先前试了下Spring的Interceptor 拦截用户登录。也可以直接用Filter,web.xml配置如下:
<filter>
<filter-name>loginFilter</filter-name>
<filter-class>smartcrud.common.filter.LoginFilter</filter-class>
<init-param>
<param-name>excludedUrls</param-name>
<param-value>/static/,/login</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
web.xml中四种配置参数的执行顺序是:context-param ---> Listener ---> Filter ---> Servlet
因此此处的LoginFilter会优于Spring的DispatcherServlet先执行。
代码如下:
public class LoginFilter implements Filter {
private static final Log logger = LogFactory.getLog(LoginFilter.class);
private String[] excludedUrls;
@Override
public void init(FilterConfig config) throws ServletException {
String excludes = config.getInitParameter("excludedUrls");
logger.debug("excludes=" + excludes);
if (excludes != null) {
this.excludedUrls = excludes.split(",");
}
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
String requestUri = httpRequest.getRequestURI();
logger.debug("doFilter for " + requestUri);
for (String url : excludedUrls) {
if (requestUri.contains(url.trim())) {
logger.debug("exclued");
chain.doFilter(request, response);
return;
}
}
// intercept
// getSession(true) is required, otherwise there will null pointer at next line.
HttpSession session = httpRequest.getSession(true);
if (session.getAttribute("user") == null) {
logger.debug("user should login first. ");
httpResponse.sendRedirect(httpRequest.getContextPath() + "/login");
} else {
chain.doFilter(request, response);
return;
}
}
@Override
public void destroy() {
}
}