最近做了个一个项目,需要配置权限访问,就随便网上查了下资料,总结了下,这三种常用配置方式。首先明白这点filter主要拦截url地址,interceptor拦截访问的action。
一、jsp 配置filter 过滤器,
(1)配置过滤器,过滤url地址
web.xml 中配置
<!-- 配置过滤器,控制jsp目录下的访问权限 -->
<filter>
<filter-name>perimission filter</filter-name>
<filter-class>
com.flower.filter.PermissionFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>perimission filter</filter-name>
<url-pattern>/jsp/*</url-pattern>
</filter-mapping>
filter配置如下
package com.flower.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
* 配置filter过滤器,判断用户是否登陆,没有登陆跳转到index.jsp
* @author Administrator
*
*/
public class PermissionFilter implements Filter{
public void destroy() {
}
public void doFilter(ServletRequest arg0, ServletResponse arg1,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request=(HttpServletRequest) arg0;
HttpSession session=request.getSession();
HttpServletResponse response=(HttpServletResponse) arg1;
//判断后台是否登陆,如果没登陆跳转到index.jsp
if(session.getAttribute("falgAdmin")==null||((Integer)session.getAttribute("falgAdmin")!=2)){
System.out.println("用户未登陆,跳转到index.jsp");
response.sendRedirect(request.getContextPath());
return ;
}
System.out.println("用户登陆");
chain.doFilter(arg0, arg1); //如果登陆直接向下执行
}
public void init(FilterConfig filterConfig) throws ServletException {
}
}
(2)、配置字符过滤器
web.xml 配置如下
<filter>
<filter-name>CharacterEncodingFilter</filter-name>
<filter-class>com.test.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>utf-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CharacterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
filter配置如下
package com.test.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
public class CharacterEncodingFilter implements Filter {
protected FilterConfig filterConfig = null;
protected String encoding = "";
public void destroy() {
filterConfig = null;
encoding = null;
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
if (encoding != null) {
//设置request和response的编程格式,注意两个都要设,若没设response的
//charset,则在输出页面会显示乱码。
request.setCharacterEncoding(this.encoding);
response.setContentType("text/html;charset=utf-8");
}
//继续执行下一个过滤器
filterChain.doFilter(request, response);
}
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
this.encoding = filterConfig.getInitParameter("encoding");
}
}
二、struts配置interceptor
struts.xml配置如下
<!-- 定义一个权限拦截器 authorityInterceptor -->
<interceptors>
<interceptor name="authorityInterceptor" class="com.flower.interceptor.AuthorityInterceptor"></interceptor>
<!-- 定义一个拦截器栈-->
<interceptor-stack name="mydefault">
<interceptor-ref name="defaultStack"></interceptor-ref>
<interceptor-ref name="authorityInterceptor"></interceptor-ref>
</interceptor-stack>
</interceptors>
<global-results>
<result name="none">/login.jsp</result>
</global-results>
interceptor配置如下
package com.flower.interceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.struts2.ServletActionContext;
import org.apache.struts2.interceptor.ServletRequestAware;
import com.flower.model.User;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
/**
* ll
* @author Administrator
*
*/
public class AuthorityInterceptor extends AbstractInterceptor{
@Override
public String intercept(ActionInvocation actionInvocation) throws Exception {
HttpSession session=ServletActionContext.getRequest().getSession();
User user=(User)session.getAttribute("user");
if(user!=null){
System.out.println("action:用登陆");
return actionInvocation.invoke(); //继续往下执行interceptor或者action
}else{
return Action.NONE; //globle 与全局访问结果集对应,拦截,返回指定页面
}
}
}