定义filter对session过期用户重新登录

一、在web.xml中自定义securityFilter，设置跳转页面、需过滤的url相关参数

<filter><filter-name>securityFilter</filter-name><filter-class>com.sasis.webapp.filter.UserFilter</filter-class><init-param><param-name>errorPath</param-name><param-value>./nouUserSession.jsp</param-value></init-param></filter><filter-mapping><filter-name>securityFilter</filter-name><url-pattern>*.html</url-pattern></filter-mapping><filter-mapping><filter-name>securityFilter</filter-name><url-pattern>*.shtml</url-pattern></filter-mapping>

二、UserFilter.java处理session过期用户跳转逻辑

package com.sasis.webapp.filter;import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;import org.apache.commons.logging.Log;import org.apache.commons.logging.LogFactory;import uk.ltd.getahead.dwr.WebContextFactory;import com.sasis.Constants;import com.sasis.model.CurrentUser;import com.sasis.model.User;public class UserFilter implements Filter {private static final Log log = LogFactory.getLog(UserFilter.class);private String errorUrl;public void init(FilterConfig filterConfig) throws ServletException {errorUrl = filterConfig.getInitParameter("errorPath");log.debug("--------------------------errorUrl______");log.debug(errorUrl);log.debug("--------------------------errorUrl______");}public void doFilter(ServletRequest request, ServletResponse response,FilterChain filterChain) throws IOException, ServletException {try {HttpServletRequest httpRequest = (HttpServletRequest) request;HttpServletResponse httpResponse = (HttpServletResponse) response;HttpSession session = httpRequest.getSession();User user = (User)session.getAttribute("user");log.debug(">>>>>>>>>>>>user>>>>>>>>>>>>"+user);//if(null!=user)CurrentUser.set((User)session.getAttribute("user"));CurrentUser.set(user);            String isLogin = (String) session.getAttribute(Constants.CURUSER_KEY);                        boolean UrlNotvalidated = false;String resourceURL = httpRequest.getRequestURL().toString(); String queryString = httpRequest.getQueryString(); String[] actionStrArray = resourceURL.split("/");//if ("activityChangeMsg.html".equalsIgnoreCase(actionStrArray[actionStrArray.length -1])){UrlNotvalidated = true;//}            String referer = httpRequest.getHeader("referer");                        if (null != referer || UrlNotvalidated){                  if (session == null || !"true".equals(isLogin)) {//    System.out.println(request.getParameter("method"));    if(null != request.getParameter("method") && request.getParameter("method").startsWith("psg")){    filterChain.doFilter(request, response);    }else{    httpRequest.setAttribute("notUserSession","Y");        httpResponse.sendRedirect(errorUrl);    }        } else {   filterChain.doFilter(request, response);   }            } else {httpResponse.sendRedirect(errorUrl);            }} catch (Exception ex) {log.error(ex);ex.printStackTrace();}}public void destroy() {}}