session失效页面跳转

最新推荐文章于 2021-06-07 18:26:44 发布

weixin_34223655

最新推荐文章于 2021-06-07 18:26:44 发布

阅读量257

点赞数

文章标签： java python web.xml

原文链接：https://my.oschina.net/u/3149614/blog/868388

版权

2019独角兽企业重金招聘Python工程师标准>>>

简单实现，如果session失效就返回到登录页面。使用Filter，同时过滤对静态页面和controller的访问，并且ajax请求也能跳转。

1. web.xml配置

<filter>
	<filter-name>loginfilter</filter-name>
	<filter-class>
		com.lty.ebus.custom.filters.CheckLoginFilter</filter-class>
	<init-param>
		<param-name>rootPath</param-name>
		<param-value>/login.jsp</param-value>
	</init-param>
</filter>
<!-- 所有需要session才能访问的JSP或HTML页面均放在webviews下-->
<filter-mapping>
	<filter-name>loginfilter</filter-name>
	<url-pattern>/webviews/*</url-pattern> 
</filter-mapping>
<!-- 过滤controller -->
<filter-mapping>
	<filter-name>loginfilter</filter-name>
	<url-pattern>/webapp/*</url-pattern>
</filter-mapping>

2. 过滤器

package com.lty.ebus.custom.filters;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.util.StringUtils;

import com.lty.ebus.common.constants.SysGlobalConstants;
import com.lty.ebus.common.redis.RedisHelper;

/**
 * @Title: CheckLoginFilter.java
 * @Package com.lantaiyuan.ebus.custom.interceptors
 * @Description:
 * @author yangyang
 * @date 2016年12月20日 下午2:14:06
 * @version v1.0
 */

public class CheckLoginFilter implements Filter {

	private String rootPath;

	public void destroy() {
		if (!StringUtils.isEmpty(rootPath)) {
			this.rootPath = null;
		}
	}

	public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
			throws IOException, ServletException {
		HttpServletResponse response = (HttpServletResponse) res;
		HttpServletRequest request = (HttpServletRequest) req;
		Object session = RedisHelper.get(SysGlobalConstants.SESSIONID.concat(request.getSession().getId()));
		String uri = request.getRequestURI().toLowerCase();
		if (StringUtils.isEmpty(session) && uri.indexOf("login") < 0 && uri.indexOf("logout") < 0) {
			// 设置header，便于ajax请求做处理
			response.setHeader("sessionstatus", "timeout");
			response.setContentType("text/html;charset=UTF-8");
			response.getWriter()
					.println("<script language='javascript'>if(window.opener==null){window.top.location.href='"
							+ rootPath + "';}else{window.opener.top.location.href='" + rootPath
							+ "';window.close();}</script>");
		} else {
			chain.doFilter(req, res);
		}
	}

	public void init(FilterConfig con) throws ServletException {
		this.rootPath = con.getServletContext().getContextPath().concat(con.getInitParameter("rootPath"));
	}

}

非ajax请求到这一步就可以了，ajax请求还需要继续往下看

3. ajax请求

新建一个js文件，内容如下

/** 
 * 设置未来(全局)的AJAX请求默认选项 
 * 主要设置了AJAX请求遇到Session过期的情况 
 */  
var appName = $("#appName").val();

$.ajaxSetup({  
    complete: function(xhr,status) { 
        var sessionStatus = xhr.getResponseHeader('sessionstatus');  
        if(sessionStatus == 'timeout') {  
            var top = getTopWinow();  
            top.location.href = appName + '/login.jsp';              
        }  
    }  
});  
  
/** 
 * 在页面中任何嵌套层次的窗口中获取顶层窗口 
 * @return 当前页面的顶层窗口对象 
 */  
function getTopWinow(){  
    var p = window;  
    while(p != p.parent){  
        p = p.parent;  
    }  
    return p;  
}

该js文件需要被引入到有ajax请求（对session有要求）的页面中

此时就大功告成啦！

4. 补充说明

一开始出错，是因为filter写成了这样：

public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
			throws IOException, ServletException {
		HttpServletResponse response = (HttpServletResponse) res;
		HttpServletRequest request = (HttpServletRequest) req;
		Object session = RedisHelper.get(SysGlobalConstants.SESSIONID.concat(request.getSession().getId()));
		String uri = request.getRequestURI().toLowerCase();
		if (StringUtils.isEmpty(session) && uri.indexOf("login") < 0 && uri.indexOf("logout") < 0) {
			String header = ((HttpServletRequest)req).getHeader("x-requested-with");
			if(!StringUtils.isEmpty(header) && header.equalsIgnoreCase("XMLHttpRequest")) { // ajax请求 
				  response.setHeader("sessionstatus", "timeout");
				  
			}else {
				response.setContentType("text/html;charset=UTF-8");
				response.getWriter()
						.println("<script language='javascript'>if(window.opener==null){window.top.location.href='"
								+ rootPath + "';}else{window.opener.top.location.href='" + rootPath
								+ "';window.close();}</script>");
			}
		} else {
			chain.doFilter(req, res);
		}
	}

ajax请求并没有停止本身的处理过程，还会继续，又请求不到数据，就会一直报undefined错误。后来干脆不再区分是否是ajax请求，都加上header，都用response输出内容，就能正常执行了。js也不是很好，不太明白原理，先记下，希望有朝一日能搞清楚吧^_^

转载于:https://my.oschina.net/u/3149614/blog/868388