session超时跳出frame -- 过滤未登录的用户LoginFilter
2011-04-13 10:40
253 查看
session超时跳出frame
今天遇到session超时跳转后还在frame框架里面,得想办法跳出frame后转到登录页面去。
方法一:
js解决方案:
$(document).ready(function(){
if (window != top){
top.location.href = "login.action";
//或者top.location=self.location;这种方法其实也是对self.location的当前action进行第二次请求
}
});
缺点:会产生两次请求,如果网速过慢,用户可以看到两次在登录页面上的跳转。
方法二:
思路:任何未登录/超时跳转--》index_proxy.html登录代理跳转页面--》login.action--》跳转登录页面
java程序解决:
首先:在web.xml里面配置过滤器
<filter>
<filter-name>login</filter-name>
<filter-class>com.newyulong.iptv.webapp.filter.LoginFilter</filter-class>
<init-param>
<param-name>loginActionUrl</param-name>
<param-value>/login.action</param-value>
</init-param>
<init-param>
<param-name>loginUrl</param-name>
<!--下面是未登录跳转和超时跳转代理页面-->
<param-value>/index_proxy.html</param-value>
</init-param>
</filter>
其次编写过滤器:
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.SessionUtil;
public class LoginFilter implements Filter{
private String loginUrl;
private String loginActionUrl;
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
//判断用户是否已经登录
HttpServletRequest httpServletRequest = (HttpServletRequest)request;
HttpServletResponse servletResponse = (HttpServletResponse)response;
//需要登录的东西不能被浏览器缓存
servletResponse.setHeader("Pragma","No-cache");
servletResponse.setHeader("Cache-Control","no-cache");
servletResponse.setDateHeader("Expires", -10);
String appPath= httpServletRequest.getServletPath();
if(!appPath.equalsIgnoreCase(loginUrl)&&!appPath.equalsIgnoreCase(loginActionUrl)&&!SessionUtil.exist(httpServletRequest, SessionUtil.USER_SESSION_NAME)){
servletResponse.sendRedirect(httpServletRequest.getContextPath()+loginUrl);
return ;
}
chain.doFilter(request, response);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
String _loginUrl = filterConfig.getInitParameter("loginUrl");
if(_loginUrl!=null)
loginUrl = _loginUrl;
String _loginActionUrl=filterConfig.getInitParameter("loginActionUrl");
if(_loginActionUrl!=null)
loginActionUrl=_loginActionUrl;
}
}
过滤器里面引用到的session处理类:
import javax.servlet.http.HttpServletRequest;
import SystemUser; //用户实体
import ValidateCodeServlet; //验证码处理类
public class SessionUtil {
public static final String USER_SESSION_NAME=SystemUser.class.getName();
public final static String VALIDATE_CODE_KEY = ValidateCodeServlet.class.getName();
public static void set(HttpServletRequest request,String name,Object val){
request.getSession().setAttribute(name, val);
}
public static boolean exist(HttpServletRequest request,String name){
return request.getSession().getAttribute(name)!=null;
}
public static Object get(HttpServletRequest request,String name){
return request.getSession().getAttribute(name);
}
public static boolean destroy(HttpServletRequest request,String name){
if(exist(request,name)){
request.getSession().removeAttribute(name);
return true;
}
return false;
}
}
最后是代理页面index_proxy.html:
<html>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>IPTV - BSS</title>
<link href="css/general_cn.css" rel="stylesheet" type="text/css">
<script type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
<script type="text/javascript">
$(document).ready(function(){
//top.location=self.location; //此种写法会产生velocity错误,html跳html
//$('#loginform').submit();
top.location.href = "login.action";
});
</script>
<body style="background-color:#F0F0F0;">
<form action="login.action" name="loginform" id="loginform" method="post" >
</form>
</body>
</html>
今天遇到session超时跳转后还在frame框架里面,得想办法跳出frame后转到登录页面去。
方法一:
js解决方案:
$(document).ready(function(){
if (window != top){
top.location.href = "login.action";
//或者top.location=self.location;这种方法其实也是对self.location的当前action进行第二次请求
}
});
缺点:会产生两次请求,如果网速过慢,用户可以看到两次在登录页面上的跳转。
方法二:
思路:任何未登录/超时跳转--》index_proxy.html登录代理跳转页面--》login.action--》跳转登录页面
java程序解决:
首先:在web.xml里面配置过滤器
<filter>
<filter-name>login</filter-name>
<filter-class>com.newyulong.iptv.webapp.filter.LoginFilter</filter-class>
<init-param>
<param-name>loginActionUrl</param-name>
<param-value>/login.action</param-value>
</init-param>
<init-param>
<param-name>loginUrl</param-name>
<!--下面是未登录跳转和超时跳转代理页面-->
<param-value>/index_proxy.html</param-value>
</init-param>
</filter>
其次编写过滤器:
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.SessionUtil;
public class LoginFilter implements Filter{
private String loginUrl;
private String loginActionUrl;
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
//判断用户是否已经登录
HttpServletRequest httpServletRequest = (HttpServletRequest)request;
HttpServletResponse servletResponse = (HttpServletResponse)response;
//需要登录的东西不能被浏览器缓存
servletResponse.setHeader("Pragma","No-cache");
servletResponse.setHeader("Cache-Control","no-cache");
servletResponse.setDateHeader("Expires", -10);
String appPath= httpServletRequest.getServletPath();
if(!appPath.equalsIgnoreCase(loginUrl)&&!appPath.equalsIgnoreCase(loginActionUrl)&&!SessionUtil.exist(httpServletRequest, SessionUtil.USER_SESSION_NAME)){
servletResponse.sendRedirect(httpServletRequest.getContextPath()+loginUrl);
return ;
}
chain.doFilter(request, response);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
String _loginUrl = filterConfig.getInitParameter("loginUrl");
if(_loginUrl!=null)
loginUrl = _loginUrl;
String _loginActionUrl=filterConfig.getInitParameter("loginActionUrl");
if(_loginActionUrl!=null)
loginActionUrl=_loginActionUrl;
}
}
过滤器里面引用到的session处理类:
import javax.servlet.http.HttpServletRequest;
import SystemUser; //用户实体
import ValidateCodeServlet; //验证码处理类
public class SessionUtil {
public static final String USER_SESSION_NAME=SystemUser.class.getName();
public final static String VALIDATE_CODE_KEY = ValidateCodeServlet.class.getName();
public static void set(HttpServletRequest request,String name,Object val){
request.getSession().setAttribute(name, val);
}
public static boolean exist(HttpServletRequest request,String name){
return request.getSession().getAttribute(name)!=null;
}
public static Object get(HttpServletRequest request,String name){
return request.getSession().getAttribute(name);
}
public static boolean destroy(HttpServletRequest request,String name){
if(exist(request,name)){
request.getSession().removeAttribute(name);
return true;
}
return false;
}
}
最后是代理页面index_proxy.html:
<html>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>IPTV - BSS</title>
<link href="css/general_cn.css" rel="stylesheet" type="text/css">
<script type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
<script type="text/javascript">
$(document).ready(function(){
//top.location=self.location; //此种写法会产生velocity错误,html跳html
//$('#loginform').submit();
top.location.href = "login.action";
});
</script>
<body style="background-color:#F0F0F0;">
<form action="login.action" name="loginform" id="loginform" method="post" >
</form>
</body>
</html>
相关文章推荐
- session超时跳出frame -- 过滤未登录的用户LoginFilter
- 过滤器,过滤没登录的用户
- play for scala 实现SessionFilter 过滤未登录用户跳转到登录页面
- java web过滤器之用户登录过滤
- 【转】过滤SQL用户登录(SQL2005)
- frame框架-用户session失效仅在iframe中跳转登录页面的解决方法
- Easyui + asp.net MVC 系列教程 第19-23 节 完成注销 登录限制过滤 添加用户
- session过期返回登录页面跳出frame
- Java web应用用户是否登录验证过滤处理机制
- 用户登录过滤
- filter的权限过滤(基础篇--用户是否登录权限过滤)
- 在框架页中发现用户已经登出,如何跳出框架返回到登录页?
- java之Struts2实现用户登录过滤
- 如何跳出iframe(针对登录用户的session验证)
- Easyui + MVC 系列教程 第19-23 节 完成注销 登录限制过滤 添加用户
- Python基础-小程序练习(跳出多层循环,购物车,多级菜单,用户登录)
- Python基础-小程序练习(跳出多层循环,购物车,多级菜单,用户登录)
- springmvc3 拦截器,过滤ajax请求,判断用户登录,拦截规则设置
- 使用Filter进行 过滤非法登录用户
- 完成注销 登录限制过滤 添加用户