实现功能:不让用户直接访问主要的资源,要想访问必须登录
过滤器
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
@WebFilter("/*")
public class FilterWeb implements Filter {
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest)request;
//获取请求资源路径
String requestURI = req.getRequestURI();
//将给登录有关的资源全部放行(我这里需要放行css、js、img、servlet、还有去向后台登录界面的servlet与注册页面)
if(requestURI.contains("journalism/css/") || requestURI.contains("journalism/img/") || requestURI.contains("journalism/js/") || requestURI.contains("ServletMain") || requestURI.contains("VisitLogin") || requestURI.contains("register_sys.jsp")) {
//放行
chain.doFilter(request, response);
}else {
String username = (String)req.getSession().getAttribute("user_sys");
if(username!=null) {
//登录成功的话就将所有资源放行
chain.doFilter(request, response);
}else {
//没有登录,就跳转到登陆页面
System.out.println("未登录!!!");
request.getRequestDispatcher("/VisitLogin").forward(request, response);
}
}
}
}