web.xml配置
<filter>
<filter-name>AccessFilter</filter-name>
<filter-class>com.yf.my12306.filter.AccessFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AccessFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
继承Filter接口类
package com.yf.my12306.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.yf.my12306.domain.TabUsers;
/**
* 访问权限控制
*/
//@WebFilter("/AccessFilter")
public class AccessFilter implements Filter {
public AccessFilter() {
}
public void destroy() {
}
/**
* 访问过滤
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest req = null;
HttpServletResponse resp = null;
if (request instanceof HttpServletRequest) {
req = (HttpServletRequest) request;
}
if (response instanceof HttpServletResponse) {
resp = (HttpServletResponse) response;
}
// 获取请求路径
String url = req.getRequestURI();
System.out.println("url:" + url);
TabUsers user = (TabUsers) req.getSession().getAttribute("user");
// 过滤
if (url.contains("/admin/")) {
// 管理员登录访问
if (user != null && user.getRule().equals("1")) {
chain.doFilter(request, response);// 放行
} else {
resp.sendRedirect(req.getContextPath() + "/login.jsp");
}
} else if (url.contains("/user/")) {
// 普通用户登录访问
if (user != null && user.getRule().equals("2")) {
chain.doFilter(request, response);// 放行
} else {
resp.sendRedirect(req.getContextPath() + "/login.jsp");
}
} else if (url.contains("/AdminServlet")) {
// 访问AdminServlet
if (user != null && user.getRule().equals("1")) {
chain.doFilter(request, response);// 放行
} else {
resp.sendRedirect(req.getContextPath() + "/login.jsp");
}
} else if (url.contains("/UserServlet")) {
// 访问UserServlet
if (user != null && user.getRule().equals("2")) {
chain.doFilter(request, response);// 放行
} else if (req.getParameter("operator").equals("login")) {
chain.doFilter(request, response);// 放行
} else if (req.getParameter("operator").equals("toRegister")) {
chain.doFilter(request, response);// 放行
} else if (req.getParameter("operator").equals("getCitiesByProvince")) {
chain.doFilter(request, response);// 放行
} else if (req.getParameter("operator").equals("register")) {
chain.doFilter(request, response);// 放行
} else {
resp.sendRedirect(req.getContextPath() + "/login.jsp");
}
} else {
// 普通资源访问
chain.doFilter(request, response);// 放行
}
}
public void init(FilterConfig fConfig) throws ServletException {
}
}