SpringMVC中Session超时拦截器配置
1、在Spring配置文件中配置对应的拦截器,下面是我的拦截器配置
<!-- 拦截器配置 --> <mvc:interceptors> <!-- session超时 --> <mvc:interceptor> <mvc:mapping path="/*/*" /> <bean class="tm.change.www.interceptor.SessionTimeoutInterceptor"> <property name="allowUrls"> <list> <!-- 如果请求中包含以下路径,则不进行拦截 --> <value>/login</value> <value>/js</value> <value>/css</value> <value>/image</value> <value>/images</value> </list> </property> </bean> </mvc:interceptor> </mvc:interceptors>
2、写出对应的sessionTimeoutInterceptor类
/**
* session拦截器
*
* @author tianyong
*
*/
public class SessionTimeoutInterceptor implements HandlerInterceptor {
public String[] allowUrls;// 还没发现可以直接配置不拦截的资源,所以在代码里面来排除
public void setAllowUrls(String[] allowUrls) {
this.allowUrls = allowUrls;
}
@Override
public void afterCompletion(HttpServletRequest arg0,
HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
// TODO Auto-generated method stub
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
Object arg2, ModelAndView arg3) throws Exception {
// TODO Auto-generated method stub
}
@Override
public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object arg2) throws Exception {
String requestUrl = request.getRequestURI().replace(request.getContextPath(), "");
// System.out.println(requestUrl);
if (null != allowUrls && allowUrls.length >= 1)
for (String url : allowUrls) {
if (requestUrl.contains(url)) {
return true;
}
}
User user = (User) request.getSession().getAttribute("user");
if (user != null) {
return true; // 返回true,则这个方面调用后会接着调用postHandle(), afterCompletion()
} else {
// 未登录 跳转到登录页面
throw new SessionTimeoutException();// 返回到配置文件中定义的路径
}
}
}3、因为未登录的时候我们抛出了一个错误,我们可以在配置文件中拦截这个错误,已完成session销毁跳转
<!-- 自定义异常处理,SimpleMappingExceptionResolver这个类可以是个空类,但是要写,方便在java代码里面使用 --> <bean id="exceptionResolver" class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver"> <property name="exceptionMappings"> <props> <prop key="tm.change.www.interceptor.SessionTimeoutException">redirect:../index.jsp</prop> </props> </property> </bean>
而SessionTimeoutException只有一个类的壳子就行,继承exception,主要作用是出错之后跳转到index页面
4、此方法在iframe中登录页面将会在子窗口中打开,这是一个问题,还没有解决
5、另一种方法如下
/**
* spring拦截器
* @author tianyong
*
*/
public class SecurityInterceptor implements HandlerInterceptor{
public String[] allowUrls;// 还没发现可以直接配置不拦截的资源,所以在代码里面来排除
public void setAllowUrls(String[] allowUrls) {
this.allowUrls = allowUrls;
}
@Override
public void afterCompletion(HttpServletRequest arg0,
HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
// TODO Auto-generated method stub
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
Object arg2, ModelAndView arg3) throws Exception {
// TODO Auto-generated method stub
}
@Override
public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object arg2) throws Exception {
String requestUrl = request.getRequestURI().replace(request.getContextPath(), "");
response.setContentType("text/html; charset=utf-8");
HttpSession session = request.getSession(true);
// System.out.println(requestUrl);
if (null != allowUrls && allowUrls.length >= 1)
for (String url : allowUrls) {
if (requestUrl.contains(url)) {
return true;
}
}
Object obj = session.getAttribute(SystemConstants.SEESION_IUSER);
if (obj == null || "".equals(obj.toString())) {
// throw new SessionTimeoutException();// 返回到配置文件中定义的路径
// response.sendRedirect(SystemConstants.LOGIN_URL);
PrintWriter out = response.getWriter();
StringBuilder builder = new StringBuilder();
builder.append("<script type="text/javascript" charset="UTF-8">");
builder.append("alert("页面过期,请重新登录");");
builder.append("window.top.location.href=""+SystemConstants.LOGIN_URL+""");
builder.append("</script>");
out.print(builder.toString());
out.close();
}
return true; // 返回true,则这个方面调用后会接着调用postHandle(), afterCompletion()
}以上解决了iframe中登录页面出现位置错误问题,当session超时时候用js强制跳转到登录页面中
声明:该文观点仅代表作者本人,牛骨文系教育信息发布平台,牛骨文仅提供信息存储空间服务。
