fliter过滤器过滤未登录用户

新建类接入filter接口

package com.bss.filter;import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;public class LoginFliter implements Filter {   public void destroy() {        // TODO Auto-generated method stub    }    public void doFilter(ServletRequest arg0, ServletResponse arg1,            FilterChain arg2) throws IOException, ServletException {        // TODO Auto-generated method stub        HttpServletRequest req = (HttpServletRequest)arg0;        HttpServletResponse resp =(HttpServletResponse) arg1;        HttpSession session = req.getSession();           // 获得用户请求的URI        String path = req.getRequestURI();        // 从request取得已经登录验证的凭证 我这里的demo用的是password来作为登录凭证        String password = (String) req.getAttribute("password");        // login.html页面无需过滤(根据自己项目的要求来)        if(path.indexOf("/login.html") > -1) {//注意：登录页面千万不能过滤  不然过滤器就。。。。。自行调试不要偷懒！这样记忆深刻            arg2.doFilter(req, resp);            return;        } else {//如果不是login.jsp进行过滤        if (password == null || "".equals(password)) {             // （将需要过滤的页面放在webroot下的admin文件夹内）  返回到webroot目录下  跳转回登陆页面        resp.sendRedirect("../login.html");            } else {                // 已经登陆,继续此次请求                arg2.doFilter(req, resp);            }        }    }    public void init(FilterConfig arg0) throws ServletException {        // TODO Auto-generated method stub    }}

web.xml

<filter><filter-name>LoginFilter</filter-name><filter-class>com.bss.filter.LoginFliter</filter-class></filter><filter-mapping><filter-name>LoginFilter</filter-name><url-pattern>/admin/*</url-pattern></filter-mapping>