若依请求url中带有jsessionid的解决办法(六十三)
一、原因分析
客户端禁用了cookie
Jsessionid是存在于cookie中的,一般情况下不会出现在url中,服务器会从客户端的cookie中取出来,但是如果客户端禁用了cookie的话,就要重写url了,显式的将jsessionid重写到Url中,方便服务器来通过这个找到session的id。
二、解决方案
1、首先定义一个Filter过滤器RemoveUrlJsessionIdFilter
package com.ruoyi.framework.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebFilter(urlPatterns = "/*", filterName = "removeUrlJsessionIdFilter")
public class RemoveUrlJsessionIdFilter implements Filter {
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
// skip non-http requests
if (!(request instanceof HttpServletRequest)) {
chain.doFilter(request, response);
return;
}
//从url中删除jsessionid
if (httpServletRequest.isRequestedSessionIdFromURL()) {
HttpSession session = httpServletRequest.getSession();
if (null != session) {
session.invalidate();
}
}
HttpServletResponseWrapper wrappedResponse = new HttpServletResponseWrapper(httpServletResponse) {
@Override
public String encodeRedirectUrl(String url) {
return url;
}
@Override
public String encodeRedirectURL(String url) {
return url;
}
@Override
public String encodeUrl(String url) {
return url;
}
@Override
public String encodeURL(String url) {
return url;
}
};
// process next request in chain
chain.doFilter(request, wrappedResponse);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void destroy() {
}
}
2、然后在Springboot启动类上加上@ServletComponentScan
