定义filter对session过期用户重新登录
2016-04-20 11:11
405 查看
一、在web.xml中自定义securityFilter,设置跳转页面、需过滤的url相关参数
<filter>
<filter-name>securityFilter</filter-name>
<filter-class>com.sasis.webapp.filter.UserFilter</filter-class>
<init-param>
<param-name>errorPath</param-name>
<param-value>./nouUserSession.jsp</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>securityFilter</filter-name>
<url-pattern>*.html</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>securityFilter</filter-name>
<url-pattern>*.shtml</url-pattern>
</filter-mapping>
二、UserFilter.java处理session过期用户跳转逻辑
package com.sasis.webapp.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import uk.ltd.getahead.dwr.WebContextFactory;
import com.sasis.Constants;
import com.sasis.model.CurrentUser;
import com.sasis.model.User;
public class UserFilter implements Filter {
private static final Log log = LogFactory.getLog(UserFilter.class);
private String errorUrl;
public void init(FilterConfig filterConfig) throws ServletException {
errorUrl = filterConfig.getInitParameter("errorPath");
log.debug("--------------------------errorUrl______");
log.debug(errorUrl);
log.debug("--------------------------errorUrl______");
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
try {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
HttpSession session = httpRequest.getSession();
User user = (User)session.getAttribute("user");
log.debug(">>>>>>>>>>>>user>>>>>>>>>>>>"+user);
//if(null!=user)CurrentUser.set((User)session.getAttribute("user"));
CurrentUser.set(user);
String isLogin = (String) session.getAttribute(Constants.CURUSER_KEY);
boolean UrlNotvalidated = false;
String resourceURL = httpRequest.getRequestURL().toString();
String queryString = httpRequest.getQueryString();
String[] actionStrArray = resourceURL.split("/");
//if ("activityChangeMsg.html".equalsIgnoreCase(actionStrArray[actionStrArray.length -1])){
UrlNotvalidated = true;
//}
String referer = httpRequest.getHeader("referer");
if (null != referer || UrlNotvalidated){
if (session == null || !"true".equals(isLogin)) {
// System.out.println(request.getParameter("method"));
if(null != request.getParameter("method") && request.getParameter("method").startsWith("psg")){
filterChain.doFilter(request, response);
}else{
httpRequest.setAttribute("notUserSession","Y");
httpResponse.sendRedirect(errorUrl);
}
} else {
filterChain.doFilter(request, response);
}
} else {
httpResponse.sendRedirect(errorUrl);
}
} catch (Exception ex) {
log.error(ex);
ex.printStackTrace();
}
}
public void destroy() {
}
}
<filter>
<filter-name>securityFilter</filter-name>
<filter-class>com.sasis.webapp.filter.UserFilter</filter-class>
<init-param>
<param-name>errorPath</param-name>
<param-value>./nouUserSession.jsp</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>securityFilter</filter-name>
<url-pattern>*.html</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>securityFilter</filter-name>
<url-pattern>*.shtml</url-pattern>
</filter-mapping>
二、UserFilter.java处理session过期用户跳转逻辑
package com.sasis.webapp.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import uk.ltd.getahead.dwr.WebContextFactory;
import com.sasis.Constants;
import com.sasis.model.CurrentUser;
import com.sasis.model.User;
public class UserFilter implements Filter {
private static final Log log = LogFactory.getLog(UserFilter.class);
private String errorUrl;
public void init(FilterConfig filterConfig) throws ServletException {
errorUrl = filterConfig.getInitParameter("errorPath");
log.debug("--------------------------errorUrl______");
log.debug(errorUrl);
log.debug("--------------------------errorUrl______");
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
try {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
HttpSession session = httpRequest.getSession();
User user = (User)session.getAttribute("user");
log.debug(">>>>>>>>>>>>user>>>>>>>>>>>>"+user);
//if(null!=user)CurrentUser.set((User)session.getAttribute("user"));
CurrentUser.set(user);
String isLogin = (String) session.getAttribute(Constants.CURUSER_KEY);
boolean UrlNotvalidated = false;
String resourceURL = httpRequest.getRequestURL().toString();
String queryString = httpRequest.getQueryString();
String[] actionStrArray = resourceURL.split("/");
//if ("activityChangeMsg.html".equalsIgnoreCase(actionStrArray[actionStrArray.length -1])){
UrlNotvalidated = true;
//}
String referer = httpRequest.getHeader("referer");
if (null != referer || UrlNotvalidated){
if (session == null || !"true".equals(isLogin)) {
// System.out.println(request.getParameter("method"));
if(null != request.getParameter("method") && request.getParameter("method").startsWith("psg")){
filterChain.doFilter(request, response);
}else{
httpRequest.setAttribute("notUserSession","Y");
httpResponse.sendRedirect(errorUrl);
}
} else {
filterChain.doFilter(request, response);
}
} else {
httpResponse.sendRedirect(errorUrl);
}
} catch (Exception ex) {
log.error(ex);
ex.printStackTrace();
}
}
public void destroy() {
}
}
相关文章推荐
- jQuery plugin items filter
- 全国哀悼日网站页面变成灰色的filter方法
- 用css filter做鼠标滑过图片效果
- ASP 使用Filter函数来检索数组的实现代码
- ASP.NET MVC:Filter和Action的执行介绍
- jQuery遍历DOM节点操作之filter()方法详解
- JSP Filter的应用方法
- PHP中实现Bloom Filter算法
- Jquery find与filter函数区别 说明
- Event filter with query SELECT * FROM __InstanceModificationEvent WITHIN
- PHP内置过滤器FILTER使用实例
- PHP中filter函数校验数据的方法详解
- Android中的Intent Filter匹配规则简介
- javascipt:filter过滤介绍及使用
- 浅析AngularJS Filter用法
- Angularjs中如何使用filterFilter函数过滤
- 详解AngularJS Filter(过滤器)用法
- 5个数组Array方法: indexOf、filter、forEach、map、reduce使用实例
- javaweb中Filter(过滤器)的常见应用
- Pythont特殊语法filter,map,reduce,apply使用方法