1.过滤器类
public class LoginFilter implements Filter {
private String weblogin = "/login.jsp"; // web页面登陆页面
//private final static String[] ispass = new String[] { "/ckeditor/", "/css/", "/images/", "/img/",
//"/jmesaimages/", "/js/","/login.jsp","/login.jsp","/user_login","/struts-tags"}; // 路径中包含该数组中字符时通过;
private String passUrl[] ;
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
String flag = ifFilter(request);
if("success".equals(flag)) {
chain.doFilter(req, res); // 调用下一过滤器
} else {
response.sendRedirect(request.getContextPath()+flag);
return;
}
}
/**
* 初始化
*/
public void init(FilterConfig fc) throws ServletException {
this.passUrl = fc.getInitParameter("passUrl").split(",");
}
/**
* 过滤未登录访问的路径
* @param req
* @return
*/
private String ifFilter(HttpServletRequest request) {
String flag = "success";
String url = request.getRequestURI();
boolean ifpass = false;
for(String str : passUrl) {
if(url.contains(str.trim())) {
ifpass = true;
break;
}
}
if(!ifpass) { //请求路径不包含通过字符数组中任一个字符
HttpSession session = request.getSession();
User userPO = null;
userPO = (User)session.getAttribute("user");
if(userPO == null || "".equals(userPO.getUserid())) {
flag = "/index.jsp";
}
}
return flag;
}
}
2.在web.xml配置过滤器
<!-- 配置登录filter -->
<filter>
<filter-name>loginFilter</filter-name>
<filter-class>com.test.security.LoginFilter</filter-class>
<init-param>
<param-name>passUrl</param-name>
<param-value>/index.jsp,/css,/images,/img,/js,/user_login,/struts-tags
</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>