import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.lovo.oa.object.User;
public class AuthFilter implements Filter {
String charset;
String fileFilter;
public void destroy() {
}
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
FilterChain filterChain) throws IOException, ServletException {
//字符过滤
servletRequest.setCharacterEncoding(charset);
servletResponse.setCharacterEncoding(charset);
servletResponse.setContentType("text/html;charset="+charset);
//处理HTTP请求,需要访问在ServletRequest中无法得到的方法,
//就要把此request对象构造成HttpServletRequest
HttpServletRequest request = (HttpServletRequest)servletRequest;
HttpServletResponse response = (HttpServletResponse)servletResponse;
String currentURL = request.getRequestURI(); //取得访问页面所对应根目录的绝对路径:
String targetURL = currentURL.substring(currentURL.indexOf("/", 1),
currentURL.length()); //截取到当前文件名用于比较
HttpSession session = request.getSession(false);
User user = (User)request.getSession().getAttribute("userPo");
if (!"/index.jsp".equals(targetURL)) {
//判断当前页是否是重定向以后的登录页面页面,如果是就不做session的判断,防止出现死循环
if (session == null || session.getAttribute("userPo") == null) {
response.sendRedirect(request.getContextPath() + "/index.jsp");// request.getContextPath()取得根目录
//如果session为空表示用户没有登录就重定向到index.jsp页面
return;
}else if(session != null&&user.getR_id()!=2){
String [] url = targetURL.split("/");
for(int i=0;i<url.length;i++){
if(url[i].equals(fileFilter)){
response.sendRedirect(request.getContextPath() + "/jsp/infoErrors.jsp");
return;
}
}
}
}
//加入filter链继续向下执行
filterChain.doFilter(request, response);
}
public void init(FilterConfig filterConfig) throws ServletException {
fileFilter = filterConfig.getInitParameter("fileFilter");
}
}