swfupload有时在谷歌或火狐内核丢失session,有拦截器验证登录时会报302错误。
解决思路是在前台获取jsessionid,上传时一并传入后台,在拦截器通过请求的jsessionid获取session,再进行登录验证。
1.前端通过<input type="hidden" id="ssid" value="<%=request.getSession().getId()%>"/>
获取jsessionid,在post_params: {"jsessionid":document.all("ssid").value}
传入参数。
2.后台通过sessionid获取session,使用session监听器配合一个静态的hashmap即可实现。
首先,创建自己的sessionContext
public class MySessionContext {
private static MySessionContext instance;
private HashMap<String,HttpSession> sessionMap;
private MySessionContext() {
sessionMap = new HashMap<String,HttpSession>();
}
public static MySessionContext getInstance() {
if (instance == null) {
instance = new MySessionContext();
}
return instance;
}
public synchronized void addSession(HttpSession session) {
if (session != null) {
sessionMap.put(session.getId(), session);
}
}
public synchronized void delSession(HttpSession session) {
if (session != null) {
sessionMap.remove(session.getId());
}
}
public synchronized HttpSession getSession(String sessionID) {
if (sessionID == null) {
return null;
}
return sessionMap.get(sessionID);
}
}
然后建立session监听,要实现HttpSessionListener接口
public class SessionListener implements HttpSessionListener {
private MySessionContext myc = MySessionContext.getInstance();
public void sessionCreated(HttpSessionEvent httpSessionEvent) {
HttpSession session = httpSessionEvent.getSession();
myc.addSession(session);
}
public void sessionDestroyed(HttpSessionEvent httpSessionEvent) {
HttpSession session = httpSessionEvent.getSession();
myc.delSession(session);
}
}
接着,在web.xml中配置session监听器
<listener>
<listener-class>SessionListener</listener-class>
</listener>
完事,大功告成,之后在代码中直接获取就OK了
MySessionContext myc= MySessionContext.getInstance();
HttpSession sess = myc.getSession(sessionId);
3.在拦截器中使用session判断登录状态就ok了