servlet
创建filter文件:
package com.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
* Servlet Filter implementation class login
*/
public class login_filter implements Filter {
/**
* Default constructor.
*/
public login_filter() {
// TODO Auto-generated constructor stub
}
/**
* @see Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
String passUrl = "";
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest=(HttpServletRequest)request;
HttpServletResponse httpResponse=(HttpServletResponse)response;
String[] strArray = passUrl.split(";");
for (String str : strArray) {
if (str.equals(""))
continue;
if (httpRequest.getRequestURL().indexOf(str) >= 0) {
chain.doFilter(request, response);
return;
}
}
HttpSession session=httpRequest.getSession();
if(session.getAttribute("username")!=null){
chain.doFilter(request, response);
}
else{
httpResponse.sendRedirect(httpRequest.getContextPath()+"/login.jsp");
}
}
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
// TODO Auto-generated method stub
passUrl = fConfig.getInitParameter("passUrl");
}
}
配置xml文件
<filter>
<filter-name>login_filter</filter-name>
<display-name>login_filter</display-name>
<description></description>
<filter-class>com.filter.login_filter</filter-class>
<init-param>
<param-name>passUrl</param-name>
<param-value>login.jsp;register.jsp;login;register;</param-value> //无需filter的文件
</init-param>
</filter>
<filter-mapping>
<filter-name>login_filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
重启之后,除了login和register文件,其他都需要登录才能访问
springmvc
创建class文件
package com.springmvc.fastdfs;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.web.servlet.ModelAndView;
public class SecurityInterceptor implements HandlerInterceptor{
public boolean preHandle(HttpServletRequest req, HttpServletResponse res, Object handler) throws Exception {
HttpSession session = req.getSession(true);
Object obj = session.getAttribute("username");
if (obj == null || "".equals(obj.toString())) {
res.sendRedirect("login");
}
return true;
}
public void postHandle(HttpServletRequest req, HttpServletResponse res, Object arg2, ModelAndView arg3) throws Exception {
}
public void afterCompletion(HttpServletRequest req, HttpServletResponse res, Object arg2, Exception arg3) throws Exception {
}
}
修改springmvc.xml文件
<mvc:annotation-driven />
<mvc:interceptors>
<mvc:interceptor>
<!-- 需拦截的地址 -->
<mvc:mapping path="/**" />
<!-- 需排除拦截的地址 -->
<mvc:exclude-mapping path="/login"/>
<mvc:exclude-mapping path="/logindo"/>
<mvc:exclude-mapping path="/register"/>
<mvc:exclude-mapping path="/registerdo"/>
<bean class="com.springmvc.fastdfs.SecurityInterceptor" />
</mvc:interceptor>
</mvc:interceptors>
重启之后可以进行拦截