package com.wake.util;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.wake.bean.AdminUser;
/**
* @author Administrator
*
*/
public class PopedomControl extends HttpServlet implements Filter
{
private FilterConfig filterConfig;
private static final long serialVersionUID = -4275105240038370264L;
/*
* (非 Javadoc )
*/
public void init(FilterConfig arg0) throws ServletException
{
}
/*
* (非 Javadoc )
*/
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain)
{
HttpServletRequest servletRequest = (HttpServletRequest) request;
HttpServletResponse servletResponse = (HttpServletResponse) response;
HttpSession session = servletRequest.getSession();
// 获取当前页面文件名
String url = servletRequest.getRequestURI();
url = url.substring(url.lastIndexOf("/") + 1, url.length());
try
{
// 排除后台不作权限控制的页面名
String exclude= "adminlogin.action,login.jsp,Message.jsp,loginout.jsp";
if(exclude.indexOf(url)==-1)
{
// 获取网站访问根目录
String accessPath = servletRequest.getContextPath();
// 用当前页面文件名与用户权限字符比较
AdminUser adminuser = (AdminUser) session.getAttribute("auser");
if (adminuser == null)
{
servletResponse.sendRedirect(accessPath +
"/admin/login.jsp");
}
else if(adminuser.getUserPopedom().indexOf(url)==-1)
{
servletResponse.sendRedirect(accessPath +
"/admin/Message.jsp");
}
}
}
catch (Exception sx)
{
sx.printStackTrace();
}
try
{
filterChain.doFilter(request, response);
}
catch (ServletException sx)
{
filterConfig.getServletContext().log(sx.getMessage());
}
catch (IOException iox)
{
filterConfig.getServletContext().log(iox.getMessage());
}
}
public void destroy()
{
}
}
JSP权限过滤器
最新推荐文章于 2022-11-17 22:38:10 发布