Shiro Interceptor to implement session expiration blocking AJAX request processing

Interceptor Code:

Package com.xlqh.outlook.shirofilter;
Import java.io.IOException;
Import Org.apache.shiro.web.filter.PathMatchingFilter;
Import com.xlqh.outlook.MyShiroConstants.MyShiroConstants;
Import com.xlqh.outlook.SessionManagement.SessionManagement;
Import Com.xlqh.outlook.entity.yuuser;
Import Javax.servlet.ServletRequest;
Import Javax.servlet.ServletResponse;
Import Javax.servlet.http.HttpServletRequest;

Import Javax.servlet.http.HttpServletResponse; Custom Interceptor, session expires AJAX processing public class Sessionexpiredfilter extends Pathmatchingfilter {@Override protected B Oolean Onprehandle (servletrequest request, servletresponse response, Object mappedvalue) throws Exception {Yuu    
         SER sys = (yuuser) sessionmanagement.getsession (Myshiroconstants.session_user);
            if (sys==null) {SYSTEM.OUT.PRINTLN ("session expires"); if ("XMLHttpRequest". Equalsignorecase (((httpservletrequest) request). GetHeader ("X-requested-with")) {//a
       Sesson Treatment of Jax         Return status Code onloginfail (response);
                return false;   
            } else{//Normal processing, directly to the next interceptor return true;
    }} return true; }//session expires to 403 status code private void Onloginfail (Servletresponse response) throws IOException {Httpservletr
        Esponse HttpResponse = (httpservletresponse) response;
        Httpresponse.setstatus (403);
    Httpresponse.getwriter (). Write ("Session timed out");

 }


}

The front page needs to be processed globally, and jquery-based AJAX requests will be blocked

The Global JS fragment:

var timeoutlogin= "/login?code=22";

    $.ajaxsetup ({
        contentType: "Application/x-www-form-urlencoded;charset=utf-8",
        Cache:false,
        complete : function (data, TS) {
            //debugger The data to be returned
            ;
            403 is the background interceptor defined,
            if (data.status = = 403) {
                //session expired, the location to a page
                location.href=timeoutlogin;
                return;}}
    );

JS for Ajax requests:

function test () {

        var valusid = $ ("#select2"). Val ();
        $.post ("Yurole/selectuserrole", {"userid": Valusid}, function (data) {
            $ ("#div2"). HTML ("");
            debugger;
            for (var i = 0; i < data.length; i++) {
                $ ("#div2"). Append ("<p><a href=" "+data[i].menuulr+" ' target= ' conte NT ' > "+ data[i].menuname +" <a/></p> ");
            }

        );}

    

Shiro configuration:
Need to put the session blocker in front of the login blocker