Shulou(Shulou.com)06/03 Report--

This article mainly explains the "Shiro processing ajax request intercept login timeout and session timeout page jump method", the content of the article is simple and clear, easy to learn and understand, the following please follow the editor's ideas slowly in-depth, together to study and learn "Shiro processing ajax request interception login timeout and session timeout page jump method" bar!

Catalogue

Shiro processing ajax request intercept login timeout

Configure global ajax configuration

How to deal with Page Jump in Shiro session timeout

Problem description

Ajax request timeout processing

Back-end Filter code

Front-end general ajax processing

Non-ajax request timeout jump

Shiro handles ajax requests intercept login timeout configuration global ajax configuration $.ajaxSetup ({complete:function (XMLHttpRequest,textStatus) {if (textStatus== "parsererror") {$.messager.alert ('prompt', "login timeout! please log in again!" , 'info',function () {_ window.location.href =' login.jsp';});} else if (textStatus== "error") {$.messager.alert ('prompt', "request timed out! please try again later!" , 'info');}})

Just configure the global ajax configuration in js!

Description of the processing problem of Shiro session timeout page jump

After managing session, shiro will jump when session times out. Here, there are two situations to consider: one is ajax request timeout, and the other is page jump request timeout.

This paper considers and deals with these two aspects respectively.

Ajax request timeout processing

Idea: determine whether the current session timeout is based on Filter, and determine whether it is an ajax request. If it is an ajax request, set the session-status value in the session header and return to the front end to read the corresponding value for processing.

Back-end Filter code package com.cnpc.framework.filter;import org.apache.shiro.SecurityUtils;import org.apache.shiro.session.Session;import javax.servlet.*;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.IOException / * * filter filter, get the project path, set the ajax timeout flag * @ author billJiang QQ:475572229 * / public class SystemFilter implements Filter {public void doFilter (ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; System.out.println (request.getRequestURL ()); String basePath = request.getContextPath () Request.setAttribute ("basePath", basePath) If (! SecurityUtils.getSubject (). IsAuthenticated ()) {/ / determine whether there is user information in the session if (request.getHeader ("x-requested-with")! = null & & request.getHeader ("x-requested-with"). EqualsIgnoreCase ("XMLHttpRequest") {/ / if it is an ajax request response header X-requested-with response.setHeader ("session-status", "timeout") / / set session status return;}} filterChain.doFilter (request, servletResponse) in the response header;} @ Override public void destroy () {/ / TODO Auto-generated method stub} @ Override public void init (FilterConfig arg0) throws ServletException {/ / TODO Auto-generated method stub}} frontend general ajax processing

Pay attention to the context of session-status

Function ajaxPost (url, params, callback) {var result = null; var headers= {}; headers ['CSRFToken'] = $("# csrftoken"). Val (); $.ajax ({type:' post', async: false, url: url, data: params, dataType: 'json', headers:headers, success: function (data, status) {result = data If (data&&data.code&&data.code=='101') {modals.error ("Operation failed, please refresh and try again, specific error:" + data.message); return false;} if (callback) {callback.call (this, data, status) }, error: function (err, err1, err2) {console.log ("if an exception occurs in ajaxPost, please check whether the request url is correct. If success appears in the following error message, it means csrftoken update, please ignore"); console.log (err.responseText) If (err & & err.readyState & & err.readyState = ='4') {var sessionstatus=err.getResponseHeader ("session-status"); if (sessionstatus== "timeout") {/ / if it times out, specify the page _ window.location.href=basePath+ "/" to jump to. } else {/ / csrf exception var responseBody = err.responseText; if (responseBody) {responseBody = "{'retData':" + responseBody; var resJson = eval (' ('+ responseBody +')') $("# csrftoken") .val (resJson.csrf.CSRFToken); this.success (resJson.retData, 200);} return } modals.error ({text: JSON.stringify (err) + 'err1:' + JSON.stringify (err1) +' err2:' + JSON.stringify (err2), large: true});}}); return result;} timeout for non-ajax requests

In this experiment, use jquery.load to load the page, and reload jquery.fn.load to rewrite the method, remove the ajax logo through beforeSend, as the timeout returned login page may be embedded in the current page, so you need to determine whether the current page is a login page, if it is a landing page, then jump to the landing page (or home page) again.

The overloaded jquery.fn.load method is as follows, pay attention to the beforeSend and responseText.startWith sections.

Var _ old_load = jQuery.fn.load;jQuery.fn.load = function (url, params, callback) {/ / update for HANZO, 2016-12-22 if (typeof url! = = "string" & & _ old_load) {return _ old_load.apply (this, arguments);} var selector, type, response, self = this, off = url.indexOf ("") If (off >-1) {selector = jQuery.trim (url.slice (off)); url = url.slice (0, off);} if (jQuery.isFunction (params)) {callback = params; params = undefined;} else if (params & & typeof params = = "object") {type = "POST" } if (self.length > 0) {jQuery.ajax ({url: url, beforeSend: function (xhr) {xhr.setRequestHeader ('Xmuri RequestedWhitney, {toString: function () {return';}})) }, type: type | | "GET", dataType: "html", data: params}) .done (function (responseText) {/ / console.log (responseText); response = arguments / / Page timeout jumps to the home page if (responseText.startWith (")) {_ window.location.href=basePath+" / ";} else {self.html (selector?) JQuery ("") .append (jQuery.parseHTML (responseText)) .find (selector): responseText;}}) .always (callback & & function (jqXHR, status) {self.each (function () {callback.apply (this, response | | [jqXHR.responseText, status, jqXHR]);});} return this }

You can test the results by setting the timeout of session. It is important to note that the ajax request uses the ajaxPost method, which uniformly handles timeout jumps.

Thank you for your reading, the above is the content of "Shiro handling ajax request intercept login timeout and session timeout page jump". After the study of this article, I believe you have a deeper understanding of the method of Shiro dealing with ajax request interception login timeout and session timeout page jump, and the specific use also needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.