第一种方法:使用默认的springboot方法 @Bean(name = "redisTemplate") public RedisTemplate<String, Object> redisTemplate(JedisConnectionFactory factory) { RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>(); redisTemplate.setConnectionFactory(redisConnectionFactory()); redisTemplate.afterPropertiesSet(); return redisTemplate; }
这种方法在redisclient客户端保存key的是乱码;弊端,指定的key在数据库中存的是乱码,不能可视化,不利于跨系统利用redis。
第二种方法
@Bean(name = "redisTemplate") public RedisTemplate<String, Object> redisTemplate(JedisConnectionFactory factory) { RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>(); redisTemplate.setConnectionFactory(redisConnectionFactory()); setMySerializer(redisTemplate); setRedisTemplate(redisTemplate); redisTemplate.afterPropertiesSet(); return redisTemplate; }
private void setMySerializer(RedisTemplate template) { Jackson2JsonRedisSerializer<Object> jackson2JsonRedisSerializer = new Jackson2JsonRedisSerializer<Object>( Object.class); ObjectMapper om = new ObjectMapper(); om.setVisibility(PropertyAccessor.ALL, JsonAutoDetect.Visibility.ANY); om.enableDefaultTyping(ObjectMapper.DefaultTyping.NON_FINAL); jackson2JsonRedisSerializer.setObjectMapper(om); template.setKeySerializer(template.getStringSerializer()); template.setValueSerializer(jackson2JsonRedisSerializer); }
这种方法om.enableDefaultTyping(ObjectMapper.DefaultTyping.NON_FINAL)这行会被sona扫描出漏洞
去掉这行,会带来意想不到的问题,比如,时间格式,存在数据库中是long,但是获取key回转的时候会有问题
第三种方法:
验证好使: @Bean(name = "redisTemplate") public RedisTemplate<String, Object> redisTemplate(JedisConnectionFactory factory) { RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>(); redisTemplate.setConnectionFactory(redisConnectionFactory()); setRedisTemplate(redisTemplate); redisTemplate.afterPropertiesSet(); return redisTemplate; } public void setRedisTemplate(RedisTemplate redisTemplate) { // JdkSerializationRedisSerializer jdkSerializationRedisSerializer = new JdkSerializationRedisSerializer(); GenericJackson2JsonRedisSerializer jackson2JsonRedisSerializer = new GenericJackson2JsonRedisSerializer(); // 设置值(value)的序列化采用FastJsonRedisSerializer。 redisTemplate.setValueSerializer(jackson2JsonRedisSerializer); // redisTemplate.setHashValueSerializer(fastJsonRedisSerializer); // 设置键(key)的序列化采用StringRedisSerializer。 redisTemplate.setKeySerializer(new StringRedisSerializer()); redisTemplate.setHashKeySerializer(new StringRedisSerializer()); redisTemplate.afterPropertiesSet(); }
sona扫描没有bug