HttpSession base on Redis, support RESTful API.
Switch branches/tags
Nothing to show
Clone or download
Latest commit a2875f1 Aug 14, 2016
Failed to load latest commit information.
Core reformat code Aug 14, 2016
Example update README May 10, 2016
Spring-Example update README May 10, 2016
.gitignore update Apr 29, 2016
LICENSE Initial commit Apr 29, 2016 update README May 10, 2016
build.gradle update Apr 29, 2016
redis.json update README May 10, 2016
settings.gradle 暂时删除集群功能。增加两个例子。 May 8, 2016


RedisHttpSession provides an way to transparently store http session in redis, which allows multi-clients to share the sessions.


  • RESTful APIs - RedisHttpSession allows providing session ids in headers to work with RESTful APIs.
  • Transparently - RedisHttpSession allows using HttpSession APIs directly, while the magic work with redis is totally transparent.

Quick Start




dependencies {
    compile "com.github.x-hansong:redis-http-session:1.0"


Configures redis in redis.json, and put it to the src folder or resources folder.(see example)

  "connectionConfig": {
    "maxTotal": "10",
    "maxIdle": "10",
    "maxWait": "10000",
    "timeout": "10000"
      "password":"if no password, remove this property"

Use RedisHttpSessionFilter or a subclass of it as a Filter.

For example:

  • With web.xml

  • With Spring-boot

      public class MySessionFilter extends RedisHttpSessionFilter{}
  • With Other

    make sure the RedisHttpSessionFilter or a subclass of it to be a Filter for each request.

After that, for each request/response, their header will have a field -- x-auth-token, which is the session id.

And we can use the HttpSession as we always do, but the session is now in redis. If you check the redis, you will see something following.

localhost:63679> keys *
1) "session:fd9ec3cf-fb9b-4672-ade6-67a810e7db9f"
2) "session:cbaa057c-85a4-475d-b399-38c320e85dcc"
3) "session:13e030f5-de3d-458f-8d25-fd5643c40ff0"
4) "session:262596b3-3d13-4df1-8328-714153c1ae83"
5) "session:0b7d04c6-eaac-4eed-a9aa-8366f25f04f0"
localhost:63679> hgetall session:fd9ec3cf-fb9b-4672-ade6-67a810e7db9f
1) "lastAccessedTime"
2) "\xac\xed\x00\x05sr\x00\x0ejava.lang.Long;\x8b\xe4\x90\xcc\x8f#\xdf\x02\x00\x01J\x00\x05valuexr\x00\x10java.lang.Number\x86\xac\x95\x1d\x0b\x94\xe0\x8b\x02\x00\x00xp\x00\x00\x01T\x91\x03\"\xec"
3) "maxInactiveInterval"
4) "\xac\xed\x00\x05sr\x00\x11java.lang.Integer\x12\xe2\xa0\xa4\xf7\x81\x878\x02\x00\x01I\x00\x05valuexr\x00\x10java.lang.Number\x86\xac\x95\x1d\x0b\x94\xe0\x8b\x02\x00\x00xp\x00\x00\a\b"
5) "creationTime"
6) "\xac\xed\x00\x05sr\x00\x0ejava.lang.Long;\x8b\xe4\x90\xcc\x8f#\xdf\x02\x00\x01J\x00\x05valuexr\x00\x10java.lang.Number\x86\xac\x95\x1d\x0b\x94\xe0\x8b\x02\x00\x00xp\x00\x00\x01T\x91\x03\"\xb4"

As you see, RedisHttpSession store the Serialized Object to the redis. For each request(except the first request), it needs have a x-auth-token in headers, which can be got from the response, so the server can use the session associated with the request.