/*** 版权:Copyright 2016-2016 AudaqueTech. Co. Ltd. All Rights Reserved.
* 描述:
* 创建人:赵巍
* 创建时间:2016年11月28日
* 修改人:
* 修改时间:
* 修改内容:*/
packagecom.thinkgem.jeesite.common.filter;importjava.io.IOException;importjavax.servlet.Filter;importjavax.servlet.FilterChain;importjavax.servlet.FilterConfig;importjavax.servlet.ServletException;importjavax.servlet.ServletRequest;importjavax.servlet.ServletResponse;importjavax.servlet.http.HttpServletRequest;importjavax.servlet.http.HttpServletResponse;importjavax.servlet.http.HttpSession;importorg.apache.shiro.SecurityUtils;importorg.apache.shiro.subject.Subject;importorg.slf4j.Logger;importorg.slf4j.LoggerFactory;public class CustomFilter implementsFilter
{private final Logger logger =LoggerFactory.getLogger(getClass());privateString failureUrl;
@Overridepublic void init(FilterConfig filterConfig) throwsServletException {//empty implement
}
@Overridepublic voiddoFilter(ServletRequest request, ServletResponse response, FilterChain chain)throwsIOException, ServletException {
HttpServletRequest httpRequest=(HttpServletRequest) request;
HttpServletResponse httpResponse=(HttpServletResponse) response;
HttpSession session=httpRequest.getSession();//String userid = (String)session.getAttribute("userid");
Subject subject =SecurityUtils.getSubject();/*if(uri.contains("/user/login") || uri.contains("/user/regPage") ){
chain.doFilter(request, response);
}else{*/
if(subject.getPrincipals() == null){
String contextPath=httpRequest.getContextPath();
String redirect=contextPath ;//ajax session 过期处理//1:判断是否是ajax请求
if (httpRequest.getHeader("x-requested-with") != null
&& "XMLHttpRequest".equalsIgnoreCase(httpRequest.getHeader("x-requested-with"))) {//向http头添加 状态 sessionstatus
httpResponse.setHeader("sessionstatus","timeout");
httpResponse.sendError(518, "session timeout.");/*httpResponse.setStatus(403);*/
//向http头添加登录的url
httpResponse.addHeader("loginPath", failureUrl);
chain.doFilter(request, response);
logger.debug("ajax request");return;
}
httpResponse.sendRedirect(redirect);return;
}else{
chain.doFilter(request, response);
}/*}*/}
@Overridepublic voiddestroy() {//empty implement
}publicString getFailureUrl() {returnfailureUrl;
}public voidsetFailureUrl(String failureUrl) {this.failureUrl =failureUrl;
}
}