フィルタを使用してセッションを空にする

/**
 *  filter session 
 * @author Administrator
 *
 */
 public class AuthFilter implements Filter {

	public void destroy() {
		
	}

	public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,FilterChain filterChain) throws IOException, ServletException {
		
		HttpServletRequest request=(HttpServletRequest) servletRequest;
		HttpServletResponse response=(HttpServletResponse) servletResponse;
		
		/* , null session ,   
		   true ， null;   
		   false session   */
		HttpSession session=request.getSession(false);
		System.out.println("url=" + request.getRequestURL());
		System.out.println("uri=" + request.getRequestURI());
		
		
		String requestURI = request.getRequestURI();
		String targetURI = requestURI.substring(requestURI.lastIndexOf("/"));
		System.out.println("targetURI=" + targetURI);
		
		// 
		if (!targetURI.equals("/login.jsp")) {
			
			// session ，session user 
			if (session == null || session.getAttribute("user") == null) {
				
				// ， 
				 response.sendRedirect(request.getContextPath() + "/login.jsp");
				 
				 return;
			}
		}
		
		filterChain.doFilter(request, response);
	}

	public void init(FilterConfig arg0) throws ServletException {
		System.out.println("-------AuthFilter.init()---------");
	}

}