filter.impl.FilterChainDefinitionsService">
		<property name="initURL" value="${pdri.pasc.initURL}"/>
		<property name="definitions">
			<value>
				/**/resources/**=anon
				/openapiindex/v101/head/**=anon
				/openapiindex/v101/foot/**=anon
				/openapiindex/v101/login/**=anon
			</value>
		</property>
	</bean>
	
    <bean id="securityMetaDataSource" class="org.pdri.prms.filter.ChainDefinitionSectionMetaSource">
		<property name="initURL" value="${pdri.pasc.initURL}"/>
		<property name="filterChainDefinitions">
			<value>
				/**/resources/**=anon
				/openapiindex/v101/head/**=anon
				/openapiindex/v101/foot/**=anon
				/openapiindex/v101/login/**=anon
			</value>
		</property>
	</bean>
	
    <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />

	<bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor">
		<property name="proxyTargetClass" value="true" />
	</bean>
	
    <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
		<property name="securityManager" ref="securityManager" />
	</bean>
	 
</beans>




最开始的现象是,刚登陆进去。下一个请求就提示未登录,报下面这个错。

org.apache.shiro.session.ExpiredSessionException: Session with id [d488fd2b-4e5c-46fd-8af3-2f5953bdd468] has expired. Last access time: 12/3/15 4:40 PM.  Current time: 12/3/15 5:12 PM.  Session timeout is set to 1800 seconds (30 minutes)



找了一天找不到原因了。。。求解救!



加载中
0
alexgaoyh
alexgaoyh
这个不是session过期导致的?
ileler
ileler
我刚登进去,就session过期,这是为什么呢?
0
ileler
ileler
sessionManager 设置了 sessionDAO 还用设置 globalSessionTimeout 吗????
0
佳佳hao
佳佳hao

楼主结局了吗

OSCHINA
登录后可查看更多优质内容
返回顶部
顶部