最近做了个一个项目,需要配置权限访问,就随便网上查了下资料,总结了下,这三种常用配置方式。首先明白这点filter主要拦截url地址,interceptor拦截访问的action。
一、jsp 配置filter 过滤器,
(1)配置过滤器,过滤url地址
web.xml 中配置
- <!-- 配置过滤器,控制jsp目录下的访问权限 -->
- <filter>
- <filter-name>perimission filter</filter-name>
- <filter-class>
- com.flower.filter.PermissionFilter
- </filter-class>
- </filter>
- <filter-mapping>
- <filter-name>perimission filter</filter-name>
- <url-pattern>/jsp/*</url-pattern>
- </filter-mapping>
filter配置如下
- package com.flower.filter;
- import java.io.IOException;
- import javax.servlet.Filter;
- import javax.servlet.FilterChain;
- import javax.servlet.FilterConfig;
- import javax.servlet.ServletException;
- import javax.servlet.ServletRequest;
- import javax.servlet.ServletResponse;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import javax.servlet.http.HttpSession;
- /**
- * 配置filter过滤器,判断用户是否登陆,没有登陆跳转到index.jsp
- * @author Administrator
- *
- */
- public class PermissionFilter implements Filter{
- public void destroy() {
- }
- public void doFilter(ServletRequest arg0, ServletResponse arg1,
- FilterChain chain) throws IOException, ServletException {
- HttpServletRequest request=(HttpServletRequest) arg0;
- HttpSession session=request.getSession();
- HttpServletResponse response=(HttpServletResponse) arg1;
- //判断后台是否登陆,如果没登陆跳转到index.jsp
- if(session.getAttribute("falgAdmin")==null||((Integer)session.getAttribute("falgAdmin")!=2)){
- System.out.println("用户未登陆,跳转到index.jsp");
- response.sendRedirect(request.getContextPath());
- return ;
- }
- System.out.println("用户登陆");
- chain.doFilter(arg0, arg1); //如果登陆直接向下执行
- }
- public void init(FilterConfig filterConfig) throws ServletException {
- }
- }
(2)、配置字符过滤器
web.xml 配置如下
- <filter>
- <filter-name>CharacterEncodingFilter</filter-name>
- <filter-class>com.test.filter.CharacterEncodingFilter</filter-class>
- <init-param>
- <param-name>encoding</param-name>
- <param-value>utf-8</param-value>
- </init-param>
- </filter>
- <filter-mapping>
- <filter-name>CharacterEncodingFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
filter配置如下
- package com.test.filter;
- import java.io.IOException;
- import javax.servlet.Filter;
- import javax.servlet.FilterChain;
- import javax.servlet.FilterConfig;
- import javax.servlet.ServletException;
- import javax.servlet.ServletRequest;
- import javax.servlet.ServletResponse;
- public class CharacterEncodingFilter implements Filter {
- protected FilterConfig filterConfig = null;
- protected String encoding = "";
- public void destroy() {
- filterConfig = null;
- encoding = null;
- }
- public void doFilter(ServletRequest request, ServletResponse response,
- FilterChain filterChain) throws IOException, ServletException {
- if (encoding != null) {
- //设置request和response的编程格式,注意两个都要设,若没设response的
- //charset,则在输出页面会显示乱码。
- request.setCharacterEncoding(this.encoding);
- response.setContentType("text/html;charset=utf-8");
- }
- //继续执行下一个过滤器
- filterChain.doFilter(request, response);
- }
- public void init(FilterConfig filterConfig) throws ServletException {
- this.filterConfig = filterConfig;
- this.encoding = filterConfig.getInitParameter("encoding");
- }
- }
二、struts配置interceptor
struts.xml配置如下
- <!-- 定义一个权限拦截器 authorityInterceptor -->
- <interceptors>
- <interceptor name="authorityInterceptor" class="com.flower.interceptor.AuthorityInterceptor"></interceptor>
- <!-- 定义一个拦截器栈-->
- <interceptor-stack name="mydefault">
- <interceptor-ref name="defaultStack"></interceptor-ref>
- <interceptor-ref name="authorityInterceptor"></interceptor-ref>
- </interceptor-stack>
- </interceptors>
- <global-results>
- <result name="none">/login.jsp</result>
- </global-results>
interceptor配置如下
- package com.flower.interceptor;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpSession;
- import org.apache.struts2.ServletActionContext;
- import org.apache.struts2.interceptor.ServletRequestAware;
- import com.flower.model.User;
- import com.opensymphony.xwork2.Action;
- import com.opensymphony.xwork2.ActionInvocation;
- import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
- /**
- * ll
- * @author Administrator
- *
- */
- public class AuthorityInterceptor extends AbstractInterceptor{
- @Override
- public String intercept(ActionInvocation actionInvocation) throws Exception {
- HttpSession session=ServletActionContext.getRequest().getSession();
- User user=(User)session.getAttribute("user");
- if(user!=null){
- System.out.println("action:用登陆");
- return actionInvocation.invoke(); //继续往下执行interceptor或者action
- }else{
- return Action.NONE; //globle 与全局访问结果集对应,拦截,返回指定页面
- }
- }
- }