[Spring] session有效性判断

SessionHandlerInterceptor

继承自org.springframework.web.servlet.HandlerInterceptor

public class SessionHandlerInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
        if (httpServletRequest.getHeader("x-requested-with") != null && httpServletRequest.getHeader("x-requested-with").equalsIgnoreCase("XMLHttpRequest")){
            //如果是ajax请求响应头会有，x-requested-with；
            HttpSession session = httpServletRequest.getSession();
            Profile profile = (Profile)session.getAttribute(LoginController.PROFILE);
            System.out.println("SessionHandlerInterceptor: "+profile);
            if (profile == null){//判断session里是否有用户信息
                //httpServletResponse.setHeader("sessionstatus", "timeout");//在响应头设置session状态
                httpServletResponse.getWriter().write("{'sessionstatus':'timeout'}");
                return false;
            }
        }
        return true;
    }

    @Override
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {

    }
}

beans.xml配置

<!--对涉及到session操作的增删改请求进行拦截，进行Session校验-->
    <mvc:interceptors>
        <mvc:interceptor>
            <mvc:mapping path="/*/*create*"/>
            <mvc:mapping path="/*/*update*"/>
            <mvc:mapping path="/*/*delete*"/>
            <mvc:mapping path="/login/logout.action"/>
            <bean class="com.xxxxx.xxx.filter.SessionHandlerInterceptor"/>
        </mvc:interceptor>
    </mvc:interceptors>

js创建全局函数

//Ajax全局处理方法，用于处理session失效
$.ajaxSetup({   
    contentType:"application/x-www-form-urlencoded;charset=utf-8",   
    complete:function(XMLHttpRequest,textStatus){   
        //var sessionstatus=XMLHttpRequest.getResponseHeader("sessionstatus"); //通过XMLHttpRequest取得响应头，sessionstatus，  
        validSession(XMLHttpRequest.responseText);
    }   
});

//Extjs的全局处理方法，用于处理session失效
Ext.Ajax.on('requestcomplete',checkSessionStatus, this);         
function checkSessionStatus(conn,response,options){
    validSession(response.responseText);  
}

//校验session的有效性
function validSession(responseText){
var json = Ext.decode(responseText);
    var sessionstatus = json.sessionstatus;
    if(sessionstatus == 'timeout'){
        //此处对session失效进行处理
    }
}