Ajax Session failure to jump to the login page, ajaxsession
In Struts applications, all requests are processed by the corresponding Interceptor. Generally, there is a user login interception (Session failure interception). For general requests, if the Session fails, we will jump to the login page, but if we use AJAX requests, the HTML code of the login page will be returned. This is definitely not what we want, so how can we solve it? Follow these steps:
1. Create an interceptor
package com.xxx.planeap.interceptor;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import org.apache.log4j.Logger;import org.apache.struts2.ServletActionContext;import com.opensymphony.xwork2.ActionContext;import com.opensymphony.xwork2.ActionInvocation;import com.opensymphony.xwork2.ActionSupport;import com.opensymphony.xwork2.interceptor.AbstractInterceptor;import com.xxx.common.contants.ConstantsKey;import com.xxx.common.contants.SessionKey;import com.xxx.planeap.domain.User;import com.xxx.planeap.security.SecurityContextUtil;/*** * @author Goma OMA1989@YEAH.NET* @version v1.0* @since 2012-05-31* */public class SecurityInterceptor extends AbstractInterceptor {private static final long serialVersionUID = 1L;private Logger logger = Logger.getLogger(SecurityInterceptor.class);@Overridepublic String intercept(ActionInvocation invocation) throws Exception {// TODO Auto-generated method stubString className = invocation.getAction().getClass().getName();String action = className.substring(className.lastIndexOf(".")+1,className.length());String actionName = invocation.getProxy().getActionName();String result;HttpServletRequest request = ServletActionContext.getRequest();HttpServletResponse response = ServletActionContext.getResponse();String type = request.getHeader("X-Requested-With");User user = (User) ActionContext.getContext().getSession().get(SessionKey.CURRENT_USER);if (user == null) {logger.debug("SECURITY CHECKED: NEED TO LOGIN");if ("XMLHttpRequest".equalsIgnoreCase(type)) {// AJAX REQUEST PROCESSresponse.setHeader("sessionstatus", ConstantsKey.MSG_TIME_OUT);result = null;} else {// NORMAL REQUEST PROCESSresult = ActionSupport.LOGIN;}} else {logger.debug("SECURITY CHECKED: USER HAS LOGINED");SecurityContextUtil.setCurrentUser(user);boolean hanPerm = SecurityContextUtil.hasPerm(action, actionName);logger.debug("SECURITY CHECKED: PERMISSION---"+action+"."+actionName+"="+hanPerm);result = invocation.invoke();}return result;}}
Ii. Define the processing method for global AJAX request termination
// Global AJAX access. The SESSION times out when AJAX is cleared $. ajaxSetup ({contentType: "application/x-www-form-urlencoded; charset = UTF-8", complete: function (XMLHttpRequest, textStatus) {// get the response header Through XMLHttpRequest, sessionstatus var sessionstatus = XMLHttpRequest. getResponseHeader ("sessionstatus"); if (sessionstatus = "timeout") {// how can I handle it here? The logon page window is redirected here. location. replace (PlanEap. getActionURI ("login "));}}});
That is, if a request is intercepted when ajax sends a request, the request is redirected. Otherwise, the request is executed normally.