Session超時���,唯一性
配置緩存文件��,用來存儲SessionId���,將UserId作為key�。(此處未貼代碼)
創建sessionTimeOut.jsp文件(此處未貼代碼)
-----------------------------------------------------------默默無聞的分割線-----------------------------------------------------------
配置Struts.xml文件(Class屬性不用配置���,僅用于跳轉)
<action name="sessionTimeOut">
<result name="success">/WEB-INF/page/sessionTimeOut.jsp</result>
</action>
-----------------------------------------------------------默默無聞的分割線-----------------------------------------------------------
Action文件(登錄時保存SessionId)
public String login(){
HttpSession session = ServletActionContext.getRequest().getSession();
//驗證碼
String genValidatecode = (String)session.getAttribute("RANDOMVALIDATECODEKEY");
session.setAttribute("user", student);//這里是引用傳遞���,如果add方法也是這個Action����,則添加用戶時會更改Student的屬性值����。
String sessionID = session.getId();
//將sessionId存入緩存
EhcacheUtil.getInstance().put("com.sessoinId", student.getStuNo(), sessionID);
return SUCCESS;
}
-----------------------------------------------------------默默無聞的分割線-----------------------------------------------------------
創建用戶登錄校驗過濾器LoginFilter
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import com.shenzhen.management.pojo.Student;
public class LoginFilter implements Filter {
private FilterConfig filterConfig;
private String noFilterURI;
Logger logger = Logger.getLogger(LoginFilter.class);
public LoginFilter() {
filterConfig = null;
noFilterURI = null;
}
public void init(FilterConfig filterConfig) throws ServletException{
this.filterConfig = filterConfig;
noFilterURI = filterConfig.getInitParameter("noFilterURI");
}
public void destroy(){
filterConfig = null;
}
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)throws IOException, ServletException{
HttpServletRequest request = (HttpServletRequest)servletRequest;
String indexURI = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+request.getContextPath();
//用戶登錄檢查
String requestUrl = request.getRequestURL().toString();
logger.debug(requestUrl);
if(requestUrl.equals(indexURI+"/")||requestUrl.equals(indexURI+"/login")||requestUrl.equals(indexURI+"/sessionTimeOut")||requestUrl.endsWith("p_w_picpathServlet.servlet")||requestUrl.endsWith(".js")){
filterChain.doFilter(servletRequest, servletResponse);
}else{
HttpSession session = request.getSession();
Student user = (Student)session.getAttribute("user");
if(null == user){
HttpServletResponse response = (HttpServletResponse)servletResponse;
response.sendRedirect(indexURI+"/sessionTimeOut");
}else{
filterChain.doFilter(servletRequest, servletResponse);
}
}
}
}
-----------------------------------------------------------默默無聞的分割線-----------------------------------------------------------
創建Session唯一性過濾器OnlySession
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import com.shenzhen.management.pojo.Student;
import com.shenzhen.management.util.ehcache.EhcacheUtil;
public class OnlySession implements Filter {
private FilterConfig filterConfig;
Logger logger = Logger.getLogger(OnlySession.class);
public OnlySession() {
filterConfig = null;
}
public void init(FilterConfig filterConfig) throws ServletException{
this.filterConfig = filterConfig;
}
public void destroy(){
filterConfig = null;
}
/**
* session超時和session唯一性檢查
*/
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)throws IOException,ServletException{
HttpServletRequest request = (HttpServletRequest)servletRequest;
String indexURI = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+request.getContextPath();
String requestUrl = request.getRequestURL().toString();
//登錄時不進行攔截
if(requestUrl.equals(indexURI+"/")||requestUrl.equals(indexURI+"/login")||requestUrl.equals(indexURI+"/sessionTimeOut")||requestUrl.endsWith("p_w_picpathServlet.servlet")||requestUrl.endsWith(".js"))
{
filterChain.doFilter(servletRequest, servletResponse);
}else{
Student user = (Student)request.getSession().getAttribute("user");
HttpServletResponse response = (HttpServletResponse)servletResponse;
//如果session超時
if(null == user){
response.sendRedirect(indexURI+"/sessionTimeOut");
}else{
String userId = user.getStuNo();
String sessionId = request.getSession().getId();
String onlySessionId = (String)EhcacheUtil.getInstance().get("com.sessoinId", userId);
if(sessionId.equals(onlySessionId)){
filterChain.doFilter(servletRequest, servletResponse);
}else{
response.sendRedirect(indexURI+"/sessionTimeOut");
}
}
}
}
}
-----------------------------------------------------------默默無聞的分割線-----------------------------------------------------------
配置web.xml文件(以下Filter配置在Struts2的org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter前面)
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.shenzhen.management.util.session.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>OnlySession</filter-name>
<filter-class>com.shenzhen.management.util.session.OnlySession</filter-class>
</filter>
<filter-mapping>
<filter-name>OnlySession</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<session-config>
<session-timeout>1</session-timeout>
</session-config>
-----------------------------------------------------------默默無聞的分割線-----------------------------------------------------------
草稿���,希望大家多指教���,留言 ���,幫助小弟完善��。
