Commit 7080e084 by WeiCong

由于在集群环境下页面发起请求,由于ip都会在主备机器间切换,导致sessionid变化。因此现在屏蔽调资源访问拦截策略中基于sessionid一致性的拦截

parent 4b039167
......@@ -169,9 +169,9 @@ public class ResourceAccessFilter implements Filter {
}
private boolean isLegalSecForMsg(String sec, String rawuid, String res, HttpServletRequest request) throws Exception {
if (isNotSameSessionId(rawuid, request)) {
return false;
}
// if (isNotSameSessionId(rawuid, request)) {
// return false;
// }
Object obj = RedisUtil.get(KEY.replace("##", rawuid));
if (obj == null) {
log.warn(KEY.replace("##", rawuid) + "get logininfo is null");
......@@ -197,9 +197,9 @@ public class ResourceAccessFilter implements Filter {
res = res.substring(res.lastIndexOf("/") + 1);
}
String rawuid = new StringBuilder(uid).reverse().toString();
if (isNotSameSessionId(rawuid, request)) {
return false;
}
// if (isNotSameSessionId(rawuid, request)) {
// return false;
// }
Object obj = RedisUtil.get(KEY.replace("##", rawuid));
if (obj == null) {
log.warn(KEY.replace("##", rawuid) + "get logininfo is null");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment