此例子为一个简单的登录拦截。
首先在web.xml中配置拦截类。
<filter-mapping>
<filter-name>SessionFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<filter>
<filter-name>SessionFilter</filter-name>
<!-- 拦截类 -->
<filter-class>com.skin.generate.user.UserLoginFilter</filter-class>
<init-param>
<param-name>loginUrl</param-name>
<param-value>/finder/login.html</param-value>
</init-param>
<!-- 配置参数 比如不拦截的路径 -->
<init-param>
<param-name>excludes</param-name>
<param-value>
/register.html,
/resource/**/*,
/note/**/*
</param-value>
</init-param>
</filter>
其次就是拦截类的编写。
package com.skin.generate.user;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession; import com.skin.finder.security.UserSession;
import com.skin.finder.web.util.Client;
import com.skin.finder.web.util.CookieUtil;
import com.skin.generate.entity.User; public class UserLoginFilter implements Filter {
/*
* String nofilter; String nofilterFiles[]; String sendRedirect;
*/ public void destroy() { } public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
String path = request.getServletPath();
String url = request.getRequestURI(); // 如果不需要过滤的静态文件,直接放行
if (path.endsWith(".css") || path.endsWith(".js")
|| path.endsWith("Login.html")
|| url.indexOf("resource") > 0 || url.indexOf("note") > 0
|| url.endsWith("login.jsp") || path.endsWith(".gif")
|| path.endsWith(".ico")) {
chain.doFilter(request, response);
return;
} else {
if (checkUser(request, response)) {
chain.doFilter(request, response);// 如果用户已经登录,就放行
return;
} else {
// 没有登录,重定向到登录页面
String contextPath = getContextPath(request);
response.sendRedirect(contextPath+ "/template/finder/login.jsp");
return;
}
} } protected String getContextPath(HttpServletRequest request) {
String contextPath = request.getContextPath(); if ((contextPath == null) || (contextPath.equals("/"))) {
return "";
}
return contextPath;
} private boolean isInArray(String path, String nofilterFiles[]) {
for (int i = 0; i < nofilterFiles.length; i++) {
String nofilterFile = nofilterFiles[i];
if (nofilterFile.equals(path)) {
return true;
}
}
return false;
} private boolean checkUser(HttpServletRequest request,
HttpServletResponse response) throws IOException { //1.判断cookie 是否存在
Cookie cookie = CookieUtil.getCookie(request, Client.COOKIE_NAME);
if(cookie ==null ){
return false;
} //2.校验session
HttpSession session = request.getSession(false);// 如果不存在返回空
if (session == null) {
return false;
}
//3.校验登录用户
Object obj = session.getAttribute(SessionUtils.USER_NAME);
if (obj == null) {
return false;
} return true;
} public void init(FilterConfig config) throws ServletException {
/*
* nofilter = config.getInitParameter("excludes");
* nofilterFiles =nofilter.split(","); sendRedirect =
* config.getInitParameter("loginUrl");
*/
// System.out.println(Arrays.asList(nofilterFiles));
} }