今天做一个S2SM的项目时,在session超时或者失效时返回到登陆页面重新登陆,前台使用的easyui框架
1、首先修改web.xml
<session-config>
<session-timeout>1</session-timeout>
</session-config>
2、自定义一个登录超时的拦截器
packagecom.tungkong.util;
importjava.util.Hashtable;
importjavax.servlet.http.HttpServletResponse;
importorg.apache.struts2.ServletActionContext;
importcom.opensymphony.xwork2.ActionInvocation;
importcom.opensymphony.xwork2.interceptor.AbstractInterceptor;
@SuppressWarnings("serial")
publicclassLoginedCheckInterceptorextendsAbstractInterceptor{
/**session过期、登录有效性及操作的权限验证拦截器*/
@SuppressWarnings("unchecked")
@Override
publicStringintercept(ActionInvocationai)throwsException{
//取得请求的URL
Stringurl=ServletActionContext.getRequest().getRequestURL().toString();
HttpServletResponseresponse=ServletActionContext.getResponse();
response.setHeader("Pragma","No-cache");
response.setDateHeader("Expires",0);
response.setHeader("Cache-Control","no-cache");
response.setHeader("Cache-Control","no-store");
response.setHeader("Content-Type","text/html;charset=UTF-8");
response.setHeader("Cache-Control","no-store");
response.setHeader("Content-Type","text/html;charset=UTF-8");
Hashtable<String,Object>userinfo=null;
//对登录与注销请求直接放行,不予拦截
if(url.indexOf("loginAction")!=-1||url.indexOf("logoutAction")!=-1){
returnai.invoke();
}else{
//验证Session是否过期
if(!ServletActionContext.getRequest().isRequestedSessionIdValid()){
//session过期,转向session过期提示页,最终跳转至登录页面
return"tologin";
}else{
//验证是否已经登录
userinfo=(Hashtable<String,Object>)ServletActionContext.getRequest().getSession().getAttribute("userSessionHt");
if(userinfo==null){
//尚未登录,跳转至登录页面
return"tologin";
}else{
returnai.invoke();
}
}
}
}
}
3、在struts.xml中配置拦截器,并声明一个全局的result,当session失效的时候拦截器会转发到登陆页面,由于我使用的是多个struts文件,故应该这么设置
<?xmlversion="1.0"encoding="UTF-8"?>
<!DOCTYPEstrutsPUBLIC
"-//ApacheSoftwareFoundation//DTDStrutsConfiguration2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
<!--加载默认的struts2配置文件-->
<includefile="struts-default.xml"/>
<!--业务模块配置-->
<includefile="struts-userinfo.xml"/>
………………
<constantname="struts.i18n.encoding"value="UTF-8"/>
<constantname="struts.objectFactory"value="spring"></constant>
<packagename="tksm"extends="struts-default">
<interceptors>
<interceptorname="loginedCheck"class="com.tungkong.util.LoginedCheckInterceptor"/>
<interceptor-stackname="mystack">
<interceptor-refname="loginedCheck"/>
</ interceptors ><interceptor-refname="defaultStack"/>
</interceptor-stack>
<global-results>
<resultname="exception">/exception.jsp</result>
<resultname="tologin">/relogin.jsp</result>
</global-results>
<global-exception-mappings>
<exception-mappingexception="java.lang.Exception"result="exception"/>
</global-exception-mappings>
</package>
</struts>
4、在struts-userinfo.xml中设置
<?xmlversion="1.0"encoding="UTF-8"?>
<!DOCTYPEstrutsPUBLIC
"-//ApacheSoftwareFoundation//DTDStrutsConfiguration2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
<packagename="tksm-user"extends="tksm">
<default-interceptor-refname="mystack"/>
<actionname="loginAction"class="userAction"method="login">
<resultname="success">/WEB-INF/index/main.jsp</result>
<resultname="error">/WEB-INF/index/error.jsp</result>
</action>
……………………
</package>
</struts>
5、新建relogin.jsp页面
由于页面嵌套在iframe下,跳转时需要跳转到其父页面,因此加个中间的jsp,拦截器配置跳转到此页面,再由此页面跳转到登录页面。
relogin.jsp
<%@pagelanguage="java"import="java.util.*"pageEncoding="UTF-8"%>
<%
Stringpath=request.getContextPath();
StringbasePath=request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPEHTMLPUBLIC"-//W3C//DTDHTML4.01Transitional//EN">
<html>
<head>
<basehref="<%=basePath%>">
<title>MyJSP'index.jsp'startingpage</title>
<metahttp-equiv="pragma"content="no-cache">
<metahttp-equiv="cache-control"content="no-cache">
<metahttp-equiv="expires"content="0">
<metahttp-equiv="keywords"content="keyword1,keyword2,keyword3">
<metahttp-equiv="description"content="Thisismypage">
<!--
<linkrel="stylesheet"type="text/css"href="styles.css">
-->
</head>
<body>
<scripttype="text/javascript">
alert("对不起!您长时间对系统未进行操作,登录已超时,请重新登录!");
window.top.location.href="<%=basePath%>login.jsp";
</script>
</body>
</html>
当我们登陆后一分钟不做任何操作刷新后则会跳转到登陆页面
这篇博客主要来源于:
http://blog.csdn.net/java_cxrs/article/details/5519743
http://blog.sina.com.cn/s/blog_a72f208a01014gha.html
感谢两位!