package com.bw.util;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.bw.entity.User;
/**
* Servlet Filter implementation class MyFilter3
*/
@WebFilter("/*")
public class MyFilter3 implements Filter {
/**
* Default constructor.
*/
public MyFilter3() {
// TODO Auto-generated constructor stub
}
/**
* @see Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request2 = (HttpServletRequest)request ;
HttpServletResponse response2 = (HttpServletResponse)response;
过滤器没有HttpServletRequest、HttpServletResponse,需要强制转化下
HttpSession session = request2.getSession();
User dl = (User) session.getAttribute("dl");
获取存到session的内容,判断用户是否登录成功
String url = request2.getRequestURI();
获取url(浏览地址)来进行以下判断,来指定规则
if(dl==null&&url.contains("SeachLbServlet")){
chain.doFilter(request , response);
}else if(dl==null&&!url.contains("LoginServlet")){
request2.setAttribute("error", "您没有登录,请登录后再使用");
request2.getRequestDispatcher("login.jsp").forward(request, response);
}else if(dl==null&&url.contains("LoginServlet")){
chain.doFilter(request , response);
}else if(dl!=null){
chain.doFilter(request , response);
}
1.如果用户没有登录成功,但让用户访问列表页面
2.如果用户没有登录成功,但是想要访问登录页面意外的活动,进行强制跳转到登录界面,并提示信息
3.如果用户没有登录成功,能访问登陆页面
4.如果用户登录成功,那就开放所有的权限,可以使用其中的所有功能
}
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
// TODO Auto-generated method stub
}
}