配置web.xml
<!-- 定义Filter --> <filter> <!-- Filter的名字 --> <filter-name>loginFilter</filter-name> <!-- Filter的实现类 --> <filter-class>com.sxdf.rent.servlets.LoginFilter</filter-class> <!-- 下面3个init-param元素配置了3个参数 --> <init-param> <param-name>encoding</param-name> <param-value>UTF-8</param-value> </init-param> <!-- 登录页面 --> <init-param> <param-name>loginPage</param-name> <param-value>/rent/index.jsp</param-value> </init-param> <!-- 登录信息处理页面 --> <init-param> <param-name>proLogin</param-name> <param-value>/rent/userLogin.jsp</param-value> </init-param> <!-- 没有session返回的界面 --> <init-param> <param-name>timeoutPage</param-name> <param-value>/rent/sessionTimeout.jsp</param-value> </init-param> <!-- 默认界面界面 --> <init-param> <param-name>defaultPage</param-name> <param-value>/rent/</param-value> </init-param> </filter> <!-- 定义Filter拦截的URL地址 --> <filter-mapping> <!-- Filter的名字 --> <filter-name>loginFilter</filter-name> <!-- Filter负责拦截的URL --> <url-pattern>/*</url-pattern> </filter-mapping>
JAVA代码
LoginFilter 还可以加一个 PermissionFilter
public class LoginFilter implements Filter { private FilterConfig config = null ; @Override public void destroy() { this.config = null ; } //过滤session中没有user的情况,既是没有登录的用户,或者闲置过久的用户。 @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest)request ; HttpServletResponse resp = (HttpServletResponse)response; String encoding = config.getInitParameter("encoding"); String loginPage = config.getInitParameter("loginPage"); String proLogin = config.getInitParameter("proLogin"); String timeoutPage = config.getInitParameter("timeoutPage"); String defaultPage = config.getInitParameter("defaultPage"); User u = (User) req.getSession().getAttribute("user"); //System.out.println(req.getRequestURI()); ///rent/index.jsp //System.out.println(req.getRequestURL()); //http://127.0.0.1:8080/rent/index.jsp if(!PropertiesTool.getProperty("print").equals("0")) { System.out.println(req.getRequestURL()); } //如果访问的是图片 或者 include文件夹下的文件 也可以放行 if(check(req.getRequestURI())) { filterChain.doFilter(request, response); } //如果user为null 并且请求的不是登录页面 也不是 登录信息处理页面那么就跳转到首页去。 else if( u == null && !req.getRequestURI().endsWith(loginPage) && !req.getRequestURI().endsWith(proLogin) && !req.getRequestURI().endsWith(defaultPage) && !req.getRequestURI().endsWith(timeoutPage)) { //forward到登录页面 //req.getSession().setAttribute("tip" , "您还没有登录"); resp.sendRedirect(timeoutPage); return ; //如果用户不可用 } else if( u != null && !u.getIsUseable() ) { req.setAttribute("tip" , "用户已经被禁用"); resp.sendRedirect("index.jsp"); return ; } //“放行”请求 else { filterChain.doFilter(request, response); } } @Override public void init(FilterConfig filterConfig) throws ServletException { this.config = filterConfig; } //检查链接是否是访问include文件夹或者图片文件夹 private boolean check(String url) { String folder = PropertiesTool.getProperty("folder"); String[] folders = folder.split(","); for(String str : folders ) { if(url.contains("/" + str.trim() + "/")) { //System.out.println("放行:" + url); return true ; } } return false; } }