SpringMVC中Session超时拦截器配置
来源:互联网 发布:数据库防护 编辑:程序博客网 时间:2024/06/05 20:05
1、在spring配置文件中配置对应的拦截器,下面是我的拦截器配置
-
- <mvc:interceptors>
-
- <mvc:interceptor>
- <mvc:mapping path="/*/*" />
- <bean class="tm.change.www.interceptor.SessionTimeoutInterceptor">
- <property name="allowUrls">
- <list>
-
- <value>/login</value>
- <value>/js</value>
- <value>/css</value>
- <value>/image</value>
- <value>/images</value>
- </list>
- </property>
- </bean>
- </mvc:interceptor>
- </mvc:interceptors>
2、写出对应的sessionTimeoutInterceptor类- /**
- * session拦截器
- *
- * @author tianyong
- *
- */
- public class SessionTimeoutInterceptor implements HandlerInterceptor {
-
- public String[] allowUrls;// 还没发现可以直接配置不拦截的资源,所以在代码里面来排除
-
- public void setAllowUrls(String[] allowUrls) {
- this.allowUrls = allowUrls;
- }
-
- @Override
- public void afterCompletion(HttpServletRequest arg0,
- HttpServletResponse arg1, Object arg2, Exception arg3)
- throws Exception {
- // TODO Auto-generated method stub
-
- }
-
- @Override
- public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
- Object arg2, ModelAndView arg3) throws Exception {
- // TODO Auto-generated method stub
-
- }
-
- @Override
- public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object arg2) throws Exception {
- String requestUrl = request.getRequestURI().replace(request.getContextPath(), "");
- // System.out.println(requestUrl);
- if (null != allowUrls && allowUrls.length >= 1)
- for (String url : allowUrls) {
- if (requestUrl.contains(url)) {
- return true;
- }
- }
- User user = (User) request.getSession().getAttribute("user");
- if (user != null) {
- return true; // 返回true,则这个方面调用后会接着调用postHandle(), afterCompletion()
- } else {
- // 未登录 跳转到登录页面
- throw new SessionTimeoutException();// 返回到配置文件中定义的路径
- }
- }
-
- }
3、因为未登录的时候我们抛出了一个错误,我们可以在配置文件中拦截这个错误,已完成session销毁跳转-
- <bean id="exceptionResolver"
- class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
- <property name="exceptionMappings">
- <props>
- <prop key="tm.change.www.interceptor.SessionTimeoutException">redirect:../index.jsp</prop>
- </props>
- </property>
- </bean>
而SessionTimeoutException只有一个类的壳子就行,继承exception,主要作用是出错之后跳转到index页面4、此方法在iframe中登录页面将会在子窗口中打开,这是一个问题,还没有解决
5、另一种方法如下
- /**
- * spring拦截器
- * @author tianyong
- *
- */
- public class SecurityInterceptor implements HandlerInterceptor{
-
- public String[] allowUrls;// 还没发现可以直接配置不拦截的资源,所以在代码里面来排除
-
- public void setAllowUrls(String[] allowUrls) {
- this.allowUrls = allowUrls;
- }
-
- @Override
- public void afterCompletion(HttpServletRequest arg0,
- HttpServletResponse arg1, Object arg2, Exception arg3)
- throws Exception {
- // TODO Auto-generated method stub
-
- }
-
- @Override
- public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
- Object arg2, ModelAndView arg3) throws Exception {
- // TODO Auto-generated method stub
-
- }
-
- @Override
- public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object arg2) throws Exception {
- String requestUrl = request.getRequestURI().replace(request.getContextPath(), "");
- response.setContentType("text/html; charset=utf-8");
- HttpSession session = request.getSession(true);
- // System.out.println(requestUrl);
- if (null != allowUrls && allowUrls.length >= 1)
- for (String url : allowUrls) {
- if (requestUrl.contains(url)) {
- return true;
- }
- }
- Object obj = session.getAttribute(SystemConstants.SEESION_IUSER);
- if (obj == null || "".equals(obj.toString())) {
- // throw new SessionTimeoutException();// 返回到配置文件中定义的路径
- // response.sendRedirect(SystemConstants.LOGIN_URL);
- PrintWriter out = response.getWriter();
- StringBuilder builder = new StringBuilder();
- builder.append("<script type=\"text/javascript\" charset=\"UTF-8\">");
- builder.append("alert(\"页面过期,请重新登录\");");
- builder.append("window.top.location.href=\""+SystemConstants.LOGIN_URL+"\"");
- builder.append("</script>");
- out.print(builder.toString());
- out.close();
-
- }
- return true; // 返回true,则这个方面调用后会接着调用postHandle(), afterCompletion()
- }
以上解决了iframe中登录页面出现位置错误问题,当session超时时候用js强制跳转到登录页面中
转自:http://blog.csdn.net/top_y/article/details/50817399
0 0