自定义的过滤器
package bzu.cn.mvcproject.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class HttpFilter implements Filter{
private FilterConfig filterConfig;
public FilterConfig getFilterConfig() {
return this.filterConfig;
}
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException {
doFilter((HttpServletRequest)req,(HttpServletResponse)resp,chain);
}
protected void doFilter(HttpServletRequest req,HttpServletResponse resp,FilterChain chain) {
}
@Override
public void init(FilterConfig filterconfig) throws ServletException {
this.filterConfig = filterconfig;
init();
}
protected void init() {
}
}
实现访问权限的代码
package bzu.cn.mvcproject.filter;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class IsLoginFilter extends HttpFilter {
@Override
protected void doFilter(HttpServletRequest req, HttpServletResponse resp, FilterChain chain) {
String path = req.getServletPath();
path = path.substring(1);
//有权限访问的页面
String authority = getFilterConfig().getInitParameter("authority");
//没有权限访问的页面
String noAuthority = getFilterConfig().getInitParameter("noAuthority");
String[] strArr = authority.split(",");
String[] strArr2 = noAuthority.split(",");
HttpSession session = req.getSession();
for (String str : strArr2) {
if (str.equals(path)) {
try {//如果是没有设置访问权限的路径,则调用下一个过滤器
chain.doFilter(req, resp);
} catch (IOException | ServletException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
for (String str : strArr) {
if (str.equals(path)) {
String user = (String) session.getAttribute("user");
if (user != null) {//如果用户已经登录
try {
//如果用户已经登录,则设置访问权限的路径调用下一个过滤器
chain.doFilter(req, resp);
} catch (IOException | ServletException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} else {
try {
//没有没有登录,则跳转到登录页面
resp.sendRedirect(req.getContextPath() + "/login.jsp");
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
}
}
@Override
protected void init() {
}
}
配置文件
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
id="WebApp_ID" version="3.1">
<display-name>mvcproject</display-name>
<filter>
<filter-name>IsLoginFilter</filter-name>
<filter-class>bzu.cn.mvcproject.filter.IsLoginFilter</filter-class>
<init-param>
<param-name>authority</param-name><!-- 有访问权限的 -->
<param-value>index.jsp,add.jsp,update.jsp,query.udo,add.udo,update.udo,del.udo,updatedo.udo</param-value>
</init-param>
<init-param>
<param-name>noAuthority</param-name><!-- 没有访问权限的 -->
<param-value>login.jsp,logout.udo,login.udo,getOnline.udo,online.jsp</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>IsLoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>