7.2 MVC 实现登录验证
- 通过过滤器实现对所有请求的拦截, 并验证是否在登录
- filter的写法
package filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LoginFilter implements Filter {
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
// request.getRequestURI(); 获得除了域名(主机名)以外的路径名
String uri = request.getRequestURI();
if (uri.endsWith("login.html") || uri.endsWith("login") || uri.endsWith("css") || uri.endsWith("js")) {
chain.doFilter(request, response);
return;
}
if (null != request.getSession().getAttribute("userName")) {
request.getRequestDispatcher(uri).forward(request, response);
return;
}else{
request.getRequestDispatcher("login").forward(request, response);
}
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
}
- web.xml的配置
// 设置登录过滤器
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>