package org.hourse.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class SecurityFilter extends HttpServlet implements Filter {
@Override
public void doFilter(ServletRequest arg0, ServletResponse arg1,
FilterChain filter) throws IOException, ServletException {
// TODO Auto-generated method stub
HttpServletRequest request=(HttpServletRequest)arg0;//获得请求request
HttpServletResponse response=(HttpServletResponse)arg1;//获得响应response
HttpSession session=request.getSession();//得到回话session
String requestURL=request.getRequestURI().toLowerCase();//这一一步还很关键
//这个if块上的是不被拦截的
if(requestURL.endsWith(".css")
||requestURL.endsWith(".jpg")
||requestURL.endsWith(".gif")
||requestURL.endsWith(".login.jsp")
||requestURL.endsWith("/login")
){
filter.doFilter(arg0, arg1);
return;
}
if(session.getAttribute("user")==null){
//拦截,打回登录
request.getRequestDispatcher("/page/login.jsp").forward(request, response);
return;
}else{
//通过
filter.doFilter(arg0, arg1);
}
}
@Override
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
}
}
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------