Session超时处理
1、web.xml 添加配置:
<!-- session超时 --> <filter> <filter-name>sessionFilter</filter-name> <filter-class>com.dayhro.platform.filter.SessionTimeoutFilter</filter-class> </filter> <filter-mapping> <filter-name>sessionFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
2、sessionfilter.properties
#*********************************** # sessionouttimefilter配置 #*********************************** #判断以下的数据,拦截器直接跳过;以逗号分隔; allowUrls=login.do,login.jsp,logout.do,404.html,500.html,getSmsCode.do,codeCallBack.do,error.jsp #判断以下后缀名,也直接跳过;以逗号分隔; suffix=js,css,jpg,jpeg,ico,png,zip,swf,xml,gif,ftl,php,apk,ipa,rar,mp3,wav,rmvb,doc,xls,ppt,woff,ttf hippsuffix=/sso/to_hippo.jsp #移动端请求放行 mobilesuffix=/mobile/ #WEBSERVICE请求放行 webservicesuffix=/webws/ #客户指引请求放行 guidancesuffix=/guidance/ #与外包会话保持线程,每十分钟一次 #baseUrl=http://localhost:80 chinese=\u4E2D\u6587
3、SessionTimeoutFilter:
import java.io.IOException; import java.util.HashMap; import java.util.Map; import java.util.Properties; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.commons.lang.StringUtils; import com.dayhr.web.util.PropertiesCommonUtil; import com.dayhr.web.util.StringUtil; /** * * @ClassName:SessionTimeoutFilter * @Description: session超时处理 * @author: * @date:2016年9月19日 下午7:59:25 * @version */ public class SessionTimeoutFilter implements Filter { private Map<String, String> map = new HashMap<String, String>(); private Map<String, String> suffixmap = new HashMap<String, String>(); private static String loginUrl; static{ loginUrl = PropertiesCommonUtil.getValue("/properties/orgServer.properties", "login.url"); } @Override public void destroy() { } /** * 监听 */ @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest)request; HttpServletResponse httpResponse = (HttpServletResponse)response; String contextPath=httpRequest.getContextPath(); String requestUrl=httpRequest.getRequestURI().replace(contextPath, ""); if(requestUrl.indexOf(";")>-1){ requestUrl = requestUrl.substring(0, requestUrl.indexOf(";")); //获取分号之前的字符串 } //当遇到不须过滤的直接跳过 if(/*"/".equals(requestUrl)||*/requestUrl.contains("//") || map.get(StringUtil.parseSuffix(requestUrl,"url"))!=null || suffixmap.get(StringUtil.parseSuffix(requestUrl,"suffix"))!=null) { //可以跳过 chain.doFilter(request, response); return ; } HttpSession httpSession = httpRequest.getSession(); if(httpSession == null || httpSession.getAttribute("userInfo") == null){ //String userAgent = httpRequest.getHeader("User-Agent"); String ajax = httpRequest.getHeader("X-Requested-With"); //XMLHttpRequest为ajax请求 if(StringUtils.isNotBlank(ajax)){ // ajax请求 httpResponse.setHeader("sessionstatus", "timeout"); //httpRequest.getRequestDispatcher("/user/sessionTimeoutWeb").forward(httpRequest, httpResponse); } else { if("/index.jsp".equals(requestUrl)){ httpRequest.getRequestDispatcher("/index.jsp").forward(httpRequest, httpResponse); }else{ httpResponse.sendRedirect(loginUrl+"/logout?source=dayHRO"); } } }else{ chain.doFilter(httpRequest, httpResponse); } } /** * 初始化操作 */ @Override public void init(FilterConfig filterConfig) throws ServletException { //获取过滤不用进行拦截的URL Properties properties = PropertiesCommonUtil.readPropertiesFile("/properties/sessionfilter.properties"); String allowUrls = properties.getProperty("allowUrls"); String suffixs = properties.getProperty("suffix"); if (allowUrls != null) { String[] st = allowUrls.split(","); map.clear(); for (String s : st) { map.put(s, s); } } if (suffixs != null) { String[] str = suffixs.split(","); suffixmap.clear(); for (String s : str) { suffixmap.put(s, s); } } } }
4、jsp页面:
//session失效登出
$.ajaxSetup({
contentType: "application/x-www-form-urlencoded;charset=utf-8"
,complete: function (XMLHttpRequest, textStatus) {
var sessionstatus = XMLHttpRequest.getResponseHeader("sessionstatus"); // 通过XMLHttpRequest取得响应头,sessionstatus,
if (sessionstatus == "timeout") {
// 如果超时就处理 ,指定要跳转的页面
window.location.href = "/dayhro-web/DayhroLogin/logout";
}
}
});