Ajax请求session失效该如何解决
一般来说我们的项目都有登录过滤器,一般请求足以搞定。但是AJAX却是例外的,所以解决方法是设置响应为session失效。
一共分为过滤器和页面JS两个部分的设置,先看过滤器的修改:
importjava.io.IOException;
importjavax.servlet.Filter;
importjavax.servlet.FilterChain;
importjavax.servlet.FilterConfig;
importjavax.servlet.ServletException;
importjavax.servlet.ServletRequest;
importjavax.servlet.ServletResponse;
importjavax.servlet.http.HttpServletRequest;
importjavax.servlet.http.HttpServletResponse;
importjavax.servlet.http.HttpSession;
/**
*登录过滤器
*拥有Session是否失效和用户是否登录2个条件判断
*如果是ajax请求则设置session超时
*@authorMerlin.Ma
*
*/
publicclassLoginFilterimplementsFilter{
privateStringredirectUrl="/login.html";
privateStringsessionKey="userName";
@Override
publicvoiddestroy(){
}
@Override
publicvoiddoFilter(ServletRequestrequest,ServletResponseresponse,
FilterChainchain)throwsIOException,ServletException{
HttpServletRequestreq=(HttpServletRequest)request;
HttpServletResponserep=(HttpServletResponse)response;
HttpSessionsession=req.getSession();
if(session==null||session.getAttribute(sessionKey)==null){
//如果判断是AJAX请求,直接设置为session超时
if(req.getHeader("x-requested-with")!=null&&req.getHeader("x-requested-with").equals("XMLHttpRequest")){
rep.setHeader("sessionstatus","timeout");
}else{
rep.sendRedirect(req.getContextPath()+redirectUrl);
}
}else{
chain.doFilter(request,response);
}
}
@Override
publicvoidinit(FilterConfigfilterConfig)throwsServletException{
Stringurl=filterConfig.getInitParameter("redirectUrl");
Stringkey=filterConfig.getInitParameter("sessionKey");
redirectUrl=url==null?redirectUrl:url;
sessionKey=key==null?sessionKey:key;
}
}
代码简单,就不过多进行注释了,现在看JS部分的代码。当然是基于jQuery的~~
//全局的ajax访问,处理ajax清求时sesion超时
$.ajaxSetup({
contentType:"application/x-www-form-urlencoded;charset=utf-8",
complete:function(XMLHttpRequest,textStatus){
varsessionstatus=XMLHttpRequest.getResponseHeader("sessionstatus");//通过XMLHttpRequest取得响应头,sessionstatus,
if(sessionstatus=="timeout"){
//如果超时就处理,指定要跳转的页面
window.location.replace("login.html");
}
}
});
页面加载这段js代码,然后开始调用ajax。在不登陆或者session失效的情况下,可以看到页面跳转到登录页面。