最近User又出了一個很難的問題,也就是session 到期要將目前視窗關閉及跳出alert的訊息(如:使用者session到期!)
傳統的session到期,大部分都是用filter做掉,用do chain導到其它頁,而這個是要反回饋給當下頁面並關閉視窗還有跳出alert訊息方塊,也就不能do chain到其它頁面,而是原本頁面。
做法如下:
1、先做filter
public class SessionFilter implements Filter {
public void destroy() {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String currentURL = request.getRequestURI();
String targetURL = currentURL.substring(currentURL.indexOf("/", 1), currentURL.length());
HttpSession session = request.getSession(false);
if (!"/frontend/login".equals(targetURL) && !"/".equals(targetURL)) {
if (session == null || session.getAttribute(Config.Web.USER_ATT_NAME) == null) {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "使用者session過期");
}
}
chain.doFilter(request, response);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
}
2、至於main的頁面的ajax接收的部分,只接收response的訊息為SC_UNAUTHORIZED,也就是401
3、至於spring的interceptor的做法也如同filter,很簡單
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
public class SessionInterceptor extends HandlerInterceptorAdapter {
private List checklist;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
User user = (User) request.getSession().getAttribute(Config.Web.USER_ATT_NAME);
if (check(request)) {
return true;
} else {
if (null == user) {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "使用者session過期");
return false;
}
}
return true;
}
private Boolean check(HttpServletRequest request) {
String uri = request.getRequestURI();
for (String url : checklist) {
if (uri.indexOf(url) != -1) return Boolean.TRUE;
}
return Boolean.FALSE;
}
public List getChecklist() {
return checklist;
}
public void setChecklist(List checklist) {
this.checklist = checklist;
}
}
xml的設定如下:
frontend/login
frontend/errors
frontend/TSwiftLogQuery
frontend/TradeSuccessQuery
frontend/TradeErrorQuery
frontend/TnormalDrLogQuery
frontend/TnormalCrLogQuery
frontend/TintraLogQuery
frontend/TFundNoticeQuery
frontend/TexceptionQuery
frontend/TDrProcessQuery
frontend/TCrProcessQuery
frontend/cif5
frontend/CalLogQuery
frontend/auth8
frontend/auth6
傳統的session到期,大部分都是用filter做掉,用do chain導到其它頁,而這個是要反回饋給當下頁面並關閉視窗還有跳出alert訊息方塊,也就不能do chain到其它頁面,而是原本頁面。
做法如下:
1、先做filter
public class SessionFilter implements Filter {
public void destroy() {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String currentURL = request.getRequestURI();
String targetURL = currentURL.substring(currentURL.indexOf("/", 1), currentURL.length());
HttpSession session = request.getSession(false);
if (!"/frontend/login".equals(targetURL) && !"/".equals(targetURL)) {
if (session == null || session.getAttribute(Config.Web.USER_ATT_NAME) == null) {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "使用者session過期");
}
}
chain.doFilter(request, response);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
}
2、至於main的頁面的ajax接收的部分,只接收response的訊息為SC_UNAUTHORIZED,也就是401
3、至於spring的interceptor的做法也如同filter,很簡單
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
public class SessionInterceptor extends HandlerInterceptorAdapter {
private List
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
User user = (User) request.getSession().getAttribute(Config.Web.USER_ATT_NAME);
if (check(request)) {
return true;
} else {
if (null == user) {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "使用者session過期");
return false;
}
}
return true;
}
private Boolean check(HttpServletRequest request) {
String uri = request.getRequestURI();
for (String url : checklist) {
if (uri.indexOf(url) != -1) return Boolean.TRUE;
}
return Boolean.FALSE;
}
public List
return checklist;
}
public void setChecklist(List
this.checklist = checklist;
}
}
xml的設定如下:
全站熱搜
留言列表
