1.编写过滤器
package com.sharesun.filter;
import java.io.IOException;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
public class LoginFilter implements Filter {
// private static final Logger LOGGER = LoggerFactory.getLogger(LoginFilter.class);
/**
* 保存不拦截的url
*/
private static List<String> passUrls = new ArrayList<>();
/**
* 上下文
*/
private String ctxPath = null;
/**
* 重定向url
*/
private static String redirectUrl = "";
/**
* 过滤器初始化方法
*
* @param filterConfig
* @throws ServletException
*/
@Override
public void init(FilterConfig filterConfig) throws ServletException {
// 获取web.xml中的初始化参数
String ignoreURL = filterConfig.getInitParameter("passURL");
// redirectUrl = filterConfig.getInitParameter("redirectURL");
// 保存不拦截的url
String[] ignoreURLArray = ignoreURL.split(",");
for (String url : ignoreURLArray) {
passUrls.add(url.trim());
}
ctxPath = filterConfig.getServletContext().getContextPath();
System.out.println("ctx = " + ctxPath);
// LOGGER.info("不拦截的URL包括:");
// for (String url : passUrls) {
// LOGGER.info(url);
// }
}
/**
* 过滤器方法
*
* @param servletRequest
* @param servletResponse
* @param filterChain
* @throws IOException
* @throws ServletException
*/
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
// 请求的url
String url = request.getRequestURI();
// 相对路径
String subUrl = url.substring(ctxPath.length() + 1);
System.out.println("subUrl-----------"+subUrl+"----"+subUrl.endsWith("statics/login.html"));
if (subUrl.endsWith("statics/login.html")||subUrl.endsWith("user/login")) {
filterChain.doFilter(request, response);
return;
}
for (String urlStr : passUrls) {
// 如果匹配, 则放行
if (subUrl.indexOf(urlStr) > -1) {
filterChain.doFilter(request, response);
return;
}
}
// 获得session: 从session中获取SessionKey对应值,若值不存在,则重定向到redirectUrl
HttpSession session = request.getSession();
Object user = session.getAttribute("LOGIN_USER");
System.out.println("user----"+user);
if (user != null) {
filterChain.doFilter(request, response);
} else {
response.sendRedirect(ctxPath + "/statics/login.html");
}
}
@Override
public void destroy() {
}
}
2.配置文件
在<web-app>
中添加配置:
<filter>
<description>登录过滤器</description>
<filter-name>loginFilter</filter-name>
<filter-class>com.sharesun.filter.LoginFilter</filter-class>
<!-- 初始化参数 -->
<init-param>
<param-name>passURL</param-name>
<param-value>user/login,js,css,image,javascript,font</param-value>
</init-param>
<!--
<init-param>
<param-name>redirectURL</param-name>
<param-value>statics/login.html</param-value>
</init-param>
-->
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
设置session有效期
<!-- 时间单位为分钟 -->
<session-config>
<session-timeout>15</session-timeout>
</session-config>