url中有Jsessionid生成的原因:
jsessionid是标明session的id的(有点废话。。。),它是存在于cookie中的,一般情况下不会出现在url中,服务器会从客户端的cookie中取出来,但是如果客户端禁用了cookie的话,就要重写url了,显式的将jsessionid重写到Url中,方便服务器来通过这个找到session的id。
如果客户端请求的cookie中不包含JSESSIONID,服务端调用request.getSession()时就会生成并传递给客户端,此次响应头会包含设置cookie的信息
如果客户端请求的cookie中包含JSESSIONID,服务端调用request.getSession()时就会根据JSESSIONID进行查找对象,如果能查到就返回,否则就跟没传递JSESSIONID一样;
解决方式1.在客户端页面上,判断Url是否包含Jsessionid,有的就移除
方式2.后台编写一个过滤器,判断如果请求url中带有sessionid,则进行处理
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
public class RemoveUrlJsessionIdFilter implements Filter{
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
// skip non-http requests
if (!(request instanceof HttpServletRequest)) {
chain.doFilter(request, response);
return;
}
//从url中删除jsessionid
// isRequestedSessionIdFromURL():Checks whether the requested session ID came in as part of the request URL.
if (httpServletRequest.isRequestedSessionIdFromURL()) {
HttpSession session = httpServletRequest.getSession();
if (null != session) {
session.invalidate();
}
}
// wrap response to remove URL encoding
HttpServletResponseWrapper wrappedResponse = new HttpServletResponseWrapper(httpServletResponse) {
@Override
public String encodeRedirectUrl(String url) {
return url;
}
@Override
public String encodeRedirectURL(String url) {
return url;
}
@Override
public String encodeUrl(String url) {
return url;
}
@Override
public String encodeURL(String url) {
return url;
}
};
// process next request in chain
chain.doFilter(request, wrappedResponse);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void destroy() {
}
}
web.xml
<filter>
<filter-name>RemoveUrlJsessionIdFilter</filter-name>
<filter-class>spring.filter.RemoveUrlJsessionIdFilter</filter-class>
<async-supported>true</async-supported><!--异步支持 -->
</filter>
<filter-mapping>
<filter-name>RemoveUrlJsessionIdFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>