package com.am.utils; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * 访问权限过滤器 * @author A.m * */ public class AuthFilter implements Filter{ public void destroy() { // TODO Auto-generated method stub } public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) throws IOException, ServletException { //转为http请求 HttpServletRequest request=(HttpServletRequest)arg0; HttpServletResponse response=(HttpServletResponse)arg1; //获取请求的路径:/ssmModel/page/login.jsp String currentUrl=request.getRequestURI(); //截取文件名:/login.jsp String targetURL = currentUrl.substring(currentUrl.lastIndexOf("/"), currentUrl.length()); //判定不是登录页面且不是登录接口 if(!"/login.jsp".equals(targetURL)&&!"/login.html".equals(targetURL)){ Object user=request.getSession().getAttribute("user"); if(user==null){ response.sendRedirect("/ssmModel/page/login.jsp"); // 如果session为空表示用户没有登录就重定向到login.jsp页面 return; } } //使请求继续向下执行 arg2.doFilter(arg0, arg1); } public void init(FilterConfig arg0) throws ServletException { // TODO Auto-generated method stub } }
二、在web.xml中配置过滤器
<!-- 定义filter --> <filter> <!-- filter的名字 --> <filter-name>AuthFilter</filter-name> <!-- filter的路径 --> <filter-class>com.am.utils.AuthFilter</filter-class> </filter> <!-- 定义filter过滤的地址 --> <!-- 可有多个filter-mapping,则可过滤多个URL --> <filter-mapping> <!-- filter的名字 --> <filter-name>AuthFilter</filter-name> <!-- filter需要过滤的URl --> <url-pattern>/page/*</url-pattern> <!-- 请求类型:REQUEST,FORWARD,INCLUDE,ERROR --> <!-- 默认REQUEST --> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </filter-mapping>
