web.xml
ActionFilter.java
<!-- For Security -->
<filter>
<filter-name>ActionFilter</filter-name>
<filter-class>com.fg.security.ActionFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ActionFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ActionFilter</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
ActionFilter.java
/**
*
*/
package com.fg.security;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.fg.common.CommLogger;
import com.fg.common.Constant;
import com.fg.common.FgObject;
import com.fg.common.exception.ExceptionLogger;
import com.fg.urp.business.UserKeyService;
/**
* @author Agui
* @date 2005-7-22
*/
public class ActionFilter extends FgObject implements Filter {
public void init(FilterConfig config) {
//
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) {
String taskUiid=null;
String uiid=null;
try {
CommLogger.debug(getClass()," *** In ActionFilter *** ");
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse rep = (HttpServletResponse) response;
// Get user information
HttpSession session = req.getSession(true);
//从session中提取用户的session
UserKeyService user = (UserKeyService) session
.getAttribute(Constant.SESSION_USER);
CommLogger.debug(getClass()," URI: " + req.getRequestURI());
//如果不等于登陆页面
if(!req.getRequestURI().equals("/msp/login.do")){
//if(req.getQueryString()!=null) rep.sendRedirect(req.getContextPath()+"/error.jsp");
}
//user == null 或者 没有登陆
if (!(user!=null&&user.isLogin())) {
String uri = req.getRequestURI();
//如果不是登录页面
if (!uri.equalsIgnoreCase(req.getContextPath() + "/login.do")) {
CommLogger.debug(getClass()," Action Stop!");
rep.sendRedirect(req.getContextPath() + "/login.do");
} else {
chain.doFilter(request, response);
}
} else {
//user !=null and 登陆了
if(user==null) rep.sendRedirect(req.getContextPath() + "/login.do");
if(req.getParameter("Uiid")!=null) uiid=req.getParameter("Uiid");
if(req.getParameter("taskUiid")!=null) taskUiid=req.getParameter("taskUiid");
chain.doFilter(request, response);
}
CommLogger.debug(getClass()," *** Out ActionFilter *** ");
} catch (Exception e) {
ExceptionLogger.logErrorMsg(e,getClass(),null);
} catch (Throwable t) {
t.printStackTrace();
}
}
public void destroy() {
//
}
}