登录拦截功能

1 在web.xml中配置filter(要放在字符集过滤器之后，否则字符过滤会失效)

<!-- 登录拦截 -->
 <filter>
        <display-name>LoginFilter</display-name>
        <filter-name>LoginFilter</filter-name>
        <filter-class>com.xxx.common.LoginFilter</filter-class>
 </filter>
 <filter-mapping>
        <filter-name>LoginFilter</filter-name>
        <url-pattern>/*</url-pattern>
 </filter-mapping>

2.拦截器类(登录，注册，静态文件.js.css等不进行过滤,放过去)

package com.xxx.common;

import java.io.IOException;
import java.io.Writer;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import net.sf.json.JSONObject;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.stereotype.Component;
import org.springframework.web.context.support.WebApplicationContextUtils;

import com.xxx.entity.User;
import com.xxx.service.LoginService;
import com.xxx.util.CommonUtil;

public class LoginFilter implements Filter {

    private LoginService loginService;

    public LoginService getLoginService() {
        return loginService;
    }

    public void setLoginService(LoginService loginService) {
        this.loginService = loginService;
    }

    public LoginFilter() {
    }

    /**
     * 初始化
     */
    public void init(FilterConfig config) throws ServletException {
        ServletContext context = config.getServletContext();
        ApplicationContext ctx = WebApplicationContextUtils
                .getWebApplicationContext(context);
        loginService = (LoginService) ctx.getBean(LoginService.class);

    }

    public void destroy() {
        loginService = null;
    }

    /**
     * 登录拦截
     */
    public void doFilter(ServletRequest req, ServletResponse res,
            FilterChain chain) throws IOException, ServletException {
        HttpServletRequest httpRequest = (HttpServletRequest) req;
        HttpServletResponse httpResponse = (HttpServletResponse) res;
        String path = CommonUtil.getRequestURL(httpRequest);
        
        if (path.indexOf("/tologin") != -1 || path.indexOf("/login") != -1
                || path.indexOf("/include") != -1) {
            chain.doFilter(req, res);
        } else {
            User user = loginService.getCurrentUser();
            if (user == null) {
                boolean isAjaxRequest = isAjaxRequest(httpRequest);
                if (isAjaxRequest) {
                    httpResponse.setCharacterEncoding("UTF-8");
                    Writer out = httpResponse.getWriter();
                    JSONObject jsonObj = new JSONObject();
                    jsonObj.put("success", false);
                    jsonObj.put("code", "noLogin");
                    jsonObj.put("message", "请您先登录系统!");
                    out.write(jsonObj.toString());
                    out.flush();
                    out.close();
                } else {
                    httpResponse.sendRedirect("/项目路径/Login/tologin");
                }
            } else {
                chain.doFilter(req, res);
            }

        }
    }

    /**
     * 判断是否为Ajax请求
     *
     * @param request
     *            HttpServletRequest
     * @return 是true, 否false
     */
    public static boolean isAjaxRequest(HttpServletRequest request) {
        String requestType = request.getHeader("X-Requested-With");
        return requestType != null && "XMLHttpRequest".equals(requestType);
    }

}