session超时跳出frame -- 过滤未登录的用户LoginFilter

session超时跳出frame

今天遇到session超时跳转后还在frame框架里面，得想办法跳出frame后转到登录页面去。

方法一：

js解决方案：

$(document).ready(function(){

if (window != top){

top.location.href = "login.action";

//或者top.location=self.location;这种方法其实也是对self.location的当前action进行第二次请求

}

});

缺点：会产生两次请求，如果网速过慢，用户可以看到两次在登录页面上的跳转。

方法二：

思路：任何未登录/超时跳转－－》index_proxy.html登录代理跳转页面－－》login.action－－》跳转登录页面

java程序解决：

首先：在web.xml里面配置过滤器

<filter>

<filter-name>login</filter-name>

<filter-class>com.newyulong.iptv.webapp.filter.LoginFilter</filter-class>

<init-param>

<param-name>loginActionUrl</param-name>

<param-value>/login.action</param-value>

</init-param>

<init-param>

<param-name>loginUrl</param-name>

<!--下面是未登录跳转和超时跳转代理页面-->

<param-value>/index_proxy.html</param-value>

</init-param>

</filter>

其次编写过滤器：

import javax.servlet.Filter;

import javax.servlet.FilterChain;

import javax.servlet.FilterConfig;

import javax.servlet.ServletException;

import javax.servlet.ServletRequest;

import javax.servlet.ServletResponse;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import com.SessionUtil;

public class LoginFilter implements Filter{

private String loginUrl;

private String loginActionUrl;

@Override

public void destroy() {

}

@Override

public void doFilter(ServletRequest request, ServletResponse response,

FilterChain chain) throws IOException, ServletException {

//判断用户是否已经登录

HttpServletRequest httpServletRequest = (HttpServletRequest)request;

HttpServletResponse servletResponse = (HttpServletResponse)response;

//需要登录的东西不能被浏览器缓存

servletResponse.setHeader("Pragma","No-cache");

servletResponse.setHeader("Cache-Control","no-cache");

servletResponse.setDateHeader("Expires", -10);

String appPath= httpServletRequest.getServletPath();

if(!appPath.equalsIgnoreCase(loginUrl)&&!appPath.equalsIgnoreCase(loginActionUrl)&&!SessionUtil.exist(httpServletRequest, SessionUtil.USER_SESSION_NAME)){

servletResponse.sendRedirect(httpServletRequest.getContextPath()+loginUrl);

return ;

}

chain.doFilter(request, response);

}

@Override

public void init(FilterConfig filterConfig) throws ServletException {

String _loginUrl = filterConfig.getInitParameter("loginUrl");

if(_loginUrl!=null)

loginUrl = _loginUrl;

String _loginActionUrl=filterConfig.getInitParameter("loginActionUrl");

if(_loginActionUrl!=null)

loginActionUrl=_loginActionUrl;

}

}

过滤器里面引用到的session处理类：

import javax.servlet.http.HttpServletRequest;

import SystemUser; //用户实体

import ValidateCodeServlet; //验证码处理类

public class SessionUtil {

public static final String USER_SESSION_NAME=SystemUser.class.getName();

public final static String VALIDATE_CODE_KEY = ValidateCodeServlet.class.getName();

public static void set(HttpServletRequest request,String name,Object val){

request.getSession().setAttribute(name, val);

}

public static boolean exist(HttpServletRequest request,String name){

return request.getSession().getAttribute(name)!=null;

}

public static Object get(HttpServletRequest request,String name){

return request.getSession().getAttribute(name);

}

public static boolean destroy(HttpServletRequest request,String name){

if(exist(request,name)){

request.getSession().removeAttribute(name);

return true;

}

return false;

}

}

最后是代理页面index_proxy.html：

<html>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8">

<title>IPTV - BSS</title>

<link href="css/general_cn.css" rel="stylesheet" type="text/css">

<script type="text/javascript" src="js/jquery-1.3.2.min.js"></script>

<script type="text/javascript">

$(document).ready(function(){

//top.location=self.location; //此种写法会产生velocity错误，html跳html

//$('#loginform').submit();

top.location.href = "login.action";

});

</script>

<body style="background-color:#F0F0F0;">

<form action="login.action" name="loginform" id="loginform" method="post" >

</form>

</body>

</html>