Spring Web 系统登录过滤器
1.LoginForwarFilter 进行验证
package com.netease.ad.omp.web.filter; import java.io.IOException; import java.util.HashMap; import java.util.Map; import java.util.regex.Pattern; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import com.netease.ad.omp.entity.sys.User; import org.apache.commons.collections.map.HashedMap; import org.apache.commons.lang3.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import com.netease.ad.omp.common.utils.WildcardPatternBuilder; /** * * 类简述 * <p> * 登录拦截 器 * </p> * @Company 网易传媒 * @Copyright * @author (bjsonghongxu@corp.netease.com) * @version 1.0 * @CreateDate 2016年9月22日 下午2:00:40 */ public class LoginForwarFilter implements Filter { private Log log = LogFactory.getLog(getClass()); /** 需要排除(不拦截)的URL的正则表达式 */ private Pattern excepUrlPattern; @Override public void init(FilterConfig cfg) throws ServletException { /** 获取web.xml配置的文件信息 */ String excepUrlRegex = cfg.getInitParameter("excepUrlRegex"); if (!StringUtils.isBlank(excepUrlRegex)) { excepUrlPattern = WildcardPatternBuilder.build(excepUrlRegex); } } @Override public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) resp; HttpSession session = request.getSession(); // 访问路径 String servletPath = request.getServletPath(); // 如果请求的路径与排除检查的路径相同放过 if (excepUrlPattern.matcher(servletPath).matches()) { ParameterRequestWrapper requestWrapper = new ParameterRequestWrapper(request); chain.doFilter(requestWrapper, resp); return; } log.info("请求链接:" + servletPath); log.info("请求参数:" + request.getQueryString()); if (session != null) { if (null == session.getAttribute("loginUser")) { Map<String,Object> returnMap = new HashMap<String, Object>(); returnMap.put("rs", -1); returnMap.put("info", "no login"); /*response.getWriter().write("<script>top.location.href=\""+request.getContextPath() + "/nex-login.html\"</script>");*/ response.getWriter().write("-1"); //response.sendRedirect(request.getContextPath() + "/nex-login.html"); } else {// 登录用户不校验 User user = (User) session.getAttribute("loginUser"); Map<String,Object> extendParams = new HashMap<String,Object>(); extendParams.put("token",user.getToken()); ParameterRequestWrapper requestWrapper = new ParameterRequestWrapper(request,extendParams); chain.doFilter(requestWrapper, resp); return; } } else { /*response.getWriter().write("<script>top.location.href=\""+request.getContextPath() + "/nex-login.html\"</script>");*/ response.getWriter().write("-1"); //response.sendRedirect(request.getContextPath() + "/nex-login.html"); } } @Override public void destroy() { } }
2.ParameterRequestWrapper request 参数包装类
package com.netease.ad.omp.web.filter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; import java.util.HashMap; import java.util.Iterator; import java.util.Map; import java.util.Set; /** * Created with IntelliJ IDEA * ProjectName: omp * Author: bjsonghongxu * CreateTime : 11:01 * Email: bjsonghongxu@crop.netease.com * Class Description: * 请求参数包装类 */ public class ParameterRequestWrapper extends HttpServletRequestWrapper { private Map<String , String[]> params = new HashMap<String, String[]>(); /** * 将request交给父类,以便于调用对应方法的时候,将其输出,其实父亲类的实现方式 * @param request */ @SuppressWarnings("unchecked") public ParameterRequestWrapper(HttpServletRequest request) { super(request); //将参数表,赋予给当前的Map以便于持有request中的参数 this.params.putAll(request.getParameterMap()); this.modifyParameterValues(); } /** * 重载一个构造方法 * @param request * @param extendParams */ public ParameterRequestWrapper(HttpServletRequest request , Map<String , Object> extendParams) { this(request); addAllParameters(extendParams);//这里将扩展参数写入参数表 } /** * 将parameter的值去除空格后重写回去 */ public void modifyParameterValues(){ Set<String> set =params.keySet(); Iterator<String> it=set.iterator(); while(it.hasNext()){ String key= (String) it.next(); String[] values = params.get(key); values[0] = values[0].trim(); params.put(key, values); } } /** * 重写getParameter,代表参数从当前类中的map获取 * @param name * @return */ @Override public String getParameter(String name) { String[]values = params.get(name); if(values == null || values.length == 0) { return null; } return values[0]; } /** * 重写getParameter,代表参数从当前类中的map获取 * @param name * @return */ public String[] getParameterValues(String name) { return params.get(name); } /** * 增加多个参数 * @param otherParams */ public void addAllParameters(Map<String , Object>otherParams) { for(Map.Entry<String , Object>entry : otherParams.entrySet()) { addParameter(entry.getKey() , entry.getValue()); } } /** * 增加参数 * @param name * @param value */ public void addParameter(String name , Object value) { if(value != null) { if(value instanceof String[]) { params.put(name , (String[])value); }else if(value instanceof String) { params.put(name , new String[] {(String)value}); }else { params.put(name , new String[] {String.valueOf(value)}); } } } }
3.web.xml 中配置对应的拦截即可
<!-- 登录跳转过滤器 --> <filter> <filter-name>LoginForwarFilter</filter-name> <filter-class>com.netease.ad.omp.web.filter.LoginForwarFilter</filter-class> <init-param> <description> 不需要进行拦截的 url 的正则表达式,即:如果当前请求的 url 的 servletPath 能匹配该正则表达式,则直接放行(即使未登录系统)。 </description> <param-name>excepUrlRegex</param-name> <param-value>**.map,**.html,**.js,**.css,**.jpg,**.JPG,**.JPEG,**.gif,**.png,**.PNG,**.swf,**.ico/**</param-value> </init-param> </filter> <filter-mapping> <filter-name>LoginForwarFilter</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> </filter-mapping>