web.config
org.jasig.cas.client.session.SingleSignOutHttpSessionListener CAS Single Sign Out Filter org.jasig.cas.client.session.SingleSignOutFilter CAS Filter edu.yale.its.tp.cas.client.filter.CASFilter edu.yale.its.tp.cas.client.filter.loginUrl http://server:8080/cas/login edu.yale.its.tp.cas.client.filter.validateUrl http://server:8080/cas/serviceValidate edu.yale.its.tp.cas.client.filter.serverName client:8200 CAS Single Sign Out Filter /* CAS Filter /admin/*
核心代码:
private boolean isValidSession(ServletRequest request) { HttpServletRequest objHttpRequest = (HttpServletRequest)request; String strIsLogin = (String)objHttpRequest.getSession(). getAttribute(ComtopGlobalConstants.SECURITY_LOGIN_KEY); boolean bIsValid = ComtopGlobalConstants.SECURITY_IS_LOGIN.equals(strIsLogin); if(!bIsValid && logger.isDebugEnabled()) { logger.debug(" AAAAAValid " + System.currentTimeMillis()); logger.debug("Session无效,请求:" + objHttpRequest.getRequestURI()); }