Session超时,唯一性

编程语言 2018-05-11 15:17:59 阅读次数: 1
配置缓存文件,用来存储SessionId,将UserId作为key。(此处未贴代码)
创建sessionTimeOut.jsp文件(此处未贴代码)

-----------------------------------------------------------默默无闻的分割线-----------------------------------------------------------
配置Struts.xml文件(Class属性不用配置,仅用于跳转)
<action name="sessionTimeOut">
    <result name="success">/WEB-INF/page/sessionTimeOut.jsp</result>
</action>

-----------------------------------------------------------默默无闻的分割线-----------------------------------------------------------
Action文件(登录时保存SessionId)
public String login(){
        HttpSession session = ServletActionContext.getRequest().getSession();
        //验证码
        String genValidatecode = (String)session.getAttribute("RANDOMVALIDATECODEKEY");
        session.setAttribute("user", student);//这里是引用传递,如果add方法也是这个Action,则添加用户时会更改Student的属性值。
        String sessionID = session.getId();
        //将sessionId存入缓存
        EhcacheUtil.getInstance().put("com.sessoinId", student.getStuNo(), sessionID);
        return SUCCESS;
}
-----------------------------------------------------------默默无闻的分割线-----------------------------------------------------------
创建用户登录校验过滤器LoginFilter
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import com.shenzhen.management.pojo.Student;

public class LoginFilter implements Filter {
    private FilterConfig filterConfig;
    private String noFilterURI;
    Logger logger = Logger.getLogger(LoginFilter.class);

    public LoginFilter() {
        filterConfig = null;
        noFilterURI = null;
    }

   public void init(FilterConfig filterConfig) throws ServletException{
       this.filterConfig = filterConfig;
       noFilterURI = filterConfig.getInitParameter("noFilterURI");
   }
   
    public void destroy(){
        filterConfig = null;
    }

     public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)throws IOException, ServletException{

         HttpServletRequest request  = (HttpServletRequest)servletRequest;
         String indexURI = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+request.getContextPath();

         //用户登录检查
         String requestUrl = request.getRequestURL().toString();
         logger.debug(requestUrl);
         if(requestUrl.equals(indexURI+"/")||requestUrl.equals(indexURI+"/login")||requestUrl.equals(indexURI+"/sessionTimeOut")||requestUrl.endsWith("imageServlet.servlet")||requestUrl.endsWith(".js")){
              filterChain.doFilter(servletRequest, servletResponse);
         }else{
              HttpSession session = request.getSession();
              Student user = (Student)session.getAttribute("user");
              if(null == user){
                  HttpServletResponse response = (HttpServletResponse)servletResponse;
                  response.sendRedirect(indexURI+"/sessionTimeOut");
         }else{
                  filterChain.doFilter(servletRequest, servletResponse);
         } 
       } 
    }
}
-----------------------------------------------------------默默无闻的分割线-----------------------------------------------------------
创建Session唯一性过滤器OnlySession
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import com.shenzhen.management.pojo.Student;
import com.shenzhen.management.util.ehcache.EhcacheUtil;

public class OnlySession implements Filter {
    private FilterConfig filterConfig;
    Logger logger = Logger.getLogger(OnlySession.class);
    public OnlySession() {
        filterConfig = null;
    }

    public void init(FilterConfig filterConfig) throws ServletException{
        this.filterConfig = filterConfig;
    }
    public void destroy(){
        filterConfig = null;
    }
/**
* session超时和session唯一性检查
*/
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)throws IOException,ServletException{
    HttpServletRequest request  = (HttpServletRequest)servletRequest;
    String indexURI = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+request.getContextPath();
    String requestUrl = request.getRequestURL().toString();
    //登录时不进行拦截
    if(requestUrl.equals(indexURI+"/")||requestUrl.equals(indexURI+"/login")||requestUrl.equals(indexURI+"/sessionTimeOut")||requestUrl.endsWith("imageServlet.servlet")||requestUrl.endsWith(".js"))
    {
    filterChain.doFilter(servletRequest, servletResponse);
    }else{ 
         Student user = (Student)request.getSession().getAttribute("user");
         HttpServletResponse response = (HttpServletResponse)servletResponse;
         //如果session超时
         if(null == user){
             response.sendRedirect(indexURI+"/sessionTimeOut");
         }else{
             String userId = user.getStuNo();
             String sessionId = request.getSession().getId();
             String onlySessionId = (String)EhcacheUtil.getInstance().get("com.sessoinId", userId);
             if(sessionId.equals(onlySessionId)){
                 filterChain.doFilter(servletRequest, servletResponse);
              }else{
                  response.sendRedirect(indexURI+"/sessionTimeOut");
               }
          }
      }
   }
}
-----------------------------------------------------------默默无闻的分割线-----------------------------------------------------------
配置web.xml文件(以下Filter配置在Struts2的org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter前面)
  <filter>
    <filter-name>LoginFilter</filter-name>
    <filter-class>com.shenzhen.management.util.session.LoginFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>LoginFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>
  <filter>
    <filter-name>OnlySession</filter-name>
    <filter-class>com.shenzhen.management.util.session.OnlySession</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>OnlySession</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>
  <session-config>
    <session-timeout>1</session-timeout>
  </session-config>
-----------------------------------------------------------默默无闻的分割线-----------------------------------------------------------
草稿,希望大家多指教,留言 ,帮助小弟完善。

猜你喜欢

转载自isiah-zhou.iteye.com/blog/2293530
今日推荐
基于大语言模型的开源知识库问答系统 MaxKB GitHub Star 数量突破 5,000 个!
美国拟限制 AI 大模型出口中国和俄罗斯
苹果将与 OpenAI 达成协议,将 ChatGPT 应用于 iPhone
openKylin 社区生态委员会第六次会议圆满召开
阿里云正式发布通义千问 2.5
Python 3.13 发布首个 Beta:实验性自由线程模式和 JIT、改进交互式解释器
Stack Overflow 拿我的代码去训练 AI 大模型,还封了我的账号
Pop!_OS 的 COSMIC 桌面完成 App Store 上架工作
《2024 年一季度互联网投融资运行情况》研究报告
报告:Django 仍然是 74% 开发者的首选
15 年前上了“FFmpeg 耻辱柱”,今天他还得谢谢咱——腾讯QQPlayer一雪前耻?
TIOBE 5 月榜单:Fortran “复活”进入 Top 10
周排行
记一下去大梅沙的准备(2018-05-26)
Spring 注解 事务
基于HTTP协议的客户端缓存
阿里云rds 备份和还原
[PHP] 几个拖慢 PHP 程序/API 运行速度的点
python 代码风格------------PEP8规则
js控制json生成菜单——自制菜单(一)
将字符串: 'k:1|k1:2|k2:3|k3:4 ' ,处理成 python 字典: {'k':1, 'k1':2, ...}
微信小程序转支付宝小程序
Qt551.窗口滚动条
每日归档
更多
2024-05-13(18)
2024-05-12(0)
2024-05-11(38)
2024-05-10(38)
2024-05-09(35)
2024-05-08(42)
2024-05-07(14)
2024-05-06(40)
2024-05-05(0)
2024-05-04(7)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022