package com.xdzo.filter;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.http.HttpStatus;
import com.xdzo.domain.Student;
public class SessionFilter implements Filter {
/*// 日志
Logger logger = LoggerFactory.getLogger(SessionFilter.class);*/
public void destroy() {
// TODO Auto-generated method stub
}
public void doFilter(ServletRequest sreq, ServletResponse sresp, FilterChain chain)
throws IOException, ServletException {
if (!(sreq instanceof HttpServletRequest) || !(sresp instanceof HttpServletResponse)) {
throw new ServletException("OncePerRequestFilter just supports HTTP requests");
}
HttpServletRequest httpRequest = (HttpServletRequest) sreq;
HttpServletResponse httpResponse = (HttpServletResponse) sresp;
String url = httpRequest.getServletPath();
System.out.println("请求路径"+url);
httpResponse.setHeader("Cache-Control","no-cache");
httpResponse.setHeader("Pragma","no-cache");
httpResponse.setDateHeader ("Expires", -1);
httpResponse.setHeader("P3P","CP=CAO PSA OUR");
HttpSession session = httpRequest.getSession();
if(!httpResponse.isCommitted()){
if(session!= null){
Student user = (Student)session.getAttribute("user");
//String userName = object == null ? null : (String) object;
if (url.indexOf("LoginController.do")!= -1) {
// 排除登录操作
if (url.indexOf("LoginController.do") != -1) {
chain.doFilter(sreq, sresp);
}
}
// 检验此操作是否存在loginsession
if (user == null) {
httpResponse.setContentType("text/html;charset=gb2312");
PrintWriter out = httpResponse.getWriter();
out.println("<script language='javascript' type='text/javascript'>");
out.println("alert('由于你长时间没有操作,导致Session失效!请你重新登录!');window.location.href='" + httpRequest.getContextPath() + "/login.jsp'");
out.println("</script>");
return;
}
}else{
httpResponse.sendRedirect("login.jsp");
return ;
}
}
chain.doFilter(sreq, sresp);
}
/**
* 判断是否为Ajax请求
*
* @param request
* HttpServletRequest
* @return 是true, 否false
*/
public static boolean isAjaxRequest(HttpServletRequest request) {
return (request.getHeader("X-Requested-With") != null
&& "XMLHttpRequest".equals(request.getHeader("X-Requested-With").toString()));
}
public void init(FilterConfig config) throws ServletException {
}
}
web.xml里面的配置
<filter>
<filter-name>SessionFilter</filter-name>
<filter-class>com.xdzo.filter.SessionFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SessionFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>