zoukankan      html  css  js  c++  java

  • filter 拦截ajax请求

    1.filter
    public class SessonFilter  implements Filter {

    private static Logger log = LoggerFactory.getLogger(SessonFilter.class);

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        //empty implement
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        HttpServletRequest httpRequest = (HttpServletRequest) request;
        HttpServletResponse httpResponse = (HttpServletResponse) response;
        HttpSession session = httpRequest.getSession();
        String uri = httpRequest.getRequestURI();
        String ctxpath = httpRequest.getContextPath();

        String userid = (String)session.getAttribute("userid");

        if(uri.contains("/user/login") || uri.contains("/user/regPage") ){
            chain.doFilter(request, response);
        }else{  
            if(userid == null){
                String contextPath = httpRequest.getContextPath();
                String redirect =  contextPath ;
                //ajax session 过期处理
                //1:判断是否是ajax请求
                if (httpRequest.getHeader("x-requested-with") != null 
                        && "XMLHttpRequest".equalsIgnoreCase(httpRequest.getHeader("x-requested-with"))) {   
                    //向http头添加 状态 sessionstatus
                    httpResponse.setHeader("sessionstatus","timeout");
                    httpResponse.setStatus(403);
                    //向http头添加登录的url
                    httpResponse.addHeader("loginPath", ctxpath);
                    chain.doFilter(request, response);
                    log.debug("ajax request");
                    return ;
                }
                httpResponse.sendRedirect(redirect);
                return;
            }else{
                chain.doFilter(request, response);
            }
        }
    }

    @Override
    public void destroy() {
        //empty implement
    }
}

    2.核心代码
    //ajax session 过期处理
//1:判断是否是ajax请求
if (httpRequest.getHeader("x-requested-with") != null 
                        && "XMLHttpRequest".equalsIgnoreCase(httpRequest.getHeader("x-requested-with"))) {   
    //向http头添加 状态 sessionstatus
    httpResponse.setHeader("sessionstatus","timeout");
    httpResponse.setStatus(403);
    //向http头添加登录的url
    httpResponse.addHeader("loginPath", ctxpath);
    chain.doFilter(request, response);
    log.debug("ajax request");
    return ;
}
    3.JS
    //ajax完成时回调函数
$(document).ajaxComplete(function(event, xhr, settings) {
    //从http头信息取出 在filter定义的sessionstatus,判断是否是 timeout
    if(xhr.getResponseHeader("sessionstatus")=="timeout"){ 
        //从http头信息取出登录的url = loginPath
        if(xhr.getResponseHeader("loginPath")){
            alert("会话过期,请重新登陆!");
            //打会到登录页面
            window.location.replace(xhr.getResponseHeader("loginPath"));  
        }else{  
            alert("请求超时请重新登陆 !");  
        }  
    }  
}); 
     
  • 相关阅读:
    圆珠笔芯为什么那么细
    2017第45周二
    浅谈XXE攻击
    谈谈ssrf
    htop简介
    关闭火狐定期向“http://detectportal.firefox.com/”发包
    linux登录用户(终端)间的通信
    linux下ftp、telnet的安装和使用
    深入解析hostname
    supervisor启动sqlmapapi失败 sqlmapapi: ERROR (file is not executable)
  • 原文地址:https://www.cnblogs.com/zhang-boke/p/7243717.html
Copyright © 2011-2022 走看看