当会话在 Java Web 应用程序中过期时如何重定向到登录页面? [英] How to redirect to Login page when Session is expired in Java web application?

问题描述

我正在 JBoss AS 5 中运行一个 Web 应用程序.我还有一个 servlet 过滤器，它拦截对服务器的所有请求.现在，如果会话已过期，我想将用户重定向到登录页面.我需要在过滤器中执行此isSessionExpired()"检查，并需要相应地重定向用户.我该怎么做?我在 web.xml 中设置我的会话时间限制，如下所示:

I'm running a web application in JBoss AS 5. I also have a servlet filter which intercepts all the requests to the server. Now, I want to redirect the users to the login page, if the session has expired. I need to do this 'isSessionExpired()' check in the filter and need to redirect the user accordingly. How do I do it? I'm setting my session time limit in web.xml, as below:

<session-config>
    <session-timeout>15</session-timeout>
</session-config>

推荐答案

您可以使用 过滤并进行以下测试:

You could use a Filter and do the following test:

HttpSession session = request.getSession(false);// don't create if it doesn't exist
if(session != null && !session.isNew()) {
    chain.doFilter(request, response);
} else {
    response.sendRedirect("/login.jsp");
}

以上代码未经测试.

然而，这不是最广泛的解决方案.您还应该测试会话中是否存在某些特定于域的对象或标志，然后再假设因为会话不是新的用户必须已登录.偏执！

This isn't the most extensive solution however. You should also test that some domain-specific object or flag is available in the session before assuming that because a session isn't new the user must've logged in. Be paranoid!

这篇关于当会话在 Java Web 应用程序中过期时如何重定向到登录页面?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！