使用Tomcat的过滤器验证用户是否登陆

Java菜鸟一枚，这两天一直被一个问题困扰，就是用tomcat的过滤器去验证用户是否登陆了。前一段时间一直犯了一个低级错误，导致我这两天这个功能一直没有试验成功！

那就是我把登陆页面放在了WEB-INF下面，因为犯晕，一直忘了WEB-INF就是保护自身资源，必须时tomcat自己返回的！希望后来者引以为戒！

那下面就把这个简单的登陆过滤器给大家看看吧

public class SessionCheck implements Filter{    public void init(FilterConfig filterConfig) throws ServletException {    }    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {         // 获得在下面代码中要用的request,response,session对象        HttpServletRequest request = (HttpServletRequest) servletRequest;        HttpServletResponse response = (HttpServletResponse) servletResponse;        HttpSession session = request.getSession();        System.out.println(request.getRequestURI());        //防止js,css，图片别过滤掉        if(request.getServletPath().endsWith(".css") || request.getServletPath().endsWith(".js") || request.getServletPath().endsWith(".png")){            filterChain.doFilter(request, response);            return;        }        if(session!=null&&session.getAttribute("admin")!=null) {            System.out.println(session.getAttribute("admin"));            filterChain.doFilter(request, response);            //logo.jsp一定要放在和WEB-INF平级的目录中        }else if(request.getRequestURI().equals(request.getContextPath()+"/login.jsp") || request.getRequestURI().equals("/login.do")){            filterChain.doFilter(request, response);        } else {            response.sendRedirect(request.getContextPath() + "/login.jsp");        }    }    public void destroy() {    }