3.关于用户是否登陆的应用
能够防止用户不登陆,直接在浏览器地址栏输入URL对页面进行访问
3.1 自定义filter类的实现
------------------------------------------------------------------------------------------------------------------------------------
import java.io.IOException;
import javax.servlet.Filter;import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.ServletResponse;
public class loginFilter implements Filter {
private String errorpage;
public void destroy() {}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest req=(HttpServletRequest) request;
HttpServletResponse rep=(HttpServletResponse) response;
/**
* 页面缓存设定 <br>
* 确保浏览器不缓存页面数据
*/
// 指示请求或响应消息不能缓存
rep.setHeader("Cache-Control","no-cache");
// 用于防止重要的信息被无意的发布
rep.setHeader("Cache-Control","no-store");
// 设定网页的到期时间,设置为0
rep.setDateHeader("Expires", 0);
// 可以用于设定网页的到期时间
rep.setHeader("Pragma","no-cache");
// URL: http://localhost/ProjectName/XXX
// 取得上述URL中的XXX(jsp,html,action都有可能)
String imgpath=req.getRequestURL().toString();
int index=imgpath.lastIndexOf("/");
imgpath=imgpath.substring(index+1,imgpath.length());
// 判断login时存储在session里的用户信息是否为空(session过期或者用户未登陆)
// 如果用户信息为空时,
if (req.getSession().getAttribute("user") == null) {
// 如果URL中的XXX为空,或者是login页面时,继续执行
if(imgpath.toString().equals("")|| imgpath.toString().equals("login.jsp"))
{
filterChain.doFilter(req,rep);
}else{
// 上述情况以外的时候,跳转到login页面
String path = req.getContextPath();
String basePath = req.getScheme()+"://"+req.getServerName()+":"+req.getServerPort()+path+"/";
rep.sendRedirect(basePath+errorpage);
}
} else {
filterChain.doFilter(req,rep);
}
}
public void init(FilterConfig conf) throws ServletException {
errorpage=conf.getInitParameter("login");
}
}
------------------------------------------------------------------------------------------------------------------------------------
3.2 web.xml的配置
------------------------------------------------------------------------------------------------------------------------------------
<filter>
<filter-name>sessionFilter</filter-name>
<filter-class>com.XXXXX.loginFilter</filter-class>
<init-param>
<param-name>login</param-name>
<param-value>/login.jsp</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>sessionFilter</filter-name>
<url-pattern>*.action</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>sessionFilter</filter-name>
<url-pattern>*.html</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>sessionFilter</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
------------------------------------------------------------------------------------------------------------------------------------