新建类接入filter接口
package com.bss.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginFliter implements Filter {
public void destroy() {
// TODO Auto-generated method stub
}
public void doFilter(ServletRequest arg0, ServletResponse arg1,
FilterChain arg2) throws IOException, ServletException {
// TODO Auto-generated method stub
HttpServletRequest req = (HttpServletRequest)arg0;
HttpServletResponse resp =(HttpServletResponse) arg1;
HttpSession session = req.getSession();
// 获得用户请求的URI
String path = req.getRequestURI();
// 从request取得已经登录验证的凭证 我这里的demo用的是password来作为登录凭证
String password = (String) req.getAttribute("password");
// login.html页面无需过滤(根据自己项目的要求来)
if(path.indexOf("/login.html") > -1) {//注意:登录页面千万不能过滤 不然过滤器就。。。。。自行调试不要偷懒!这样记忆深刻
arg2.doFilter(req, resp);
return;
} else {//如果不是login.jsp进行过滤
if (password == null || "".equals(password)) {
// (将需要过滤的页面放在webroot下的admin文件夹内) 返回到webroot目录下 跳转回登陆页面
resp.sendRedirect("../login.html");
} else {
// 已经登陆,继续此次请求
arg2.doFilter(req, resp);
}
}
}
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
}
}
web.xml
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.bss.filter.LoginFliter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/admin/*</url-pattern>
</filter-mapping>