欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

Ajax Session Timeout处理

程序员文章站 2022-07-13 11:04:43
...

对于session过期跳转的问题,很简单,就是一个过滤器,然后判断session为空?跳转:继续。但是对于ajax的请求,需要做特殊处理,见下面代码中的

// 此处考虑ajax操作session过期的操作,如果ajax请求过程中session过期,则指定过期状态码为:911.
String requestType = req.getHeader("X-Requested-With");

因为ajax请求的时候请求头是:X-Requested-With,so我们可以根据该请求头做session过期处理。

下面是过滤器的实现,可以作为参考。

package com.***.action.util;

import java.io.IOException;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.List;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/**
 * 标题:SessionFilter.
 * 
 * 描述:session expire filter.
 * 
 * @author lgscofield.
 */
public class SessionFilter implements Filter {

    private final static Log LOGGER = LogFactory.getLog(SessionFilter.class);

    /**
     * 过滤器配置
     */
    private FilterConfig filterConfig;

    /**
     * 超时页面
     */
    protected String sessionTimeOutPage = null;

    /**
     * 某些url前缀列表(如: /css/*, /js/*, /images/***...)
     */
    private List<String> ignoreURIs = new ArrayList<String>();

    /**
     * 静态资源列表(如: *.css, *.js, *.jpg...)
     */
    private List<String> ignoreExts = new ArrayList<String>();

    /**
     * 个别动态资源(如: login.action, navigate.action, login.jsp...)
     */
    private List<String> ignoreActions = new ArrayList<String>();

    /**
     * Default Construct.
     */
    public SessionFilter() {
        super();
    }

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        LOGGER.info("Init LogFilter Start.");
        this.filterConfig = filterConfig;
        // this.context = this.filterConfig.getServletContext();
        // startMonitor();

        // 某些URL前缀不予处理(例如 /img/***)
        String ignores = filterConfig.getInitParameter("ignore");
        if (ignores != null) {
            for (String ig : StringUtils.split(ignores, ',')) {
                ignoreURIs.add(ig.trim());
            }
        }

        // 某些URL扩展名不予处理(例如 *.jpg)
        ignores = filterConfig.getInitParameter("ignoreExts");
        if (ignores != null) {
            for (String ig : StringUtils.split(ignores, ',')) {
                ignoreExts.add('.' + ig.trim());
            }
        }

        // 某写页面及Action不予处理(例如login.jsp,login.action)
        ignores = filterConfig.getInitParameter("ignoreActions");
        if (ignores != null) {
            for (String ig : StringUtils.split(ignores, ',')) {
                ignoreActions.add(ig.trim());
            }
        }

        LOGGER.info("Init LogFilter End.");
    }

    @Override
    public void destroy() {
        this.filterConfig = null;
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
            ServletException {
        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse resp = (HttpServletResponse) response;
        // HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper((HttpServletResponse) response);

        resp.setCharacterEncoding("UTF-8");
        HttpSession session = req.getSession(true);
        String requestUrl = req.getRequestURI();
        String redirectPath = req.getContextPath() + "/navigate.action";

        try {

            //过滤URL前缀
            /*
             * for (String ignoreURI : ignoreURIs) { if (requestUrl.startsWith(ignoreURI)) { chain.doFilter(req, resp);
             * return; } }
             */

            //过滤URL后缀
            for (String ignoreExt : ignoreExts) {
                if (requestUrl.endsWith(ignoreExt)) {
                    chain.doFilter(req, resp);
                    return;
                }
            }

            // 过滤登陆action/jsp
            for (String ingonAction : ignoreActions) {
                if (isContains(requestUrl, ingonAction)) {
                    chain.doFilter(req, resp);
                    return;
                }
            }

            if (requestUrl.endsWith("/portal/") || requestUrl.endsWith("/portal")) {
                resp.sendRedirect(redirectPath);
                return;
            }
        } catch (SecurityException e) {
            String loginPage = req.getContextPath() + URLEncoder.encode(requestUrl, "utf-8");
            resp.sendRedirect(loginPage);
        }

        // 验证session是否过期
        Object user = session.getAttribute("userInfo");
        if (user == null) {
            
            // 此处考虑ajax操作session过期的操作,如果ajax请求过程中session过期,则指定过期状态码为:911.
            String requestType = req.getHeader("X-Requested-With");
            if (!StringUtils.isEmpty(requestType) && requestType.equalsIgnoreCase("XMLHttpRequest")) {
                resp.setStatus(911);
                resp.setHeader("sessionstatus", "timeout");
                resp.addHeader("loginPath", redirectPath);
                return;
            } else {
                // wrapper.sendRedirect(redirectPath);
                resp.sendRedirect(redirectPath);
                return;
            }
        } else {
            chain.doFilter(request, response);
            return;
        }
    }

    public static boolean isContains(String container, String regx) {
        boolean result = false;

        if (container.indexOf(regx) != -1) {
            return true;
        }
        return result;
    }

}

 最后就是页面上的处理了,此处应用了jquery全局事件处理机制:

$(function(){
    $.ajaxSetup({
        contentType: "application/x-www-form-urlencoded;charset=utf-8",
        cache: false,
        complete: function(XHR, TS){
            var resText = XHR.responseText;
            var sessionstatus = XHR.getResponseHeader("sessionstatus");
            var loginPath = XHR.getResponseHeader("loginPath");
            if (911 == XHR.status && "timeout" == sessionstatus) {
                // 此处使用了开源的消息确认框 
                $.messager.confirm('session过期', '您的会话已经过期,请重新登陆后继续操作!', function(confirm){
                    if (confirm) {
                        window.location.replace(loginPath);
                    }
                });
                // 也可以使用下面的原生js的确认框,如果确认则跳转
                if(window.confirm('session过期', '您的会话已经过期,请重新登陆后继续操作!')) {
                    window.location.replace(loginPath);
                }
                return;
            }
        }
    });
});