Session超时处理

 

1、web.xml 添加配置:

    <!-- session超时 --> 
    <filter>
        <filter-name>sessionFilter</filter-name>
        <filter-class>com.dayhro.platform.filter.SessionTimeoutFilter</filter-class>
      </filter>
      <filter-mapping>
        <filter-name>sessionFilter</filter-name>
        <url-pattern>/*</url-pattern>
      </filter-mapping>

2、sessionfilter.properties

#***********************************
#     sessionouttimefilter配置
#***********************************
#判断以下的数据,拦截器直接跳过;以逗号分隔;
allowUrls=login.do,login.jsp,logout.do,404.html,500.html,getSmsCode.do,codeCallBack.do,error.jsp
#判断以下后缀名,也直接跳过;以逗号分隔;
suffix=js,css,jpg,jpeg,ico,png,zip,swf,xml,gif,ftl,php,apk,ipa,rar,mp3,wav,rmvb,doc,xls,ppt,woff,ttf
hippsuffix=/sso/to_hippo.jsp
#移动端请求放行
mobilesuffix=/mobile/
#WEBSERVICE请求放行
webservicesuffix=/webws/
#客户指引请求放行
guidancesuffix=/guidance/
#与外包会话保持线程,每十分钟一次
#baseUrl=http://localhost:80
chinese=\u4E2D\u6587

3、SessionTimeoutFilter:

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang.StringUtils;

import com.dayhr.web.util.PropertiesCommonUtil;
import com.dayhr.web.util.StringUtil;

/**
 * 
 * @ClassName:SessionTimeoutFilter
 * @Description: session超时处理 
 * @author: 
 * @date:2016年9月19日 下午7:59:25 
 * @version
 */
public class SessionTimeoutFilter implements Filter {

    private Map<String, String> map = new HashMap<String, String>();
    private Map<String, String> suffixmap = new HashMap<String, String>();
    private static String loginUrl;
    
    static{
        loginUrl = PropertiesCommonUtil.getValue("/properties/orgServer.properties", "login.url");
    }
    
    @Override
    public void destroy() {
        
    }
    
    /**
     * 监听
     */
    @Override
    public void doFilter(ServletRequest request, ServletResponse response,
            FilterChain chain) throws IOException, ServletException {
        
        HttpServletRequest httpRequest = (HttpServletRequest)request;
        HttpServletResponse httpResponse = (HttpServletResponse)response;
        
        String contextPath=httpRequest.getContextPath(); 
        String requestUrl=httpRequest.getRequestURI().replace(contextPath, "");
        
        if(requestUrl.indexOf(";")>-1){
            requestUrl = requestUrl.substring(0, requestUrl.indexOf(";")); //获取分号之前的字符串
        }
        
        //当遇到不须过滤的直接跳过
        if(/*"/".equals(requestUrl)||*/requestUrl.contains("//") 
            || map.get(StringUtil.parseSuffix(requestUrl,"url"))!=null
            || suffixmap.get(StringUtil.parseSuffix(requestUrl,"suffix"))!=null)
        {
            //可以跳过
            chain.doFilter(request, response);
            return ;
        }
        
        HttpSession httpSession = httpRequest.getSession();
        if(httpSession == null || httpSession.getAttribute("userInfo") == null){
            //String userAgent = httpRequest.getHeader("User-Agent");
            String ajax = httpRequest.getHeader("X-Requested-With"); //XMLHttpRequest为ajax请求
            
            if(StringUtils.isNotBlank(ajax)){ // ajax请求 
                httpResponse.setHeader("sessionstatus", "timeout"); 
                //httpRequest.getRequestDispatcher("/user/sessionTimeoutWeb").forward(httpRequest, httpResponse);
            } else {
                if("/index.jsp".equals(requestUrl)){
                     httpRequest.getRequestDispatcher("/index.jsp").forward(httpRequest, httpResponse);
                }else{
                     httpResponse.sendRedirect(loginUrl+"/logout?source=dayHRO");
                }
            }
        }else{
            chain.doFilter(httpRequest, httpResponse);
        }
    }
    
    /**
     * 初始化操作
     */
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        
        //获取过滤不用进行拦截的URL
        Properties properties = PropertiesCommonUtil.readPropertiesFile("/properties/sessionfilter.properties");
        String allowUrls = properties.getProperty("allowUrls");
        String suffixs = properties.getProperty("suffix");
        
        if (allowUrls != null) {
            String[] st = allowUrls.split(",");
            map.clear();
            for (String s : st) {
                map.put(s, s);
            }
        }
        if (suffixs != null) {
            String[] str = suffixs.split(",");
            suffixmap.clear();
            for (String s : str) {
                suffixmap.put(s, s);
            }
        }
    }
    
}

 

4、jsp页面:

//session失效登出
    $.ajaxSetup({
        contentType: "application/x-www-form-urlencoded;charset=utf-8"
        ,complete: function (XMLHttpRequest, textStatus) {
            var sessionstatus = XMLHttpRequest.getResponseHeader("sessionstatus"); // 通过XMLHttpRequest取得响应头,sessionstatus, 
            if (sessionstatus == "timeout") {
                // 如果超时就处理 ,指定要跳转的页面 
                window.location.href = "/dayhro-web/DayhroLogin/logout";
            }
        }
    });

 

posted @ 2016-09-19 20:37  mingyue1818  阅读(3202)  评论(0编辑  收藏  举报