<filter> <filter-name>ContinuingEducationSystemFilter</filter-name> <filter-class>com.springmvchibernate.ContinuingEducation.filters.ContinuingEducationSystemFilter</filter-class> </filter> <filter-mapping> <filter-name>ContinuingEducationSystemFilter</filter-name> <url-pattern>/view/ContinuingEducationSystem/*</url-pattern> </filter-mapping>
<filter-mapping></filter-mapping>可以指定多个目录
package com.springmvchibernate.ContinuingEducation.filters; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import com.springmvchibernate.ContinuingEducation.log.Logger; public class ContinuingEducationSystemFilter implements Filter { public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException, NullPointerException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse) response; HttpSession session = req.getSession(); if (session.getAttribute("adminuser") != null) { chain.doFilter(request, response); }else{ Logger.audit("越权访问者转发到后台登录界面"); res.sendRedirect("/view/ContinuingEducationLogin/login.jsp"); } } public void init(FilterConfig arg0) throws ServletException { Logger.audit("系统初始化,SystemFilter已启用,管理员:Tenstar@解明超!"); } public void destroy() { Logger.audit("系统session销毁"); } }
只有adminuser用户才可以访问/view/ContinuingEducationSystem/路径下的文件其他用户被过滤掉