1、创建一个过滤器
package cn.demo.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import cn.demo.domain.User;
public class UserLimitFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("UserLimitFilter 创建了...");
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
System.out.println("UserLimitFilter doFilter 执行了...");
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
String path = req.getRequestURI().substring(req.getContextPath().length());
// 放行的页面,不需要拦截
if ("/login.jsp".equals(path) || "/checkImgServlet".equals(path) || "/loginServlet".equals(path)
|| "/".equals(path) || "/register.jsp".equals(path) || "/registerServlet".equals(path)) {
// 访问登录页面直接放行
chain.doFilter(req, res);
System.out.println("UserLimitFilter doFilter 执行完毕...");
return;
} else {
// 其他页面,需要限制权限,需要用户登录
// 判断用户是否登录
User existUser = (User) req.getSession().getAttribute("existUser");// 登录成功,把User对象存到session中
if (existUser != null) {
// 已经登录,放行
chain.doFilter(req, res);
System.out.println("UserLimitFilter doFilter 执行完毕...");
return;
} else {
// 去登录
res.sendRedirect(req.getContextPath() + "/login.jsp");
System.out.println("UserLimitFilter doFilter 执行完毕...");
return;
}
}
}
@Override
public void destroy() {
System.out.println("UserLimitFilter 销毁了...");
}
}
2、web.xml注册过滤器
<filter>
<filter-name>UserLimitFilter</filter-name>
<filter-class>cn.demo.filter.UserLimitFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>UserLimitFilter</filter-name>
<url-pattern>/*</url-pattern> <!-- 拦截模式,所有页面都走过滤器 -->
</filter-mapping>