import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;/** * 登錄過濾器 *　　擁有Session是否失效和用戶是否登錄2個條件判斷 *　　如果是ajax請求則設置session超時 * @author Merlin.Ma * */public class LoginFilter implements Filter{  private String redirectUrl = "/login.html";  private String sessionKey = "userName";  @Override  public void destroy() {  }  @Override  public void doFilter(ServletRequest request, ServletResponse response,      FilterChain chain) throws IOException, ServletException {    HttpServletRequest req = (HttpServletRequest) request;    HttpServletResponse rep = (HttpServletResponse) response;    HttpSession session = req.getSession();    if( session == null || session.getAttribute(sessionKey) == null){      //如果判斷是 AJAX 請求,直接設置為session超時      if( req.getHeader("x-requested-with") != null && req.getHeader("x-requested-with").equals("XMLHttpRequest") ) {        rep.setHeader("sessionstatus", "timeout");       } else {        rep.sendRedirect( req.getContextPath() + redirectUrl);      }    }else {      chain.doFilter(request, response);    }     }  @Override  public void init(FilterConfig filterConfig) throws ServletException {    String url = filterConfig.getInitParameter("redirectUrl");    String key = filterConfig.getInitParameter("sessionKey");    redirectUrl = url == null? redirectUrl:url;    sessionKey = key == null ? sessionKey : key ;  }}

//全局的ajax訪問，處理ajax清求時sesion超時 $.ajaxSetup({  contentType : "application/x-www-form-urlencoded;charset=utf-8",  complete : function(XMLHttpRequest, textStatus) {    var sessionstatus = XMLHttpRequest.getResponseHeader("sessionstatus"); // 通過XMLHttpRequest取得響應頭，sessionstatus，    if (sessionstatus == "timeout") {      // 如果超時就處理 ，指定要跳轉的頁面      window.location.replace("login.html");    }  }});