一般来说我们的项目都有登录过滤器,一般请求足以搞定。但是AJAX却是例外的,所以解决方法是设置响应为session失效。
一共分为过滤器和页面JS两个部分的设置,先看过滤器的修改:
import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * 登录过滤器 *拥有Session是否失效和用户是否登录2个条件判断 *如果是ajax请求则设置session超时 * @author Merlin.Ma * */ public class LoginFilter implements Filter{ private String redirectUrl = "/login.html"; private String sessionKey = "userName"; @Override public void destroy() { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse rep = (HttpServletResponse) response; HttpSession session = req.getSession(); if( session == null || session.getAttribute(sessionKey) == null){ //如果判断是 AJAX 请求,直接设置为session超时 if( req.getHeader("x-requested-with") != null && req.getHeader("x-requested-with").equals("XMLHttpRequest") ) { rep.setHeader("sessionstatus", "timeout"); } else { rep.sendRedirect( req.getContextPath() + redirectUrl); } }else { chain.doFilter(request, response); } } @Override public void init(FilterConfig filterConfig) throws ServletException { String url = filterConfig.getInitParameter("redirectUrl"); String key = filterConfig.getInitParameter("sessionKey"); redirectUrl = url == null? redirectUrl:url; sessionKey = key == null ? sessionKey : key ; } }
代码简单,就不过多进行注释了,现在看JS部分的代码。当然是基于jQuery的~~
//全局的ajax访问,处理ajax清求时sesion超时 $.ajaxSetup({ contentType : "application/x-www-form-urlencoded;charset=utf-8", complete : function(XMLHttpRequest, textStatus) { var sessionstatus = XMLHttpRequest.getResponseHeader("sessionstatus"); // 通过XMLHttpRequest取得响应头,sessionstatus, if (sessionstatus == "timeout") { // 如果超时就处理 ,指定要跳转的页面 window.location.replace("login.html"); } } });
页面加载这段js代码,然后开始调用ajax。在不登陆或者session失效的情况下,可以看到页面跳转到登录页面。