登录验证
在开发中如果要操作某些数据的时候必须保证用户是登录状态下,否则不能操作,比如要实现删除用户,修改用户信息,查看用户列表,查看部门列表,需要登录验证,这种验证可以通过过滤器统一处理
定义过滤器
package com.xie.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LoginFilter implements Filter{
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("过滤器初始化");
}
/**
* 拦截处理请求的方法
*/
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
//向下转型
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse resp = (HttpServletResponse)response;
//判断用户是否登录
if (req.getSession().getAttribute("username")==null) {
//没有登录则跳转到登录页面
req.setAttribute("msg","请登录");
req.getRequestDispatcher("/index.jsp").forward(req, resp);
}else {
//放行请求
chain.doFilter(req, resp);
}
}
@Override
public void destroy() {
System.out.println("销毁过滤器");
}
}
配置登录验证的过滤器
<!-- 配置登录验证的过滤器 -->
<filter>
<filter-name>lgFilter</filter-name>
<filter-class>com.xie.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>lgFilter</filter-name>
<!-- 如果用户访问以下的路径则必须保证登录 -->
<url-pattern>/emp/delete</url-pattern>
<url-pattern>/emp/update</url-pattern>
<url-pattern>/emp/list</url-pattern>
<url-pattern>/emp_list.jsp</url-pattern>
<url-pattern>/dept/list</url-pattern>
</filter-mapping>
如果没有登录,就会被过滤器拦截,之后跳转到登录页面