赞
踩
1、网站系统登录,从安全的角度来考虑,登录会话超时,再次页面会退到登录界面。
2、本文配置如何通过过滤器(Filter)实现会话超时(如30分钟)跳转到登录页面,分LoginFilter.java类和web.xml配置两部分。
- package com.sale.filter;
- import java.io.IOException;
-
- import javax.servlet.Filter;
- import javax.servlet.FilterChain;
- import javax.servlet.FilterConfig;
- import javax.servlet.ServletException;
- import javax.servlet.ServletRequest;
- import javax.servlet.ServletResponse;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import javax.servlet.http.HttpSession;
- /**
- * @author 作者:Justin
- * @version 创建时间:2018年1月25日 上午10:36:23
- * 类说明
- */
-
-
- public class LoginFilter implements Filter {
- @Override
- public void destroy() {
- // TODO Auto-generated method stub
-
- }
- @Override
- public void doFilter(ServletRequest req, ServletResponse res,
- FilterChain chain) throws IOException, ServletException {
-
- HttpServletRequest httpReq=(HttpServletRequest)req;
- HttpServletResponse httpRes=(HttpServletResponse)res;
- HttpSession httpSession=httpReq.getSession();
- String path = httpReq.getRequestURI(); //当前请求相对url
- String loginUrl = httpReq.getContextPath()+ "/loginout.action"; //1.登录界面url
- String initUrl = httpReq.getContextPath()+ "/tevo_loginInit.action"; //2.初始化界面url
- String userName = (String)httpSession.getAttribute("currentUsername"); //在session中获取当前用户名
- // 1、登陆页面、初始化页面不过滤
- if(loginUrl.equals(path) || initUrl.equals(path)) {
- chain.doFilter(req, res);
- return;
- }
- //
- if(userName==null){
- httpRes.sendRedirect(loginUrl);
- return;
- }else{
- chain.doFilter(req, res);
- return;
- }
- }
- @Override
- public void init(FilterConfig arg0) throws ServletException {
- // TODO Auto-generated method stub
-
- }
-
- }
- <?xml version="1.0" encoding="UTF-8"?>
- <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
-
-
- <!-- configure loginFilter -->
- <filter>
- <filter-name>loginFilter</filter-name>
- <filter-class>com.sale.filter.LoginFilter</filter-class>
- </filter>
- <filter-mapping>
- <filter-name>loginFilter</filter-name>
- <url-pattern>*.action</url-pattern>
- </filter-mapping>
- <!-- configure session timeout 30 minute -->
- <session-config>
- <session-timeout>30</session-timeout>
- </session-config>
-
- </web-app>
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。