1) sessionvalidatefilter checks whether the session times out.
2) check whether the request is an Ajax request in sessionvalidatefilter.
3) When an Ajax request session times out, a JSON {"statuscode": "301", "message": "Session Timeout! is returned! Please re-sign in! "}
4) The dwz JS framework is based on statuscode = 301. The processing is to jump to the login page or pop up the Login Dialog
Java Server processing:
Modify in sessionvalidatefilter:
if ("XMLHttpRequest".equalsIgnoreCase(request.getHeader("X-Requested-With")) || request.getParameter("ajax") != null) {PrintWriter out = response.getWriter();out.println({"statusCode":"301", "message":"Session Timeout! Please re-sign in!"});} else {response.sendRedirect(response.encodeRedirectURL(this.loginUrl + java.net.URLEncoder.encode(backToUrl, "UTF-8")));}
JS client processing:
When the session times out, the login page is displayed or the Login Dialog is displayed. It is set during dwz UI initialization:
<SCRIPT type = "text/JavaScript"> $ (function () {dwz. init ("dwz. frag. XML ", {// loginurl:" loginsub.html ", logintitle:" Logon ", // The loginurl:" login.html "dialog box appears, // jump to the statuscode: {OK: 200, error: 300, timeout: 301}, // [Optional] pageinfo: {pagenum: "pagenum", numperpage: "numperpage", orderfield: "orderfield", orderdirection: "orderdirection"}, // [Optional] Debug: false, // debug mode [true | false] callback: function () {initenv (); $ ("# themelist "). theme ({themebase: "themes"}) ;}}) ;}); </SCRIPT>
Ajax load page fragment processing:
Ajax requests use the dwz loadurl () method in a unified manner, and do not use the load () method that comes with jquery ().
When the client calls loadurl () and the session times out, it will jump to the login page or pop up the Login Dialog.
Session Timeout pop-up logon dialog notes:
The entire browser is covered by a dialog with a shielded layer. The content of the browser window cannot be changed, but a logon box and a background layer are added to the browser window.
After the user enters username and password to log on successfully, the logon box and background layer are removed. You can continue with the operation.
Alert error message indicating logon failure. The content in the browser window remains unchanged.
See the dwz. Core. js code snippet.
loadUrl: function(url,data,callback){var $this = $(this);$.ajax({type: 'POST',url: url,cache: false,data: data,success: function(response){var json = DWZ.jsonEval(response);if (json.statusCode==DWZ.statusCode.timeout){alertMsg.error(DWZ.msg("sessionTimout"), {okCall:function(){DWZ.loadLogin();}});} if (json.statusCode==DWZ.statusCode.error){if (json.message) alertMsg.error(json.message);} else {$this.html(response).initUI();if ($.isFunction(callback)) callback(response);}},error: DWZ.ajaxError});}
Ajax post form data processing:
When the client Ajax submits forms, the principle is similar to that of Ajax load.
See the dwz. Core. js code snippet.
ajaxDone:function (json){ if(json.statusCode == DWZ.statusCode.error) { if(json.message && alertMsg) alertMsg.error(json.message); } else if (json.statusCode == DWZ.statusCode.timeout) { if(json.message && alertMsg) alertMsg.error(json.message, {okCall:DWZ.loadLogin}); else DWZ.loadLogin(); } else { if(json.message && alertMsg) alertMsg.correct(json.message); }; }
Note:
The Ajax request session times out. The server returns a JSON string, and the others are handled by the dwz JS framework. The server only needs to return the following JSON string when the Ajax request session times out:
{"statusCode":"301", "message":"Session Timeout! Please re-sign in!"}