基于springMVC实现登录过滤器

此文章是基于　　搭建Jquery+SpringMVC+Spring+Hibernate+MySQL平台

一. 相关文件介绍

　　1. LoginFilter.java：登录过滤器，保证每次的url访问都对session进行验证

package com.ims.web;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.web.filter.OncePerRequestFilter;

import com.ims.common.ConfigHolder;

/**
 * 登陆过滤器
 */
public class LoginFilter extends OncePerRequestFilter{

    @Override
    protected void doFilterInternal(HttpServletRequest request,
            HttpServletResponse response, FilterChain filterChain)
            throws ServletException, IOException {
        // 不拦截的url
        String[] notFilter = new String[] {"/login.do","/service"};

        // 请求的url
        String url = request.getRequestURI();
        
        boolean doFilter = chek(notFilter, url);
        if (doFilter) {
            HttpSession session = request.getSession();
            Object obj = session.getAttribute(ConfigHolder.getValue("session.sys.user"));
            if (null == obj) {
                // 如果session中不存在登录者实体，则弹出框提示重新登录
                PrintWriter out = response.getWriter();
                String loginPage = request.getContextPath() + "/login.do";
                StringBuilder builder = new StringBuilder();
                builder.append("<script type="text/javascript">");
                builder.append("window.top.location.href='");
                builder.append(loginPage);
                builder.append("';");
                builder.append("</script>");
                out.print(builder.toString());
            } else {
                filterChain.doFilter(request, response);
            }
        } else {
            filterChain.doFilter(request, response);
        }
    }

    /**
     * 检查是否拦截
     * @param notFilter 不拦截的url           
     * @param url 请求的url
     * @return false：不拦截  true：拦截
     */
    public boolean chek(String[] notFilter, String url) {
        // 图片、脚本、css、页面不进行拦截
        if (url.endsWith(".css") || url.endsWith(".js") 
            || url.endsWith(".png") || url.endsWith(".jpg")
            || url.endsWith(".gif") || url.endsWith(".jsp")
            || url.endsWith(".html")) {
            return false;
        }
        // 含有notFilter中的任何一个则不进行拦截
        for (String s : notFilter) {
            if (url.indexOf(s) != -1) {
                return false;
            }
        }
        return true;
    }
}

　　

　　2. web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:web="http://xmlns.jcp.org/xml/ns/javaee" 
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_4.xsd 
        http://xmlns.jcp.org/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" 
    version="2.4">
  
  <filter>
    <filter-name>loginFilter</filter-name>
    <filter-class>com.ims.web.LoginFilter</filter-class>
  </filter>
  
  <filter-mapping>
    <filter-name>loginFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>
      
</web-app>