session网站登录控制——filter方式
控制网站登录,如果session过期,或者没有登录,则需要进行重新登录。采用filter的方式。曾经写过一篇通过aop的方式进行控制,需要的可以参考一下:springmvc 通过aop方式进行登录控制
下面是主要代码:
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* Created by Administrator on 2016-10-12.
*/
@WebFilter(filterName = "LoginFilter")
public class LoginFilter implements Filter {
private String excludedPages;
private String[] excludedPageArray;
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
// chain.doFilter(req, resp);
boolean isExcludedPage = false;
HttpServletRequest request = (HttpServletRequest) req;
// System.out.println("=======================LoginFilter==============================" + request.getContextPath() + " " + request.getServletPath());
for (String page : excludedPageArray) {//判断是否在过滤url之外
if(request.getServletPath().matches(page)){
isExcludedPage = true;
break;
}
}
if (isExcludedPage) {
chain.doFilter(req, resp);
} else {
HttpSession session = request.getSession();
if (session.getAttribute("policeid") != null) {
chain.doFilter(req, resp);
} else {
// System.out.println("=======================LoginFilter==============================");
HttpServletResponse response = (HttpServletResponse) resp;
response.setContentType("text/html;charset=utf-8");
String ss=
"<script type='text/javascript'>alert('请先登录!');window.location.href='"+request.getContextPath()+"/web/login';</script>";
response.getWriter().print(ss);
return;
}
}
}
public void init(FilterConfig config) throws ServletException {
excludedPages = config.getInitParameter("excludedPages");
if (excludedPages != null) {
excludedPageArray = excludedPages.split(",");
}
}
}
在web.xml中增加filter的定义:
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>LoginFilter</filter-class>
<init-param>
<param-name>excludedPages</param-name>
<param-value>/public/.*,/web/login,/index.jsp,/web/tologin</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
需要注意的是,还没有登录,那么filter就不能过滤,因为那样会陷入循环。所以登录界面的相关url请求需要过滤掉。在xml中配置需要过滤的内容:
<init-param>
<param-name>excludedPages</param-name>
<param-value>/public/.*,/web/login,/index.jsp,/web/tologin</param-value>
</init-param>
在filter的init方法中获取需要过滤的内容,最后在doFilter方法中对这些过滤的路径放行。