www.weide1946.com自定义拦截器Jsp,配置登陆过滤器

2019-09-29 15:31 来源:未知

SessionFilter:

最近在做关于filter登录验证的功能,防止未登录的用户直接通过地址进入系统

用途:进入页面时判断用户是否登录,如果没有登录返回某个页面(如登录界面)。

package com.duocy.util;

 

代码:web.xml

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

LoginFilter类:继承Filter接口

<filter>

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

package com.ss.filter;

  <filter-name>onlineFilter</filter-name>

import com.duocy.bean.Client;
import com.duocy.bean.Emp;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;:
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

  <filter-class>com.***.***.OnlineFilter</filter-class>   <!--  项目中的类,***改为自己项目的包命  -->

public class SessionFilter implements Filter {

public class LoginFilter implements Filter{

</filter>

//需要定义系统页面访问中可放行的连接
private List<String> list = new ArrayList<String>();
public void init(FilterConfig arg0) throws ServletException {
//定义前台不被拦截的页面
list.add("/index.html");
list.add("/login.html");
list.add("/register.jsp");
list.add("/customer-case.html");
list.add("/product-show.html");
list.add("/solutions.html");
list.add("/getFindkey.jsp");


   @Override
   public void init(FilterConfig filterconfig) throws ServletException { }
 
  @Override
   public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
     throws IOException, ServletException  {
      HttpServletRequest servletRequest = (HttpServletRequest)request;
      HttpServletResponse servletResponse = (HttpServletResponse)response;
      HttpSession session = servletRequest.getSession();   
      String path = servletRequest.getRequestURI();  //获取用户请求的uri*

<filter-mapping>

//定义管理后台不被拦截的页面
list.add("/admin/login.html");
list.add("/admin/assets");
}

      if(session.getAttribute("admin")==null && path.indexOf("/html/login")==-1) {         

  <filter-name>onlineFilter</filter-name>

public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
//1、获取页面中的访问的路径连接
String path = request.getServletPath();

         servletResponse.sendRedirect(servletRequest.getContextPath() "/html/login.html");
         return;
      }
      else {
        filterChain.doFilter(request, response);
      }
   }
 
   @Override
   public void destroy() { }
 
}

  <url-pattern>*.html</url-pattern>           <!--  过滤那些请求(后缀为html的)  -->

if(list!=null && list.contains{
//如果页面中获取的访问连接于定义的可放行的连接一致,则放行
chain.doFilter(request, response);
return;
}
//2、从session(globle_user)对象中获取当前登录的用户
Client client = request.getSession().getAttribute("LoginClient");
Emp emp = request.getSession().getAttribute("LoginEmp");
if(client!=null){
//如果从session中获取的用户对象不为空,则放行
chain.doFilter(request, response);
return;
}else{
//如果不满足条件1和2,则不能放行,回到客户登录页面
response.sendRedirect(request.getContextPath() "/login.html");
return;
}

 

</filter-mapping>

/*if(emp!=null) {
//如果从session中获取的用户对象不为空,则放行
chain.doFilter(request, response);
return;

在web.xml中配置session及filter:

<filter-mapping>

}else {
//如果不满足条件1和2,则不能放行,回到管理登录页面
response.sendRedirect(request.getContextPath() "/EmpCheackLogin");
return;
}*/

 <!-- 设置session过期时间 min -->
 <session-config>
    <session-timeout>30</session-timeout>
 </session-config> 
 <!-- session过滤器配置相关 -->
 <filter>
    <filter-name>LoginFilter</filter-name>
    <filter-class>com.ss.filter.LoginFilter</filter-class>
 </filter>
 <filter-mapping>
    <filter-name>LoginFilter</filter-name>
    <url-pattern>*.html</url-pattern>
 </filter-mapping>

  <filter-name>onlineFilter</filter-name>

}

 

  <url-pattern>*.jsp</url-pattern>            <!--  过滤那些请求(后缀为jspl的)  -->

public void destroy() {

</filter-mapping>

}
}

 

web.xml配置:

  OnlineFilter.java

<!-- 过滤所有对jsp的请求-->
<filter>
<filter-name>SessionFilter</filter-name>
<filter-class>com.duocy.util.SessionFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SessionFilter</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
<!-- Session过期 -->
<session-config>
<session-timeout>10</session-timeout>
</session-config>

package com.cyimayi.filter;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;

个人记录之用!

import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class OnlineFilter extends HttpServlet implements javax.servlet.Filter {    //实现javax.servlet.Filter接口

    private static final long serialVersionUID = 1L;

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {
        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse res = (HttpServletResponse) response;
        HttpSession session = req.getSession();
        String[] arr = {"/login.html", "/main.jsp", "/alipay/alipayapi.jsp", "/alipay/notify_url.jsp", "/alipay/return_url.jsp"};  

    //放行的页面,项目名开始(如www.abc.com/abc/aa.jsp, abc为项目名的话就填/aa.jsp)
        List<String> temp = Arrays.asList(arr);    //将数据转成list
        if(!temp.contains(req.getServletPath())) {     // 对页面进行放行
            if (session.getAttribute("admin") == null) { //判断用户是否登录,此处可为自己的其他条件。
                res.sendRedirect("../login.html");      //重定向
                return;
            }
        }

   /*

    * chain.doFilter(request, response);

    * 他的作用是将请求转发给过滤器链上下一个对象。这里的下一个指的是下一个filter,如果没有filter那就是你请求的资源。

    * 一般filter都是一个链,web.xml 里面配置了几个就有几个。一个一个的连在一起

    */
        chain.doFilter(request, response);
    }

    public void init(FilterConfig filterConfig) {
        //System.out.println("OnlineFilter initialized.");
    }

    public void destroy() {
        //System.out.println("OnlineFilter destroied");
    }
}

 

版权声明:本文由韦德娱乐1946_韦德娱乐1946网页版|韦德国际1946官网发布于网络编程,转载请注明出处:www.weide1946.com自定义拦截器Jsp,配置登陆过滤器