我有一个拦截器来处理用户会话。如果user
属性不存在,则拦截器将重定向到登录页面。我想使用重定向网址发送session timeout
消息,但我不想在网址中显示该消息。我为RedirectAttributes
或FlashMap
搜索了很多内容,但我找不到任何好的解决方案。
public class UserSessionInterceptor extends HandlerInterceptorAdapter {
protected final Logger logger = LoggerFactory.getLogger(this.getClass());
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
User user = (User)request.getSession().getAttribute(CommonConstants.USER_SESSION_KEY);
if (user == null) {
String msg = String.format("session timeout");
logger.error(msg);
// response.sendRedirect("/signin?errorMessage=" + msg); //I don't want to do this..
return false;
}
return true;
}
}
signinController片段:
@Controller
@SessionAttributes(CommonConstants.KAPTCHA_SESSION_KEY)
public class SigninController extends BaseController {
@RequestMapping(value = "/signin", method = RequestMethod.GET)
public String signinPage() {
return "forward:/index.jsp";
}
@RequestMapping(value = "/signin", method = RequestMethod.POST)
public String signin(UserForm userForm, @ModelAttribute(CommonConstants.KAPTCHA_SESSION_KEY) String captchaExpected, RedirectAttributes redirectAttributes, HttpServletRequest request) {
userForm.setCaptchaExpected(captchaExpected);
try {
loginValidator.validate(userForm);
} catch (ValidateFailedException e) {
logger.error(e.getMessage(), e);
redirectAttributes.addFlashAttribute(ERROR_MESSAGE_KEY, e.getMessage());
return "redirect:/signin";
}
User user = userService.getByUsername(userForm.getUsername());
if (user == null || !user.getPassword().equals(DigestUtils.md5Hex(userForm.getPassword()))) {
redirectAttributes.addFlashAttribute(ERROR_MESSAGE_KEY, "username or password is invalid");
return "redirect:/signin";
}
request.getSession().setAttribute(CommonConstants.USER_SESSION_KEY, user);
return "redirect:/dashboard";
}
}
index.jsp片段:
<%@page contentType="text/html; charset=utf-8"%>
<%@ include file="/WEB-INF/jsp/include.jsp" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>welcome</title>
<meta http-equiv="pragma" content="no-cache" />
<meta http-equiv="keywords" content="" />
<meta http-equiv="description" content="" />
<link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
<link rel="stylesheet" href="${ctx}/css/bootstrap.min.css">
<link rel="stylesheet" href="${ctx}/css/main.css">
<script src="${ctx}/js/jquery-1.11.1.min.js"></script>
<script src="${ctx}/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="login-box text-center" >
<div class="login-single-panel-header">
<h5 style="color:red">${errorMessage}</h5>
</div>
</div>
</div>
</body>
</html>
非常感谢!
答案 0 :(得分:9)
我刚遇到同样的问题。 我对spring源代码进行了调试,寻找spring mvc与flashmap属性的相同之处,并在会话中提出了相同的flashmap属性。
这是我的最后一个解决方案:
// create a flashmap
FlashMap flashMap = new FlashMap();
// store the message
flashMap.put("ERROR_MESSAGE", "this is the message");
// create a flashmapMapManger with `request`
FlashMapManager flashMapManager = RequestContextUtils.getFlashMapManager(request);
// save the flash map data in session with falshMapManager
flashMapManager.saveOutputFlashMap(flashMap, request, response);
org.springframework.web.servlet.view.RedirectView#renderMergedOutputModel
,您可以自己查看希望这会对你有所帮助!
答案 1 :(得分:0)
以下是在Spring 5.0
中执行此操作的另一种方法public class LoginInterceptor extends HandlerInterceptorAdapter{
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String loginUrl = request.getContextPath() + "/login";
if(request.getSession().getAttribute("loggedInUser") == null) {
FlashMap outputFlashMap = RequestContextUtils.getOutputFlashMap(request);
outputFlashMap.put("loginError", "Please login to continue");
//New utility added in Spring 5
RequestContextUtils.saveOutputFlashMap(loginUrl, request, response);
response.sendRedirect(loginUrl);
return false;
}
return true;
}
}