本文介绍了一种基于Ext.Ajax的前端会话超时处理方法,并通过后端过滤器实现对未登录状态的页面访问控制。具体实现包括前端检测到会话超时后引导用户重新登录,以及后端对特定资源路径的访问权限检查。
1、前台ext
Ext.Ajax.on('requestcomplete',function checkUserSessionStatus(conn,response,options){
//Ext重新封装了response对象
if(response.getResponseHeader('Timeout')
== 'true'){
//发现请求超时,退出处理代码...
Ext.MessageBox.confirm('Confirm', "Your session has time out, please log on again.", function(btn, text){
window.location.href="login.jsp";
}
);
}
}, this);
2、后台filter:
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
// pass the request along the filter chain
logger.info("LoginFiler..beginAdd....");
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse)response;
String servletPath = req.getServletPath();
System.out.println("ServletPath: "+req.getServletPath() +" req.getRequestURI(): "+req.getRequestURI() +" getContextPath: "+req.getContextPath());
if(req.getSession().getAttribute("userInfo")!=null||servletPath.equals("/loginAction.action")||servletPath.equals("/login.jsp"))
{
System.out.println("continue....");
chain.doFilter(request,response) ;
}
else if(servletPath.contains(".action"))//
{
res.addHeader("Timeout", "true");
request.getRequestDispatcher("/jsp/common/outOfTime.jsp").forward(req,res);
}
else{
request.getRequestDispatcher("/login.jsp").forward(request,response);
// res.sendRedirect(req.getContextPath()+"/login.jsp");
}
}
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
