1. 在登陆的时候进行session操作,加入标志
切记的是一定要加入禁止浏览器缓存,否则即使退出后点击浏览器的回退按钮还是可以回到上个页面
@RequestMapping(value = "/hr",method = RequestMethod.POST)
private String hrLogin(@RequestParam String email, @RequestParam String password, ModelMap modelMap, HttpServletRequest request
, HttpServletResponse response) {
response.setHeader("Cache-Control","no-cache"); //不对页面进行缓存,再次访问时将从服务器重新获取最新版本
response.setHeader("Cache-Control","no-store"); //任何情况下都不缓存页面
response.setDateHeader("Expires", 0); //使缓存过期
response.setHeader("Pragma","no-cache"); //HTTP 1.0 向后兼容
try {
result = loginServiceImpl.findByUserEmailAndUserPasswordAndUserJob(email,password,"hr");
} catch (Exception e) {
System.out.println("loginAction:"+e);
}
if(result != -1) {
modelMap.addAttribute("job","hr");
httpSession = request.getSession(); //得到session
httpSession.setAttribute("userID",result); //加入标志,此处result为用户的ID
return "home";
} else {
modelMap.addAttribute("errorTip",true);
return "redirect:/login/selectLogin?btn=hr";
}
}
2.退出的时候清除session
@RequestMapping("/logout")
public String logout(HttpServletRequest request) {
httpSession = request.getSession();
httpSession.removeAttribute("userID");
httpSession.invalidate();
return "index";
}
登陆处加上重定向
if(result != -1) {
modelMap.addAttribute("job","hr");
httpSession = request.getSession();
httpSession.setAttribute("userID",result);
return "redirect:/home";
}
重定向处加上判断session
@RequestMapping("/home")
public String home(HttpServletResponse response, HttpServletRequest request) {
response.setHeader("Cache-Control","no-cache"); //不对页面进行缓存,再次访问时将从服务器重新获取最新版本
response.setHeader("Cache-Control","no-store"); //任何情况下都不缓存页面
response.setDateHeader("Expires", 0); //使缓存过期
response.setHeader("Pragma","no-cache"); //HTTP 1.0 向后兼容
httpSession = request.getSession();
try{
userID = (int) httpSession.getAttribute("userID");
} catch (Exception e) {
logger.info("-----不存在HomeAction.httpSession.useID----");
return "index";
}
return "home";
}