Perfect solution to the problem of Session failure during ajax access, ajaxsession
Recently, due to a project, the module switches to ajax request data. When the Session fails, there is no return value after the ajax request, and only the response html:
Currently, Ajax is widely used in Web projects and is almost ubiquitous. This poses another problem: What should I do when an Ajax request encounters Session Timeout?
Obviously, the traditional page Jump is no longer applicable here, because Ajax requests are initiated by the XMLHTTPRequest object rather than the browser, and the page jump after the verification fails cannot be reflected in the browser, because the information returned (or output) by the server is received by JavaScript (XMLHTTPRequest object.
So how should we deal with this situation?
Method
Since the message returned by the server is received by the XMLHTTPRequest object and the XMLHTTPRequest object is under JavaScript control, can we use JavaScript to redirect the page?
Of course you can, and it is easy to implement! However, we need to determine whether the HTTP request is an Ajax request (because AJAX requests and common requests need to be processed separately). How can we determine this? In fact, Ajax requests are different from normal HTTP requests. This is reflected in the header information of the HTTP request, as shown below:
The above two images are captured by Firebug of Firefox. The former is the common HTTP request header information, and the latter is the request header information of the Ajax request. Note that the first image is circled in red. This is the difference between an Ajax request and a common request. The AJAX Request Header carries the X-Requested-With information and its value is XMLHttpRequest, this is what we can use.
The following describes how to implement the Code.
Interceptor Filter
When using Struts2, we generally use Interceptor (Interceptor) to intercept permissions.
Part of the interceptor code:
Public String intercept (ActionInvocation invocation) throws Exception {// TODO Auto-generated method stub ActionContext ac = invocation. getInvocationContext (); HttpServletRequest request = (HttpServletRequest) ac. get (StrutsStatics. HTTP_REQUEST); String requestType = request. getHeader ("X-Requested-With"); System. out. println ("++ reqestType:" + requestType); HttpServletResponse resp Onse = (HttpServletResponse) ac. get (StrutsStatics. HTTP_RESPONSE); // String basePath = request. getContextPath (); String path = request. getContextPath (); String basePath = request. getScheme () + ": //" + request. getServerName () + ":" + request. getServerPort () + path; // obtain the session Map session = ac. getSession (); // determines whether a session exists and whether the user information in the session exists. if yes, you do not need to intercept if (session! = Null & session. get (Constants. FE_SESSION_BG_USER )! = Null & session. get (Constants. FE_SESSION_BG_AUTH )! = Null) {System. out. println (invocation. getProxy (). getActionName () + "++"); System. out. println ("namespace:" + invocation. getProxy (). getNamespace (); // access path String visitURL = invocation. getProxy (). getNamespace () + "/" + invocation. getProxy (). getActionName () + Constants. FE_STRUTS_ACTION_EXTENSION; visitURL = visitURL. substring (1); Map <String, Object> authMap = (Map <String, Object>) Session. get (Constants. FE_SESSION_BG_AUTH); Map <Integer, String> actionMap = (Map <Integer, String>) authMap. get (Constants. FE_BG_ACTIONMAP); if (actionMap! = Null &&! ActionMap. isEmpty () & visitURL! = Null) {if (actionMap. containsValue (visitURL) {System. out. println (visitURL + "-----------------------"); return invocation. invoke ();} else {String forbidden = basePath + Constants. FE_BG_FORBIDDEN; response. sendRedirect (forbidden); return null ;}} return invocation. invoke ();} else {if (StringUtils. isNotBlank (requestType) & requestType. equalsIgnoreCase ("XMLHttpRequest") {response. setHeader ("sessionstatus", "timeout"); response. sendError (518, "session timeout. "); return null;} else {String actionName = invocation. getProxy (). getActionName (); System. out. println (actionName); // if the intercepted actionName is loginUI or login, no processing is performed. Otherwise, the request is redirected to the logon page if (StringUtils. isNotBlank (actionName) & actionName. equals (Constants. FE_BG_LOGINUI) {return invocation. invoke ();} else if (StringUtils. isNotBlank (actionName) & actionName. equals (Constants. FE_BG_LOGIN) {return invocation. invoke ();} else {String login = basePath + "/" + Constants. FE_BG_LOGIN_NAMESPACE + "/" + Constants. FE_BG_LOGINUI + Constants. FE_STRUTS_ACTION_EXTENSION; // System. out. println ("++ basePath:" + basePath ); // response. sendRedirect (login); PrintWriter out = response. getWriter (); // out. println ("
The code above shows that when Session verification fails (that is, the Session times out), we use HttpServletRequest to obtain the value of the request header information X-Requested-With. If it is not null and is equal to XMLHttpRequest, this indicates that the request is an Ajax request. The response is to add a header to the response (custom) and make the response object HttpServletResponse return the server error message (518 status is defined by yourself); this information will be received by JavaScript, so the following work will be done by JavaScript code.
Javascript code
$. The ajaxSetup method is used to set the default options for AJAX requests. We can consider it a global option setting. Therefore, we can refer this code to the external JS file and reference it on the required page.
/*** Set the default options for future (global) AJAX requests * mainly sets the case where AJAX requests encounter Session expiration */$. ajaxSetup ({type: 'post', complete: function (xhr, status) {var sessionStatus = xhr. getResponseHeader ('sessionstatus'); if (sessionstatus = 'timeout') {var top = getTopWinow (); var yes = confirm ('because you haven't performed this operation for a long time, the session has expired. Please log on again. '); if (yes) {top. location. href = '/skynk/index.html ';}}}}); /*** obtain the top-level window from any nested window on the page * @ return the top-level window object on the current page */fu Nction getTopWinow () {var p = window; while (p! = P. parent) {p = p. parent;} return p ;}
The above perfectly solves the problem of Session failure during ajax access, that is, all the content shared by the editor. I hope to give you a reference and support for the customer's house.