web.xml配置
<filter>
<filter-name>RemoveUrlJsessionIdFilter</filter-name>
<filter-class>com.mov.mwweb.filter.RemoveUrlJsessionIdFilter</filter-class>
<async-supported>true</async-supported>
</filter>
<filter-mapping>
<filter-name>RemoveUrlJsessionIdFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>cors</filter-name>
<filter-class>com.mov.mwweb.filter.CrossFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>cors</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
/**
* 去除第一次访问时候的JsessionId
* @author wst
*
*/
public class RemoveUrlJsessionIdFilter implements Filter{
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
// skip non-http requests
if (!(request instanceof HttpServletRequest)) {
chain.doFilter(request, response);
return;
}
// isRequestedSessionIdFromURL():Checks whether the requested session ID came in as part of the request URL.
if (httpServletRequest.isRequestedSessionIdFromURL()) {
HttpSession session = httpServletRequest.getSession();
if (null != session) {
session.invalidate();
}
}
// wrap response to remove URL encoding
HttpServletResponseWrapper wrappedResponse = new HttpServletResponseWrapper(httpServletResponse) {
@Override
public String encodeRedirectUrl(String url) {
return url;
}
@Override
public String encodeRedirectURL(String url) {
return url;
}
@Override
public String encodeUrl(String url) {
return url;
}
@Override
public String encodeURL(String url) {
return url;
}
};
// process next request in chain
chain.doFilter(request, wrappedResponse);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void destroy() {
}
}
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.filter.OncePerRequestFilter;
import com.mov.mw.constants.ConfigConstant;
/**
* 允许跨域请求
* @author wst
*
*/
public class CrossFilter extends OncePerRequestFilter {
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
// setHeader(name, value):如果Header中没有定义则添加,如果已定义则用新的value覆盖原用value值。
// addHeader(name, value):如果Header中没有定义则添加,如果已定义则保持原有value不改变。
response.setHeader("Access-Control-Allow-Origin", "*");
response.addHeader("Access-Control-Allow-Methods", "GET, POST");
response.setHeader("Access-Control-Allow-Credentials", "true"); // 允许设置Cookie
// 添加自定义跨域请求头
response.addHeader("Access-Control-Allow-Headers", ""
/*自定义*/+ "token,langVer,entId,"
+ "Access-Control-Allow-Methods,Access-Control-Allow-Origin,Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers");
response.addHeader("Access-Control-Max-Age", "1800");
filterChain.doFilter(request, response);
}
}