web.xml配置如下:
<filter> <filter-name>SESSION FILTER</filter-name> <filter-class>com.sinosoft.common.filter.SessionFilter</filter-class> </filter>
在这个Fileter类中doFilter方法校验如果session中没有usercode(用户名)在跳转的时候页面都跳转到登录页面。
public class SessionFilter implements Filter { public void init(FilterConfig filterconfig) throws ServletException { } public void destroy() { } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httprequest = (HttpServletRequest)request; String request_uri = httprequest.getRequestURI(); // 对SESSION是否有效进行校验 boolean flag = checkSession((HttpServletRequest) request, (HttpServletResponse) response); if (flag) IndivCheck.indivCheck((HttpServletRequest) request); chain.doFilter(request, response); } } private boolean checkSession(HttpServletRequest request, HttpServletResponse response) { // 如果Session失效,返回null; HttpSession session = request.getSession(false); String URI = request.getRequestURI(); if ((null != request.getParameter("userCode") && null != request.getParameter("password"))) { return true; } else { try { String userCode = (String) session.getAttribute(CASFilter.CAS_FILTER_USER); UserMsgResInfo userMsgResInfo = null; UserInfo userInfo = null; String ssoRequester = request.getParameter("ssoRequester"); userInfo = (UserInfo) session.getAttribute("userInfo"); // 获取页面中的用户,如果为空 返回登录页面 if (null == userInfo) { response.sendRedirect("/prpins"); return false; } } catch (Exception e) { System.out.println("登录超时,请重新登录"); try { response.sendRedirect("/prpins"); } catch (IOException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } e.printStackTrace(); return false; } return true; } } }