In the Struts application, the requests we make will be processed by the corresponding interceptor. Generally, there will be a user login interception (Session failure interception); for general requests, if the Session fails, we will jump to the login page. , but if we use AJAX to request, the HTML code of the login page will be returned. This is definitely not what we want, so how do we solve it? Please see the following steps:
1. Establish an interceptor
package com.xxx.planeap.interceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.apache.struts2.ServletActionContext;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.ActionSupport;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import com.xxx.common.contants.ConstantsKey;
import com.xxx.common.contants.SessionKey;
import com.xxx.planeap.domain.User;
import com.xxx.planeap.security.SecurityContextUtil;
/**
*
* @author Goma OMA1989@YEAH.NET
* @version v1.0
* @since 2012-05-31
*
*/
public class SecurityInterceptor extends AbstractInterceptor {
private static final long serialVersionUID = 1L;
private Logger logger = Logger.getLogger(SecurityInterceptor.class);
@Override
public String intercept(ActionInvocation invocation) throws Exception {
// TODO Auto-generated method stub
String className = invocation.getAction().getClass().getName();
String action = className.substring(className.lastIndexOf(".")+1,className.length());
String actionName = invocation.getProxy().getActionName();
String result;
HttpServletRequest request = ServletActionContext.getRequest();
HttpServletResponse response = ServletActionContext.getResponse();
String type = request.getHeader("X-Requested-With");
User user = (User) ActionContext.getContext().getSession().get(SessionKey.CURRENT_USER);
if (user == null) {
logger.debug("SECURITY CHECKED: NEED TO LOGIN");
if ("XMLHttpRequest".equalsIgnoreCase(type)) {// AJAX REQUEST PROCESS
response.setHeader("sessionstatus", ConstantsKey.MSG_TIME_OUT);
result = null;
} else {// NORMAL REQUEST PROCESS
result = ActionSupport.LOGIN;
}
} else {
logger.debug("SECURITY CHECKED: USER HAS LOGINED");
SecurityContextUtil.setCurrentUser(user);
boolean hanPerm = SecurityContextUtil.hasPerm(action, actionName);
logger.debug("SECURITY CHECKED: PERMISSION---"+action+"."+actionName+"="+hanPerm);
result = invocation.invoke();
}
return result;
}
}2. Define the global AJAX request end processing method
//全局的AJAX访问,处理AJAX清求时SESSION超时
$.ajaxSetup({
contentType:"application/x-www-form-urlencoded;charset=utf-8",
complete:function(XMLHttpRequest,textStatus){
//通过XMLHttpRequest取得响应头,sessionstatus
var sessionstatus=XMLHttpRequest.getResponseHeader("sessionstatus");
if(sessionstatus=="timeout"){
//这里怎么处理在你,这里跳转的登录页面
window.location.replace(PlanEap.getActionURI("login"));
}
}
});That is, when ajax sends a request, if the interception returns an indication Just jump, otherwise perform normal operations.
For more related articles on how to jump to the login page after Ajax Session failure, please pay attention to the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
