Java 在不使用 Spring Security 的情况下，在 spring mvc 会话超时时将页面重定向到登录页面

Question

提问by romil gaurav

Its easy to do with Spring Security. But what if I am not using Spring Security and want to redirect the user to login page with a message "Session Expired" in Spring MVC.

使用 Spring Security 很容易做到。但是，如果我不使用 Spring Security 并且想要在 Spring MVC 中使用消息“会话已过期”将用户重定向到登录页面，该怎么办。

Does Spring has any specific method to do this?

Spring 有什么具体的方法可以做到这一点吗？

Answer 1

采纳答案by romil gaurav

Finally solved.

终于解决了。

I added Filters in web.xml.

我在 web.xml 中添加了过滤器。

 <filter>
    <filter-name>SessionFilter</filter-name>
    <filter-class>
        com.java.util.SessionFilter
    </filter-class>
    <init-param>
        <param-name>avoid-urls</param-name>
        <param-value>/firstPage.htm</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>SessionFilter</filter-name>
    <url-pattern>*.htm</url-pattern>
</filter-mapping>

Then created a Filter class

然后创建了一个Filter类

    import java.io.IOException;
    import java.util.ArrayList;
    import java.util.StringTokenizer;
    import javax.servlet.Filter;
    import javax.servlet.FilterChain;
    import javax.servlet.FilterConfig;
    import javax.servlet.ServletException;
    import javax.servlet.ServletRequest;
    import javax.servlet.ServletResponse;
    import javax.servlet.http.HttpServletRequest;
    import javax.servlet.http.HttpServletResponse;
    import javax.servlet.http.HttpSession;

    public class SessionFilter implements Filter {

private ArrayList<String> urlList;

public void destroy() {
}

public void doFilter(ServletRequest req, ServletResponse res,
        FilterChain chain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) res;
    String url = request.getServletPath();
    boolean allowedRequest = false;
    if (urlList.contains(url)) {
        allowedRequest = true;
    }

    if (!allowedRequest) {
        HttpSession session = request.getSession(false);
        if (null == session) {
            response.sendRedirect("startup.jsp");
        } else {
            chain.doFilter(request, response);
        }
    } else {
        chain.doFilter(request, response);
    }
}

public void init(FilterConfig config) throws ServletException {
    String urls = config.getInitParameter("avoid-urls");
    StringTokenizer token = new StringTokenizer(urls, ",");
    urlList = new ArrayList<String>();
    while (token.hasMoreTokens()) {
        urlList.add(token.nextToken());

    }
}
}

Notice I executed this line " chain.doFilter(request, response);" only when session is active. Otherwise it would give the exception "java.lang.IllegalStateException: Cannot forward after response has been committed"

注意我执行了这一行“chain.doFilter(request, response);” 仅当会话处于活动状态时。否则它会给出异常“java.lang.IllegalStateException：提交响应后无法转发”

Answer 2

回答by Sireesh Yarlagadda

Yes, you can do using the following snippet. Try to include this lines in header of the page. And replace the User attribute according to the user session object.

是的，您可以使用以下代码段。尝试将此行包含在页面的标题中。并根据用户会话对象替换用户属性。

HttpSession session = request.getSession("User");
if(session != null && !session.isNew()) {
   //do something here
} else {
    response.sendRedirect("/redirect_the_page.jsp");
}

Java 在不使用 Spring Security 的情况下，在 spring mvc 会话超时时将页面重定向到登录页面

提问by romil gaurav

采纳答案by romil gaurav

回答by Sireesh Yarlagadda

相关推荐

最近更新

标签

Java 在不使用 Spring Security 的情况下，在 spring mvc 会话超时时将页面重定向到登录页面

提问by romil gaurav

采纳答案by romil gaurav

回答by Sireesh Yarlagadda

相关推荐

在 Java 中出错，不知道我做错了什么

Java：添加两个对象

Java 错误：在访问 Cursor 中的数据之前，请确保它已正确初始化？

Java 私有类的公共构造函数

相关推荐

最近更新

标签