Structs SessionFilter过滤请求地址
SessionFilter+web.xml配置
- SessionFilter过滤请求地址:
package com.test.common;
import org.apache.log4j.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
* Session过滤 检查请求是否需要用户登陆, 如果请求需要用户登录,但没有登陆用户则跳转到登录页
*
* @注意修改 登录用户的KEY“loginUser”
*
* WEB.xml 中配置追加
* <filter>
* <!-- 声明session检查filter -->
* <filter-name>session-filter</filter-name>
* <filter-class>com.包路径.SessionFilter</filter-class>
* <!-- 登陆页 -->
* <init-param>
* <param-name>loginPage</param-name>
* <param-value>/项目名称/登录页面.jsp</param-value>
* </init-param>
* <!--不用检查session的页 -->
* <init-param>
* <param-name>excludePage</param-name>
* <param-value>login.action,mobile.action</param-value>
* </init-param>
* </filter>
* <filter-mapping>
* <filter-name>session-filter</filter-name>
* <url-pattern>/*</url-pattern>
* </filter-mapping>
*
*/
public class SessionFilter implements Filter {
/**
* Logger for this class
*/
private static final Logger logger = Logger.getLogger(SessionFilter.class);
private String loginPage;
private String[] excludePages;
public void destroy() {
logger.info("destroy() - start");
// TODO Auto-generated method stub
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) {
try {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
String url = req.getServletPath();
// 是否不需要检查session
boolean excluded = false;
for (int i = 0; i < excludePages.length; i++) {
if (url.contains(excludePages[i])) {
excluded = true;
break;
}
}
if (!excluded) {
if (url.contains(".jsp") || url.contains(".action")) {
if (!url.contains(loginPage)) {
HttpSession session = req.getSession();
// 从session从取出user,如果为空说明没有登录,将其转到登录页面.
Object obj = session.getAttribute("loginUser");
if (obj == null) {
// 跳转到登陆页面
res.sendRedirect(loginPage);
logger
.info("doFilter() - web.xml中排除的ACTION未包含此ACTION,请确认该请求是否需要登录认证");
logger
.info("doFilter(request, response, chain) - end");
return;
}
}
}
}
// 如果不需要检查则跳出过滤器继续执行
chain.doFilter(request, response);
} catch (Exception e) {
logger.error("doFilter()", e);
e.printStackTrace();
}
}
public void init(FilterConfig config) throws ServletException {
loginPage = config.getInitParameter("loginPage");
String excludePage = config.getInitParameter("excludePage");
excludePages = excludePage.split(",");
}
}
- web.xml配置
WEB.xml 中配置追加
<filter>
<!-- 声明session检查filter -->
<filter-name>session-filter</filter-name>
<filter-class>com.包路径.SessionFilter</filter-class>
<!-- 登陆页 -->
<init-param>
<param-name>loginPage</param-name>
<param-value>/项目名称/登录页面.jsp</param-value>
</init-param>
<!--不用检查session的页 -->
<init-param>
<param-name>excludePage</param-name>
<param-value>login.action,mobile.action</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>session-filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>