filter 拦截ajax请求 

1.filter
public class SessonFilter  implements Filter {

    private static Logger log = LoggerFactory.getLogger(SessonFilter.class);

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        //empty implement
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        HttpServletRequest httpRequest = (HttpServletRequest) request;
        HttpServletResponse httpResponse = (HttpServletResponse) response;
        HttpSession session = httpRequest.getSession();
        String uri = httpRequest.getRequestURI();
        String ctxpath = httpRequest.getContextPath();

        String userid = (String)session.getAttribute("userid");

        if(uri.contains("/user/login") || uri.contains("/user/regPage") ){
            chain.doFilter(request, response);
        }else{  
            if(userid == null){
                String contextPath = httpRequest.getContextPath();
                String redirect =  contextPath ;
                //ajax session 过期处理
                //1:判断是否是ajax请求
                if (httpRequest.getHeader("x-requested-with") != null 
                        && "XMLHttpRequest".equalsIgnoreCase(httpRequest.getHeader("x-requested-with"))) {   
                    //向http头添加 状态 sessionstatus
                    httpResponse.setHeader("sessionstatus","timeout");
                    httpResponse.setStatus(403);
                    //向http头添加登录的url
                    httpResponse.addHeader("loginPath", ctxpath);
                    chain.doFilter(request, response);
                    log.debug("ajax request");
                    return ;
                }
                httpResponse.sendRedirect(redirect);
                return;
            }else{
                chain.doFilter(request, response);
            }
        }
    }

    @Override
    public void destroy() {
        //empty implement
    }
}

2.核心代码
//ajax session 过期处理
//1:判断是否是ajax请求
if (httpRequest.getHeader("x-requested-with") != null 
                        && "XMLHttpRequest".equalsIgnoreCase(httpRequest.getHeader("x-requested-with"))) {   
    //向http头添加 状态 sessionstatus
    httpResponse.setHeader("sessionstatus","timeout");
    httpResponse.setStatus(403);
    //向http头添加登录的url
    httpResponse.addHeader("loginPath", ctxpath);
    chain.doFilter(request, response);
    log.debug("ajax request");
    return ;
}
3.JS
//ajax完成时回调函数
$(document).ajaxComplete(function(event, xhr, settings) {
    //从http头信息取出 在filter定义的sessionstatus,判断是否是 timeout
    if(xhr.getResponseHeader("sessionstatus")=="timeout"){ 
        //从http头信息取出登录的url = loginPath
        if(xhr.getResponseHeader("loginPath")){
            alert("会话过期,请重新登陆!");
            //打会到登录页面
            window.location.replace(xhr.getResponseHeader("loginPath"));  
        }else{  
            alert("请求超时请重新登陆 !");  
        }  
    }  
}); 
 

posted on 2017-07-27 11:04  Mr`zhang  阅读(1872)  评论(0编辑  收藏  举报

导航