Spring MVC Interceptor resolves session timeout configuration process

Recently in the company internal framework of the session timeout is not implemented, due to the IFRAME structure, after the session timeout, when clicking on the left System menu, the right side of the IFRAME will pop up the landing box.

The problem is caused by not setting the interceptor.

Add Interceptor Idea: When the session timeout, the user click on the menu, you need to use interceptor to intercept the preceding paragraph, and determine if there is still user information in the session, if not present, it will be designated landing page.

The following code:

1) First add the mvc:interceptor tag to the applicationcontext-mvc.xml.

        <!--session Timeout Interceptor--><mvc:interceptors><mvc:interceptor><mvc:mapping path= "/*/* "/><bean class=" Com.lenovo.lstp.mam.interceptor.SessionTimeoutInterceptor "><property name=" Allowurls ">          <list>            <value>/login/login.do</value>            <value>/common/language.do< /value>          </list>       </property>      </BEAN></MVC:INTERCEPTOR></MVC: interceptors><!--Exception handler-    <bean id= "Handlerexceptionresolver" class= "    Org.springframework.web.servlet.handler.SimpleMappingExceptionResolver ">    <property name=" Exceptionmappings ">    <props>    <prop key=" Com.lenovo.lstp.mam.exception.SessionTimeoutException ">/blank</prop>    </props>    </ Property>    </bean>

The above code first creates an interceptor named Sessiontimeoutinterceptor in the system's internal package, and specifies that the allowed access URL is a collection in list.

When the user logs in from this address, no interception is required.

Sessiontimeoutexception the exception is thrown when the intercept is in effect.

and enter the Blank.jsp page.

2) The second step is to create the Interceptor Sessiontimeoutinterceptor, the code is as follows:

/** * Session timeout, intercept access *  */public boolean prehandle (httpservletrequest request,httpservletresponse response, Object Handler) throws Exception {string requesturl = Request.getrequesturi (); for (String url:allowurls) {if ( Requesturl.endswith (URL)) {return true;}} String session = (string) webutils.getsessionattribute (Request, "username"); if (session! = NULL) {return true;} else {throw new sessiontimeoutexception ();}}

In addition to the URL that is allowed, any other URL, as long as no check to the existence of the session, it will throw sessiontimeoutexception, used to point to the landing page, sessiontimeoutexception no need to write any action.

3) Because the IFRAME layout will cause the login box embedded problem, so can be implemented in the following way, the code is as follows:

  var session = "${user}";  if ("" = = Session) {  top.location = "transfer.jsp";  }  if (null = = session) {  top.location = "transfer.jsp";  }

Introduce a relay page transfer.jsp in blank.jsp. This page is used for post jump, again to request login.do.

Top.location is displayed on the main page rather than in an inline page.

4) The fourth step requires two login.do requests, the code is as follows:

<script type= "Text/javascript" >$ (document). Ready (function () {document.transfer.submit ();}); </script><body><form name= "Transfer" action= "Login/login.do" method= "POST" ></form></ Body>

When the page is entered, the Login.do request is automatically submitted, but the operation can be judged in logincontroll because the page allows login.do entry.

The code is as follows:

/* After session timeout, check dto ' s username, and return login.jsp. */if (dto.getusername () = = null) {Modelandview MV = new Modelandview ("login"); return MV;}

In the login method, the judgment is introduced, and the information of two accesses to the controll is judged, and if the user name is not, the login.jsp page is automatically re-entered.

At this point, it is done, if the landing page has other links, you can allowurl to configure.

Spring MVC Interceptor resolves session timeout configuration process