Session超時處理

 

1、web.xml 添加配置：

    <!-- session超時 --> 
    <filter>
        <filter-name>sessionFilter</filter-name>
        <filter-class>com.dayhro.platform.filter.SessionTimeoutFilter</filter-class>
      </filter>
      <filter-mapping>
        <filter-name>sessionFilter</filter-name>
        <url-pattern>/*</url-pattern>
      </filter-mapping>

2、sessionfilter.properties

#***********************************
#     sessionouttimefilter配置
#***********************************
#判斷以下的數據，攔截器直接跳過；以逗號分隔；
allowUrls=login.do,login.jsp,logout.do,404.html,500.html,getSmsCode.do,codeCallBack.do,error.jsp
#判斷以下后綴名，也直接跳過；以逗號分隔；
suffix=js,css,jpg,jpeg,ico,png,zip,swf,xml,gif,ftl,php,apk,ipa,rar,mp3,wav,rmvb,doc,xls,ppt,woff,ttf
hippsuffix=/sso/to_hippo.jsp
#移動端請求放行
mobilesuffix=/mobile/
#WEBSERVICE請求放行
webservicesuffix=/webws/
#客戶指引請求放行
guidancesuffix=/guidance/
#與外包會話保持線程，每十分鍾一次
#baseUrl=http://localhost:80
chinese=\u4E2D\u6587

3、SessionTimeoutFilter：

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang.StringUtils;

import com.dayhr.web.util.PropertiesCommonUtil;
import com.dayhr.web.util.StringUtil;

/**
 * 
 * @ClassName：SessionTimeoutFilter
 * @Description: session超時處理 
 * @author： 
 * @date：2016年9月19日 下午7:59:25 
 * @version
 */
public class SessionTimeoutFilter implements Filter {

    private Map<String, String> map = new HashMap<String, String>();
    private Map<String, String> suffixmap = new HashMap<String, String>();
    private static String loginUrl;
    
    static{
        loginUrl = PropertiesCommonUtil.getValue("/properties/orgServer.properties", "login.url");
    }
    
    @Override
    public void destroy() {
        
    }
    
    /**
     * 監聽
     */
    @Override
    public void doFilter(ServletRequest request, ServletResponse response,
            FilterChain chain) throws IOException, ServletException {
        
        HttpServletRequest httpRequest = (HttpServletRequest)request;
        HttpServletResponse httpResponse = (HttpServletResponse)response;
        
        String contextPath=httpRequest.getContextPath(); 
        String requestUrl=httpRequest.getRequestURI().replace(contextPath, "");
        
        if(requestUrl.indexOf(";")>-1){
            requestUrl = requestUrl.substring(0, requestUrl.indexOf(";")); //獲取分號之前的字符串
        }
        
        //當遇到不須過濾的直接跳過
        if(/*"/".equals(requestUrl)||*/requestUrl.contains("//") 
            || map.get(StringUtil.parseSuffix(requestUrl,"url"))!=null
            || suffixmap.get(StringUtil.parseSuffix(requestUrl,"suffix"))!=null)
        {
            //可以跳過
            chain.doFilter(request, response);
            return ;
        }
        
        HttpSession httpSession = httpRequest.getSession();
        if(httpSession == null || httpSession.getAttribute("userInfo") == null){
            //String userAgent = httpRequest.getHeader("User-Agent");
            String ajax = httpRequest.getHeader("X-Requested-With"); //XMLHttpRequest為ajax請求
            
            if(StringUtils.isNotBlank(ajax)){ // ajax請求 
                httpResponse.setHeader("sessionstatus", "timeout"); 
                //httpRequest.getRequestDispatcher("/user/sessionTimeoutWeb").forward(httpRequest, httpResponse);
            } else {
                if("/index.jsp".equals(requestUrl)){
                     httpRequest.getRequestDispatcher("/index.jsp").forward(httpRequest, httpResponse);
                }else{
                     httpResponse.sendRedirect(loginUrl+"/logout?source=dayHRO");
                }
            }
        }else{
            chain.doFilter(httpRequest, httpResponse);
        }
    }
    
    /**
     * 初始化操作
     */
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        
        //獲取過濾不用進行攔截的URL
        Properties properties = PropertiesCommonUtil.readPropertiesFile("/properties/sessionfilter.properties");
        String allowUrls = properties.getProperty("allowUrls");
        String suffixs = properties.getProperty("suffix");
        
        if (allowUrls != null) {
            String[] st = allowUrls.split(",");
            map.clear();
            for (String s : st) {
                map.put(s, s);
            }
        }
        if (suffixs != null) {
            String[] str = suffixs.split(",");
            suffixmap.clear();
            for (String s : str) {
                suffixmap.put(s, s);
            }
        }
    }
    
}

 

4、jsp頁面：

//session失效登出
    $.ajaxSetup({
        contentType: "application/x-www-form-urlencoded;charset=utf-8"
        ,complete: function (XMLHttpRequest, textStatus) {
            var sessionstatus = XMLHttpRequest.getResponseHeader("sessionstatus"); // 通過XMLHttpRequest取得響應頭，sessionstatus， 
            if (sessionstatus == "timeout") {
                // 如果超時就處理 ，指定要跳轉的頁面 
                window.location.href = "/dayhro-web/DayhroLogin/logout";
            }
        }
    });