Filter
session超时&超过试用期禁用
新建一个过滤器
过滤器拦截所有请求,所以要在xml中配置拦截器作用某些url。
Filter拦截所有请求,interceptor只拦截action请求。
package com.autumn.filter; import com.autumn.pojo.Users; import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Date; /**
* 是否登录判断
*/
public class CheckLoginFilter implements Filter { private String USER =""; private String ROOTPATH; @Override
public void init(FilterConfig filterConfig) throws ServletException {
this.USER = filterConfig.getInitParameter("user").trim();
this.ROOTPATH = filterConfig.getInitParameter("rootPath");
} @Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
Object userid = null;
HttpServletResponse res=(HttpServletResponse)response;
HttpServletRequest req=(HttpServletRequest)request;
Users users = (Users)req.getSession().getAttribute(USER);
if (users!=null){
userid =users.getId();
} System.out.println("req.getRequestURI():"+req.getRequestURI()); if(isShakedown(3018,3,16))
{
System.out.println("系统试用期已到,请联系商务!");
res.sendRedirect(ROOTPATH+"?rtnCode=200");
}else if(req.getRequestURI().contains("/loginController/login")){ //当是登录请求时,继续往下执行
filterChain.doFilter(req, res);
}else if(userid==null||userid.toString().trim().isEmpty()) //当没有session时,即未登录,跳到登录页
{
//System.out.println("CheckLoginFilter userid:"+userid);
System.out.println("CheckLoginFilter userId is null");
res.sendRedirect(ROOTPATH);
}else{ //继续往下执行
//System.out.println("CheckLoginFilter chain.doFilter");
filterChain.doFilter(req, res);
}
} @Override
public void destroy() {
if(this.USER !=null&&this.USER.trim().isEmpty())
{
this.USER ="";
} if(this.ROOTPATH!=null&&this.ROOTPATH.trim().isEmpty())
{
this.ROOTPATH="";
}
} //试用期判断
public static boolean isShakedown(int year,int month,int day)
{
Date date = new Date();
SimpleDateFormat sf = new SimpleDateFormat("yyyy-MM-dd");
Calendar cal = Calendar.getInstance();// 获取一个Claender实例
cal.set(year, month-1, day);
Date endDate;
try {
endDate = sf.parse(sf.format(cal.getTime()));
if (date.getTime() > endDate.getTime()) {
return true;
}
} catch (ParseException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return true;
}
return false;
}
}
web.xml中加入过滤器配置
<filter>
<filter-name>loginFilter</filter-name>
<filter-class>
com.autumn.filter.CheckLoginFilter
</filter-class>
<init-param>
<param-name>excludedPages</param-name>
<param-value>/login.jsp</param-value><!-- 登陆页不做拦截的请求声明,filter中登录的接口也被排除-->
</init-param>
<init-param>
<param-name>user</param-name> <!--配置的session参数-->
<param-value>user</param-value>
</init-param>
<init-param>
<param-name>rootPath</param-name> <!-- 配置的登录页 -->
<param-value>/Bookkeeping/login.jsp</param-value>
</init-param>
</filter>
<filter-mapping> <!--拦截映射一 -->
<filter-name>loginFilter</filter-name>
<url-pattern>/manager/*</url-pattern> <!--拦截后台的请求接口-->
</filter-mapping>
<filter-mapping><!--拦截映射二 -->
<filter-name>loginFilter</filter-name>
<url-pattern>/jsp/*</url-pattern> <!--拦截直接访问前端页面-->
</filter-mapping>
Interceptor
java代码
package com.gmtx.system.intercepts; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.gmtx.platform.model.Userinfo;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView; public class MyInterceptor implements HandlerInterceptor { @Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object arg2) throws Exception {
String uri = request.getRequestURI();
HttpSession session = request.getSession();
Userinfo sessionUserinfo = (Userinfo)session.getAttribute("CURR_USER"); /*不拦截静态资源spring mvc4.3以上可以用<mvc:exclude-mapping path=""/>代替*/
if (uri.endsWith(".js")||uri.endsWith(".css")||uri.endsWith(".css")||uri.indexOf(".")>0){
//System.out.println("不拦截资源文件"+uri);
return true;
} //System.out.println("拦截访问"+uri); //如果是登录页,不拦截
if (uri.indexOf("login")>0){
return true;
} //如果已经登录,不拦截
if(sessionUserinfo!=null){
return true;
}else { //如果未登录,跳转到登陆页
response.sendRedirect(request.getContextPath()+"/login.jsp");
return false;
}
} @Override
public void afterCompletion(HttpServletRequest arg0,
HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
} @Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
Object arg2, ModelAndView arg3) throws Exception {
}
}
spring-web.xml
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/*/**"/> <!-- /*只拦截根目录,/*/**拦截project/url -->
<!--spring-mvc-4.3才能用以下标签
<mvc:exclude-mapping path="/**/fonts/*"/>
<mvc:exclude-mapping path="/**/*.css"/>
<mvc:exclude-mapping path="/**/*.js"/>
<mvc:exclude-mapping path="/**/*.png"/>
<mvc:exclude-mapping path="/**/*.gif"/>
<mvc:exclude-mapping path="/**/*.jpg"/>
<mvc:exclude-mapping path="/**/*.jpeg"/>
<mvc:exclude-mapping path="/**/*login*"/>
<mvc:exclude-mapping path="/**/*Login*"/>-->
<bean class="com.gmtx.system.intercepts.MyInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>