SpringSecurity with JQuery AJAX - Handle Session Timeout - 快马扬鞭须努力！

sillycat

浏览: 2539771 次
性别:
来自: 成都

最近访客更多访客>>

huageng520

learnmore

u012363178

ymgjava

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

SpringSecurity with JQuery AJAX - Handle Session Timeout

博客分类：

Summary

SpringSecurity with JQuery AJAX - Handle Session Timeout

1. Simple But not Best Solution
<script type="text/javascript"   src="http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script>
<script src="../resources/components/json/json2.js"></script>
<script type="text/javascript">

$(function() {

$("#GetAjax").click(function() {
    var theId = $.trim($("#theId").val());
    $.ajax({
          type: "GET",
          url: "../service/person/" + theId,
          contentType: "application/json",
          cache: false,
          success: onSuccess
    });
});

function onSuccess(data,status)
{
if (HasErrors(data)){
return;
}
    $("#resultLog").html("Result: " + data.personName + " status:" + status);
}

});

function HasErrors(data) {
var data_str = JSON.stringify(data);
alert(data_str);
// check for redirect to login page
if (data_str.search(/j_spring_security_check/i) != -1) {
top.location.href = './openidlogin.jsp';
    return true;
}
// check for IIS error page
if (data_str.search(/Internal Server Error/) != -1) {
    alert('Server Error.');
    return true;
}
// check for our custom error handling page
if (data_str.search(/Error.jsp/) != -1) {
    alert('An error occurred on the server. The Technical Support Team has been provided with the error details.');
    return true;
}
return false;
}

</script>

But this solution is not good.

2. Better Way to Handle this with Spring Security Server Side
Spring Configuration Changes
<security:http access-denied-page="/denied.jsp" use-expressions="true" entry-point-ref="authenticationProcessingFilterEntryPoint">

<bean id="authenticationProcessingFilterEntryPoint" class="com.sillycat.easyopenidgoogle.security.AjaxAwareAuthenticationEntryPoint">
        <property name="loginFormUrl" value="/openidlogin.jsp"/>
        <property name="forceHttps" value="false"/>
</bean>

The customized Java class is as follow:
package com.sillycat.easyopenidgoogle.security;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;

public class AjaxAwareAuthenticationEntryPoint extends
LoginUrlAuthenticationEntryPoint {

private final Log log = LogFactory.getLog(this.getClass());

public void commence(HttpServletRequest request,
HttpServletResponse response, AuthenticationException authException)
throws IOException, ServletException {
if (request.getHeader("X-AjaxRequest") != null
&& request.getHeader("X-AjaxRequest").equals("1")) {
((HttpServletResponse) response).sendError(403, "");
log.debug("Ajax parameter: " + request.getHeader("X-AjaxRequest"));
} else {
super.commence(request, response, authException);
log.debug("Ajax parameter: " + request.getHeader("X-AjaxRequest"));
}
}

}

And our AJAX client codes will be as follow:
    $.ajax({
          type: "GET",
          url: "../service/person/" + theId,
          'beforeSend': function(data) {
                data.setRequestHeader("X-AjaxRequest", "1");
          },
          contentType: "application/json",
          cache: false,
          success: onSuccess,
          complete: function(data) {
              //alert(data + " " + data.status);
        if (data.status == 403) {
                    window.location.reload();
              }
          }
    });

references:
http://forum.springsource.org/showthread.php?95881-Ajax-request-session-timeout
http://forum.springsource.org/showthread.php?85088-Spring-security-session-timeout-and-JQuery
http://stackoverflow.com/questions/3339431/how-to-handle-expired-session-using-spring-security-and-jquery
http://blog.csdn.net/foamflower/article/details/5802743

http://cyr520.blog.51cto.com/714067/759731

分享到：

RabbitMQ(6)Java Client - Routing | AjaxFileUpload(1)Simple File Upload Samp ...

2012-07-05 11:16
浏览 2800
评论(0)
分类:Web前端
查看更多

发表评论

您还没有登录,请您登录后再发表评论

最近访客更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论

SpringSecurity with JQuery AJAX - Handle Session Timeout

评论

发表评论

相关推荐

最近访客 更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论

SpringSecurity with JQuery AJAX - Handle Session Timeout

评论

发表评论

相关推荐

Stop Update Here

NodeJS12 and Zlib

Docker Swarm 2020(2)Docker Swarm and Portainer

Docker Swarm 2020(1)Simply Install and Use Swarm

Traefik 2020(1)Introduction and Installation

Portainer 2020(4)Deploy Nginx and Others

Private Registry 2020(1)No auth in registry Nginx AUTH for UI

Docker Compose 2020(1)Installation and Basic

VPN Server 2020(2)Docker on CentOS in Ubuntu

Buffer in NodeJS 12 and NodeJS 8

NodeJS ENV Similar to JENV and PyENV

Prometheus HA 2020(3)AlertManager Cluster

Serverless with NodeJS and TencentCloud 2020(5)CRON and Settings

GraphQL 2019(3)Connect to MySQL

GraphQL 2019(2)GraphQL and Deploy to Tencent Cloud

GraphQL 2019(1)Apollo Basic

Serverless with NodeJS and TencentCloud 2020(4)Multiple Handlers and Running wit

Serverless with NodeJS and TencentCloud 2020(3)Build Tree and Traverse Tree

Serverless with NodeJS and TencentCloud 2020(2)Trigger SCF in SCF

Serverless with NodeJS and TencentCloud 2020(1)Running with Component

最近访客更多访客>>