session会话更新

安全检测会在登录前后检测登录session,没更新会提示。
解决方法：设置一个过滤器，指定到登录的url，每登录一次就更新下session.
filter的代码如下，记得在web.xml配置一个过滤的url

import org.slf4j.Logger;import org.slf4j.LoggerFactory;import javax.servlet.*;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpSession;import java.io.IOException;import java.util.Enumeration;import java.util.HashMap;import java.util.Iterator;import java.util.Map;/** * Created by zhourj on 2015/11/23. * explain:登录时更新会话标识符(JSESSIONID) */public class NewSessionFilter implements Filter {    private String url;    private static final Logger logger = LoggerFactory.getLogger(NewSessionFilter.class);    @Override    public void init(FilterConfig filterConfig) throws ServletException {    }    @Override    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {        System.out.println("NewSessionFilter doFilter");        if (request instanceof HttpServletRequest) {            HttpServletRequest httpRequest = (HttpServletRequest) request;            //取的url相对地址            String url = httpRequest.getRequestURI();            System.out.println(url);            if (httpRequest.getSession() != null) {                System.out.println("NewSessionFilter doFilter httpRequest.getSession().getId()"+ httpRequest.getSession().getId());                //--------复制 session到临时变量                HttpSession session = httpRequest.getSession();                HashMap old = new HashMap();                Enumeration keys = session.getAttributeNames();                while (keys.hasMoreElements()){                    String key = (String) keys.nextElement();                        old.put(key, session.getAttribute(key));                        session.removeAttribute(key);                }                if (httpRequest.getMethod().equals("POST") && httpRequest.getSession() != null                        && !httpRequest.getSession().isNew() && httpRequest.getRequestURI().endsWith(url)){                    session.invalidate();                    session=httpRequest.getSession(true);                    logger.debug("new Session:" + session.getId());                }                //-----------------复制session                for (Iterator it = old.entrySet().iterator(); it.hasNext();) {                    Map.Entry entry = (Map.Entry) it.next();                    session.setAttribute((String) entry.getKey(), entry.getValue());                }            }        }        chain.doFilter(request, response);        System.out.println("NewSessionFilter doFilter end");    }    @Override    public void destroy() {    }}