session超时跳出frame
今天遇到session超时跳转后还在frame框架里面,得想办法跳出frame后转到登录页面去。
方法一:
js解决方案:
$(document).ready(function(){
if (window != top){
top.location.href = "login.action";
//或者top.location=self.location;这种方法其实也是对self.location的当前action进行第二次请求
}
});
缺点:会产生两次请求,如果网速过慢,用户可以看到两次在登录页面上的跳转。
方法二:
思路:任何未登录/超时跳转--》index_proxy.html登录代理跳转页面--》login.action--》跳转登录页面
java程序解决:
首先:在web.xml里面配置过滤器
<filter>
<filter-name>login</filter-name>
<filter-class>com.newyulong.iptv.webapp.filter.LoginFilter</filter-class>
<init-param>
<param-name>loginActionUrl</param-name>
<param-value>/login.action</param-value>
</init-param>
<init-param>
<param-name>loginUrl</param-name>
<!--下面是未登录跳转和超时跳转代理页面-->
<param-value>/index_proxy.html</param-value>
</init-param>
</filter>
其次编写过滤器:
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.SessionUtil;
public class LoginFilter implements Filter{
private String loginUrl;
private String loginActionUrl;
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
//判断用户是否已经登录
HttpServletRequest httpServletRequest = (HttpServletRequest)request;
HttpServletResponse servletResponse = (HttpServletResponse)response;
//需要登录的东西不能被浏览器缓存
servletResponse.setHeader("Pragma","No-cache");
servletResponse.setHeader("Cache-Control","no-cache");
servletResponse.setDateHeader("Expires", -10);
String appPath= httpServletRequest.getServletPath();
if(!appPath.equalsIgnoreCase(loginUrl)&&!appPath.equalsIgnoreCase(loginActionUrl)&&!SessionUtil.exist(httpServletRequest, SessionUtil.USER_SESSION_NAME)){
servletResponse.sendRedirect(httpServletRequest.getContextPath()+loginUrl);
return ;
}
chain.doFilter(request, response);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
String _loginUrl = filterConfig.getInitParameter("loginUrl");
if(_loginUrl!=null)
loginUrl = _loginUrl;
String _loginActionUrl=filterConfig.getInitParameter("loginActionUrl");
if(_loginActionUrl!=null)
loginActionUrl=_loginActionUrl;
}
}
过滤器里面引用到的session处理类:
import javax.servlet.http.HttpServletRequest;
import SystemUser; //用户实体
import ValidateCodeServlet; //验证码处理类
public class SessionUtil {
public static final String USER_SESSION_NAME=SystemUser.class.getName();
public final static String VALIDATE_CODE_KEY = ValidateCodeServlet.class.getName();
public static void set(HttpServletRequest request,String name,Object val){
request.getSession().setAttribute(name, val);
}
public static boolean exist(HttpServletRequest request,String name){
return request.getSession().getAttribute(name)!=null;
}
public static Object get(HttpServletRequest request,String name){
return request.getSession().getAttribute(name);
}
public static boolean destroy(HttpServletRequest request,String name){
if(exist(request,name)){
request.getSession().removeAttribute(name);
return true;
}
return false;
}
}
最后是代理页面index_proxy.html:
<html>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>IPTV - BSS</title>
<link href="css/general_cn.css" rel="stylesheet" type="text/css">
<script type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
<script type="text/javascript">
$(document).ready(function(){
//top.location=self.location; //此种写法会产生velocity错误,html跳html
//$('#loginform').submit();
top.location.href = "login.action";
});
</script>
<body style="background-color:#F0F0F0;">
<form action="login.action" name="loginform" id="loginform" method="post" >
</form>
</body>
</html>
分享到:
相关推荐
赠送jar包:spring-session-data-redis-2.0.4.RELEASE.jar; 赠送原API文档:spring-session-data-redis-2.0.4.RELEASE-javadoc.jar; 赠送源代码:spring-session-data-redis-2.0.4.RELEASE-sources.jar; 赠送...
tomcat-redis-session-manager-1.2-tomcat-7-java-7tomcat-redis-session-manager-1.2-tomcat-7-java-7tomcat-redis-session-manager-1.2-tomcat-7-java-7tomcat-redis-session-manager-1.2-tomcat-7-java-7tomcat-...
赠送jar包:spring-session-data-redis-2.0.4.RELEASE.jar; 赠送原API文档:spring-session-data-redis-2.0.4.RELEASE-javadoc.jar; 赠送源代码:spring-session-data-redis-2.0.4.RELEASE-sources.jar; 赠送...
session 共享 tomcat-redis-session-manager 所需要的jar 和 redis-data-cache.properties文件 (绝对可用) 已经完整测试
Acct-Session-idAcct-Session-idAcct-Session-idAcct-Session-idAcct-Session-idAcct-Session-idAcct-Session-id
CTFsession伪造脚本,有解密和加密的,一定要有私钥才能进行。
赠送jar包:spring-session-core-2.0.5.RELEASE.jar; 赠送原API文档:spring-session-core-2.0.5.RELEASE-javadoc.jar; 赠送源代码:spring-session-core-2.0.5.RELEASE-sources.jar; 赠送Maven依赖信息文件:...
包括commons-pool-1.6.jar,jedis-2.0.0.jar,tomcat-redis-session-manager-1.2-tomcat-6&7.jar
用于配置 tomcat-redis-session-manager
tomcat-redis-session-manager-master为tomcat集群分布式session分享功能,详细信息见http://blog.csdn.net/fengshizty?viewmode=list对应内容
Ajax请求session超时处理流程 java服务器端处理: SessionValidateFilter中修改: if (ServerInfo.isAjax(request)) { request.setAttribute("statusCode", 301); request.setAttribute("message", "Session ...
支持tomcat8的sessionManager,kuanrf-tomcat-redis-session-manager-1.0.jar
赠送jar包:spring-session-1.3.5.RELEASE.jar; 赠送原API文档:spring-session-1.3.5.RELEASE-javadoc.jar; 赠送源代码:spring-session-1.3.5.RELEASE-sources.jar; 赠送Maven依赖信息文件:spring-session-...
支持tomcat8的redis-session-manager-master,测试环境jdk-8u191、apache-tomcat-8.0.53
官方离线安装包,亲测可用
tomcat-redis-session-manager-2.0.0.jar
tomcat-redis-session-manager-1.2-tomcat-7.jar
实现多个tomcat之间session共享问题,将此jar包放入tomcat lib目录,并在content.xml中配置如下: <Valve className="com.orangefunction.tomcat.redissessions.RedisSessionHandlerValve" /> host="127.0.0.1" ...