BlogJava-Knight of the round table-文章分类-Java Securityhttp://www.blogjava.net/wansong/category/45738.htmlwansongzh-cnSat, 21 Jan 2012 15:10:59 GMTSat, 21 Jan 2012 15:10:59 GMT60Glassfish v2 替换及使用自定义证书http://www.blogjava.net/wansong/articles/368744.htmlw@ns0ngw@ns0ngThu, 19 Jan 2012 04:55:00 GMThttp://www.blogjava.net/wansong/articles/368744.htmlhttp://www.blogjava.net/wansong/comments/368744.htmlhttp://www.blogjava.net/wansong/articles/368744.html#Feedback0http://www.blogjava.net/wansong/comments/commentRss/368744.htmlhttp://www.blogjava.net/wansong/services/trackbacks/368744.htmlhttp://www.iteye.com/topic/235907

w@ns0ng 2012-01-19 12:55 发表评论
]]>session 超时问题处理 ajax(Extjs) http://www.blogjava.net/wansong/articles/335116.htmlw@ns0ngw@ns0ngThu, 14 Oct 2010 05:12:00 GMThttp://www.blogjava.net/wansong/articles/335116.htmlhttp://www.blogjava.net/wansong/comments/335116.htmlhttp://www.blogjava.net/wansong/articles/335116.html#Feedback0http://www.blogjava.net/wansong/comments/commentRss/335116.htmlhttp://www.blogjava.net/wansong/services/trackbacks/335116.html
2009-11-26

Extjs session 超时问题处理

关键字: extjs session 超时问题处理

对于普通的http请求,可以通过过滤器Filter来判断session超时,然后跳转到登录页面;但是对于Ajax请求,则不会如期待的那样自动转到登录页面(我试了网站上的许多种方案,都是停留在当前页面),好不容易找一篇,但是代码还是有点问题,不能运行,自己修改了下,并测试通过,所以拿出来分享下。
不论是普通http请求还是ajax请求,都可以通过过滤器/拦截器来将请求捕获,而且区分这两种请求在于头部信息的不同:普通http请求的header参数中没有x-requested-with:XMLHttpRequest头信息,而异步的有。

 

自己定义一个Filter,然后在doFilter()中加如下代码:

Java代码 复制代码
  1. if (request.getHeader("x-requested-with") != null     
  2.         && request.getHeader("x-requested-with").equalsIgnoreCase(    //ajax超时处理      
  3.                 "XMLHttpRequest")) {      
  4.     response.addHeader("sessionstatus""timeout");      
  5. }else{//http超时的处理      
  6. }    

  

再在WEB.XML文件中配置这个Filter,并且要放在STRUTS2的StrutsPrepareAndExecuteFilter前面,相关代码:

Xml代码 复制代码
  1. <filter>      
  2.        <filter-name>xxxFilter</filter-name>      
  3.        <filter-class>xx.xxx.xxx.xxxxFilter</filter-class>      
  4. </filter>      
  5.         
  6. <filter-mapping>      
  7.        <filter-name>xxxFilter</filter-name>      
  8.        <url-pattern>*.jsp</url-pattern>      
  9. </filter-mapping>    

 

在每个功能JS中添加代码:

 

Js代码 复制代码
  1. Ext.Ajax.on('requestcomplete',checkUserSessionStatus, this);    
  2. function checkUserSessionStatus(conn,response,options) {      
  3.      
  4. var sessionStatus = response.getResponseHeade["sessionstatus"];    
  5.            
  6.         if(typeof(sessionStatus) != "undefined"){        
  7.             Ext.Msg.alert('提示''会话超时,请重新登录!'function(btn, text){      
  8.                 if (btn == 'ok'){      
  9.                     var redirect = 'http://localhost:8080/项目名/login.jsp';      
  10.                     window.location = redirect;      
  11.                 }      
  12.             });      
  13.          }        
  14. }     


w@ns0ng 2010-10-14 13:12 发表评论
]]>LDAPhttp://www.blogjava.net/wansong/articles/329075.htmlw@ns0ngw@ns0ngTue, 17 Aug 2010 02:36:00 GMThttp://www.blogjava.net/wansong/articles/329075.htmlhttp://www.blogjava.net/wansong/comments/329075.htmlhttp://www.blogjava.net/wansong/articles/329075.html#Feedback0http://www.blogjava.net/wansong/comments/commentRss/329075.htmlhttp://www.blogjava.net/wansong/services/trackbacks/329075.htmlhttp://man.lupaworld.com/content/manage/ringkee/openldap.htm        

http://www.ibm.com/developerworks/cn/java/j-acegi2/           ldap acegi

http://www.zytrax.com/books/ldap/   ldap information



w@ns0ng 2010-08-17 10:36 发表评论
]]>sso cashttp://www.blogjava.net/wansong/articles/327495.htmlw@ns0ngw@ns0ngThu, 29 Jul 2010 09:32:00 GMThttp://www.blogjava.net/wansong/articles/327495.htmlhttp://www.blogjava.net/wansong/comments/327495.htmlhttp://www.blogjava.net/wansong/articles/327495.html#Feedback0http://www.blogjava.net/wansong/comments/commentRss/327495.htmlhttp://www.blogjava.net/wansong/services/trackbacks/327495.html

w@ns0ng 2010-07-29 17:32 发表评论
]]>在Tomcat与JBoss服务器的 执行LDAP权限认证为Java应用程序http://www.blogjava.net/wansong/articles/327190.htmlw@ns0ngw@ns0ngTue, 27 Jul 2010 02:11:00 GMThttp://www.blogjava.net/wansong/articles/327190.htmlhttp://www.blogjava.net/wansong/comments/327190.htmlhttp://www.blogjava.net/wansong/articles/327190.html#Feedback0http://www.blogjava.net/wansong/comments/commentRss/327190.htmlhttp://www.blogjava.net/wansong/services/trackbacks/327190.html

w@ns0ng 2010-07-27 10:11 发表评论
]]>ssohttp://www.blogjava.net/wansong/articles/326938.htmlw@ns0ngw@ns0ngFri, 23 Jul 2010 06:41:00 GMThttp://www.blogjava.net/wansong/articles/326938.htmlhttp://www.blogjava.net/wansong/comments/326938.htmlhttp://www.blogjava.net/wansong/articles/326938.html#Feedback0http://www.blogjava.net/wansong/comments/commentRss/326938.htmlhttp://www.blogjava.net/wansong/services/trackbacks/326938.html
http://java.e800.com.cn/articles/2008/74/1215158762697_4.html  JBoss下的单点登陆(SSO)技术实现分析

http://www.blogjava.net/security/archive/2006/10/09/73199.html


自我实践:
1)根据官方文档配置josso,如下:

     gateway install --target D:/apache-tomcat-6.0.26 --platform tc60
     agent install --target D:/apache-tomcat-6.0.26 --platform tc60
     samples install --target D:/apache-tomcat-6.0.26 --platform tc60


2)修改D:\jdk1.6.0_13\jre\lib\security\java.security,如下:
     login.config.url.1=file:D:/apache-tomcat-6.0.26/conf/jaas.conf

3)根据josso-credentials.xml中的用户名和密码登录

w@ns0ng 2010-07-23 14:41 发表评论
]]>