如何在Java Web应用程序中将会话过期时重定向到“登录”页面?
我正在JBoss AS 5中运行一个Web应用程序。我还有一个servlet过滤器,它拦截了对服务器的所有请求。现在,如果会话已过期,我想将用户重定向到登录页面。我需要执行此操作'isSessionExpired()'检查过滤器并需要相应地重定向用户。我该怎么做?我在web.xml中设置会话时间限制,如下所示:
I'm running a web application in JBoss AS 5. I also have a servlet filter which intercepts all the requests to the server. Now, I want to redirect the users to the login page, if the session has expired. I need to do this 'isSessionExpired()' check in the filter and need to redirect the user accordingly. How do I do it? I'm setting my session time limit in web.xml, as below:
<session-config>
<session-timeout>15</session-timeout>
</session-config>
您可以使用过滤并进行以下测试:
You could use a Filter and do the following test:
HttpSession session = request.getSession(false);// don't create if it doesn't exist
if(session != null && !session.isNew()) {
chain.doFilter(request, response);
} else {
response.sendRedirect("/login.jsp");
}
以上代码未经测试。
然而,这不是最广泛的解决方案。您还应该测试会话中是否有某些特定于域的对象或标志,然后才会假定因为会话不是新用户必须已登录。偏执!
This isn't the most extensive solution however. You should also test that some domain-specific object or flag is available in the session before assuming that because a session isn't new the user must've logged in. Be paranoid!