过滤器 filter 和 监听器 listener

原创 于 2011-01-20 13:08:46 发布 · 151 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#Servlet #JSP #Web #JDBC #XML

本文介绍了一种基于Java的Web应用程序中的会话管理方案,通过自定义的过滤器(filter)和监听器(listener)实现用户登录状态的检查及session销毁时的操作。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

一、 filter

web.xml

<filter>
  	<filter-name>SessionInvalidate</filter-name>
  	<filter-class>com.sysoft.baselib.web.SessionCheckFilter</filter-class>
  	<init-param>
  		<param-name>checkSessionKey</param-name>
  		<param-value>APP_SESSION_TOKEN</param-value>
  	</init-param>
  	<init-param>
  		<param-name>redirectURL</param-name>
  		<param-value>/sessionInvalidate.jsp</param-value>
  	</init-param>
  	<init-param>
  		<param-name>notCheckURLList</param-name>
  		<param-value>/login.jsp,/logon.do,/logout.jsp,/Index2/index.jsp,/sessionInvalidate.jsp,/Index2/maintop.jsp,/html.jsp</param-value>
  	</init-param>
  </filter>
  <filter-mapping>
  	<filter-name>SessionInvalidate</filter-name>
  	<url-pattern>*.do</url-pattern>  	
  </filter-mapping>
   <filter-mapping>
  	<filter-name>SessionInvalidate</filter-name>
  	<url-pattern>*.jsp</url-pattern>  	
  </filter-mapping>
  
package com.sysoft.baselib.web;

import java.io.IOException;
import java.util.HashSet;
import java.util.Set;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**      
* 用于检测用户是否登陆的过滤器,如果未登录,则重定向到指的登录页面       
* 配置参数            
* checkSessionKey 需检查的在 Session 中保存的关键字      
* redirectURL 如果用户未登录,则重定向到指定的页面,URL不包括 ContextPath       
* notCheckURLList 不做检查的URL列表,以分号分开,并且 URL 中不包括 ContextPath  
*/    
public class SessionCheckFilter implements Filter {
	protected FilterConfig filterConfig = null;
	private String redirectURL = null;
	private Set notCheckURLList = new HashSet();
	private String sessionKey = null;

	public void doFilter(ServletRequest servletRequest,
			ServletResponse servletResponse, FilterChain filterChain)
			throws IOException, ServletException {
		HttpServletRequest request = (HttpServletRequest) servletRequest;
		HttpServletResponse response = (HttpServletResponse) servletResponse;

		HttpSession session = request.getSession();
		if (sessionKey == null) {
			filterChain.doFilter(request, response);
			return;
		}
		if ((!checkRequestURIIntNotFilterList(request))
				&& session.getAttribute(sessionKey) == null) {
			response.sendRedirect(request.getContextPath() +redirectURL);
			return;
		}
		filterChain.doFilter(servletRequest, servletResponse);
	}

	public void destroy() {
		notCheckURLList.clear();
	}

	private boolean checkRequestURIIntNotFilterList(HttpServletRequest request) {
		String uri = request.getServletPath()
				+ (request.getPathInfo() == null ? "" : request.getPathInfo());
		String temp = request.getRequestURI();
		temp= temp.substring(request.getContextPath().length()+1);
		//System.out.println("是否包括:"+uri+";"+notCheckURLList+"=="+notCheckURLList.contains(uri));
		return notCheckURLList.contains(uri);
		
	}

	public void init(FilterConfig filterConfig) throws ServletException {
		this.filterConfig = filterConfig;
		redirectURL = filterConfig.getInitParameter("redirectURL");
		sessionKey = filterConfig.getInitParameter("checkSessionKey");

		String notCheckURLListStr = filterConfig
				.getInitParameter("notCheckURLList");
		if(notCheckURLListStr != null){
			System.out.println(notCheckURLListStr);
			String[] params = notCheckURLListStr.split(",");
			for(int i=0;i<params.length;i++){
				notCheckURLList.add(params[i].trim());
			}
		}
		
	}
}
 

 

 

二、 listener

web.xml 

 <listener>
		<listener-class>com.sysoft.syoa.listener.MyHttpSessionListener</listener-class>
	</listener>
  
package com.sysoft.syoa.listener;

import java.util.ArrayList;
import java.util.Date;
import java.util.List;

import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;

import com.sysoft.baseform.process.outer.DateUtil;
import com.sysoft.baselib.database.JdbcManager;
import com.sysoft.web.util.SessionToken;
import com.sysoft.web.util.SessionTokenHelper;

public class MyHttpSessionListener implements HttpSessionListener {

	public void sessionCreated(HttpSessionEvent arg0) {
		// TODO 新建没关系的。不做任何处理
		
	}
	/**
	 * 如果session将要丢失,需要执行江苏的解锁动作。
	 */
	public void sessionDestroyed(HttpSessionEvent event) {
		HttpSession session = event.getSession();
		long createTimeLong = session.getCreationTime();
		Date date = new Date(createTimeLong);
		System.err.println("Session的创建时间:"+DateUtil.dateToString(date)+";失效时间:"+DateUtil.dateToString(new Date()));
		Object obj = session.getAttribute(SessionTokenHelper.TOKEN_NAME);
		if(obj instanceof SessionToken){
			//如果是这个对象才执行操作
			SessionToken token = (SessionToken)obj;
			String userId = token.getUserId();
			if(userId != null && !"".equals(userId)){
				System.err.println("失效的用户:"+userId);
				List sqls = new ArrayList();
				sqls.add("update js_fw a set a.curr_read_person='' where a.curr_read_person='"+userId+"'");
				sqls.add("update js_lw a set a.curr_read_person='' where a.curr_read_person='"+userId+"'");
				JdbcManager jdbc = new JdbcManager();
				boolean flag = jdbc.executeTrans(sqls);
				System.err.println("Session失效,解锁"+userId+"结果为:"+flag);
			}
		}
	}

}
 

 

 

 

 

 

 

 

 

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值