java-如何处理Spring MVC中的浏览器后退按钮
作者:互联网
当用户登录时,将存储会话信息.
并在登录用户时删除会话信息
出来.但是当我点击浏览器的后退按钮时,会显示用户信息.由于会议已结束,但我们不能确定
用户登录操作已执行.我该如何解决
问题 ?
----------------------------log out -------------------------------
@RequestMapping(value="logout.htm",method = RequestMethod.GET)
public void logOut(HttpSession session,HttpServletResponse
response,HttpServletRequest request) throws IOException{
final String refererUrl = request.getHeader("Referer");
response.setHeader(refererUrl, "no-cache");
response.setHeader("Cache-Control", "no-cache");
response.setDateHeader("Expires", 0);
session.removeAttribute("user");
session.invalidate();
response.sendRedirect("index.htm");
}
---------------------------------- login ---------------
@RequestMapping(value="/userLogin",method=RequestMethod.POST)
public @ResponseBody JsonResponse
login(@ModelAttribute(value="user") User user, BindingResult result,HttpServletRequest request,HttpSession session,ModelMap model) throws UnsupportedEncodingException{
JsonResponse res = new JsonResponse();
if(!result.hasErrors()&& userService.findUser(user, request)){
res.setStatus("SUCCESS");
session.setAttribute("user",
new String(user.getUsername().getBytes("iso- 8859-1"), "UTF-8"));
}
else{
res.setStatus("FAIL");
result.rejectValue("username","1");
res.setResult(result.getAllErrors());
}
return res;
}
--------------------------profile --------------------------------------
@RequestMapping(value="myProfile.htm",method = RequestMethod.GET)
public String showmyProfile(@ModelAttribute(value="addUser") User user,Model model,HttpServletRequest request,
HttpServletResponse response,
HttpSession session) throws IOException{
if(session.getAttribute("user")== null){
response.sendRedirect("index");
}
解决方法:
我用这种方法.
首先创建一个实现Filter的类并重写doFilter()方法.
doFilter()的代码是:
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletResponse hsr = (HttpServletResponse) res;
hsr.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1.
hsr.setHeader("Pragma", "no-cache"); // HTTP 1.0.
hsr.setDateHeader("Expires", 0); // Proxies.
chain.doFilter(req, res);
}
之后在web.xml中使用过滤器.这个过滤器就是这个.
<filter>
<filter-name>noCacheFilter</filter-name>
<filter-class>com.example.NoCacheFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>noCacheFilter</filter-name>
<url-pattern>/secured/*.jsp</url-pattern>// urls that not cached
</filter-mapping>
标签:java,spring,session,logout 来源: https://codeday.me/bug/20191010/1883715.html