ajax非同步請求不同於其他請求,其在要求標頭裡包含有X-Requested-With:XMLHttpRequest,看下面兩張圖的區別。
我們可以在filter中通過它來判斷一個請求是不是非同步,如果是,我們可以返回一個sessionstatus,在頁面上通過判斷sessionstatus的值來判斷session是否失效。
第一張是普通請求:
第二張是ajax的
可是,如果每個ajax都這樣寫,工作量也是很大的。
由於我使用的是Extjs,而Ext的ajax是單例的,這樣我們可以單獨寫一個js檔案,在裡邊寫入session逾時驗證的代碼,其他頁面只要引入這個js就可以了。
下面看代碼,首先是filter:
import java.io.IOException;import java.io.PrintWriter;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;public class SessionFilter implements Filter { public void destroy() { } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; HttpSession session = httpRequest.getSession(); String url = httpRequest.getRequestURI(); String path = url.substring(url.lastIndexOf("/")); if (check(path)&& session.getAttribute("user") == null) { // 攔截ajax if (httpRequest.getHeader("x-requested-with") != null && httpRequest.getHeader("x-requested-with") .equalsIgnoreCase("XMLHttpRequest")) { httpResponse.addHeader("sessionstatus", "timeout"); chain.doFilter(request, response);// 不可少,否則請求會出錯 }else { String str = "<script language='javascript'>alert('會話到期,請重新登入');" + "window.top.location.href=index.jsp'" + "';</script>"; response.setContentType("text/html;charset=UTF-8");// 解決中文亂碼 try { PrintWriter writer = response.getWriter(); writer.write(str); writer.flush(); writer.close(); } catch (Exception e) { e.printStackTrace(); } } } else { chain.doFilter(request, response); } } /** * 判斷該路徑是否要攔截:true【是】 * @param path * @return */ public boolean check(String path){ if(path.indexOf("login") != -1||path.indexOf("logout") != -1) //不攔截登入登出 return false; return true; } @Override public void init(FilterConfig arg0) throws ServletException { // TODO Auto-generated method stub }}
<filter> <filter-name>sessionFilter</filter-name> <filter-class>com.web.helper.session.SessionFilter</filter-class></filter><filter-mapping> <filter-name>sessionFilter</filter-name> <url-pattern>/*</url-pattern></filter-mapping>下面是ajax逾時驗證的代碼[ajax_timeout.js],頁面引入該js後,每次ajax請求都會調用這段代碼
// ajax回呼函數處理session到期Ext.Ajax.on('requestcomplete',checkUserSessionStatus, this); function checkUserSessionStatus(conn,response,options){ var status = response.getResponseHeader("sessionstatus"); //Ext重新封裝了response對象 if(status=="timeout"){ window.location.href="index.jsp"; } }
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
後來發現如果代碼中還是用了form的submit提交進行上傳,這個submit的傳回值接收不到,這是因為ajax和submit的傳回值不同:
我們要做不同的處理:
// ajax回呼函數處理session到期Ext.Ajax.on('requestcomplete',checkUserSessionStatus, this); function checkUserSessionStatus(conn,response,options){ console.info(response);console.info(response.status);if(response.status==undefined){//解決表單提交不響應的問題}else{var status = response.getResponseHeader("sessionstatus");//Ext重新封裝了response對象 if(status=="timeout"){ window.location.href="index.jsp";} }}
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
