我用jsp做了一个网站,现在最后一块的 退出登录 模块我是 一个超链接到 servlet后台 执行 request.getSession().invalidate(); 将session销毁!然后退出到登陆页面。但是现在有一个问题就是:我点击浏览器的后退按钮还是可以返回到我前面浏览过得网页,我听说可以在每一个页面写一个验证,验证session是否为空,但是我试了很多方法都没有达到想要的效果,就是页面验证session为空就跳转到登录页面。求给位大大多多指导,有范例代码最好,让小弟拜读一下!谢谢了!
if(userbean !=null){
这里是页面内容
}else{
response.sendRedirect("/login.jsp");
}%>
<filter>
<filter-name>UrlFilter</filter-name>
<filter-class>jerehnet.filters.AuthorizationFilter</filter-class>
<init-param>
<param-name>loginPage</param-name>
<param-value>/login.jsp</param-value>
</init-param>
<!-- 例外情况 -->
<init-param>
<param-name>noUrlPage</param-name>
<param-value>/login.jsp</param-value>
</init-param>
</filter> package jerehnet.filters;import java.io.IOException;
import java.util.HashMap;import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;public class AuthorizationFilter implements Filter { private String loginPage;
private String[] noUrlPage;
public void init(FilterConfig filterConfig) throws ServletException
{
loginPage = filterConfig.getInitParameter("loginPage");
noUrlPage = filterConfig.getInitParameter("noUrlPage").split(",");
} public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession();
HashMap adminUser = (HashMap) session.getAttribute("adminUser");
String pageurl = req.getServletPath();
if (adminUser == null)
{
boolean login = false;
for (String url : noUrlPage)
{
if (pageurl.equals(url))
{
login = true;
break;
}
}
if(login)
{
chain.doFilter(request, response);
}
else {
res.sendRedirect(loginPage);
}
} else
{
chain.doFilter(request, response);
} req = null;
res = null;
session = null;
adminUser = null;
} public void destroy() {
}
}