- /* 使用Filter进行用户信息验证等操作是个不错的选择。
这是OnlineFilter.java
初学者注意,这里用到的是javax.servlet.*,不包含在j2sdk里,需要从j2ee sdk中,或者$tomcat_home/lib/ 或者$resin_home/lib/下找到那个jar包。
*/
package cn.techtiger.struts;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class OnlineFilter extends HttpServlet implements javax.servlet.Filter {
private static final long serialVersionUID = 1L;
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws ServletException, IOException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession();
if (session.getAttribute("user") == null) {
System.out.println("user has logged in.");
res.sendRedirect("error.jsp");
return;
} else {
chain.doFilter(request, response);
}
}
public void init(FilterConfig filterConfig) {
System.out.println("OnlineFilter initialized.");
}
public void destroy() {
System.out.println("OnlineFilter destroied");
}
}
<hr/>
这是web.xml的配置
<filter>
<filter-name>onlineFilter</filter-name>
<filter-class>cn.techtiger.struts.OnlineFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>onlineFilter</filter-name>
<url-pattern>u_*.jsp</url-pattern>
</filter-mapping>
注意:url-pattern是匹配哪些url要通过这个filter过滤,目前配置就是验证以u_开头的.jsp文件。
<hr/>
这是几个测试的jsp文件
testFilter.jsp
<%@ page pageEncoding="UTF-8" %>
<html>
<body>
<%
session.setAttribute("user","techtiger");
%>
<form action="u_login.jsp" method="post" >
<input type=submit value="测试用户登录">
</form>
</body>
</html>
u_login.jsp
<%@ page pageEncoding="UTF-8" %>
<html>
<body>
用户已经登录,所以可以看到此页面 <br>
用户退出后,再访问此页面就访问不到了,而是直接转向了error.jsp 在OnlineFilter.java中指定的。
<form action="exit.jsp" method="post" >
<input type=submit value="用户退出">
</form>
</body>
</html>
exit.jsp
<%
session.removeAttribute("user");
response.sendRedirect("u_login.jsp");
%>
error.jsp
<%@ page pageEncoding="UTF-8" %>
<%
out.println("错误");
%>
<hr/>
测试的jsp文件,起始业testFilter.jsp,此页已经创建了session,所以当访问u_login.jsp时,通过了filter的过滤,点击退出,exit.jsp 删除掉了session attribute “user”(注意:exit.jsp不经过filter过滤),然后返回u_login.jsp,此时已经没有session attribute “user",所以filter把它跳转至error.jsp
使用Filter验证用户是否登陆,完整示例
最新推荐文章于 2022-12-17 16:01:18 发布