session过滤器

过滤非法登陆。

package com.jindie.base.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang.StringUtils;

import com.jindie.base.util.Constants.BaseConstants;

/**
 *
 * session过滤器
 * 〈功能详细描述〉
 * @author    RL007
 * @version   V1.00 2012-8-29
 * @see       [相关类/方法]
 * @since     114 1.0
 */
public class ServletFilter implements Filter
{
    /**
     * 构造函数
     */
    public ServletFilter()
    {
    }
    
    /**
     * initialize ServletFilter
     *
     * @param filterConfig
     *            FilterConfig
     * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
     * @throws ServletException
     *             [违例类型] [违例说明]
     */
    public void init(FilterConfig filterConfig)
        throws ServletException
    {
        
    }
    
    /**
     * Destroys the filter.
     */
    public void destroy()
    {
    }
    
    /**
     * do filter
     *
     * @param req
     *            ServletRequest
     * @param resp
     *            ServletResponse
     * @param chain
     *            FilterChain
     * @throws IOException
     *             [违例类型] [违例说明]
     * @throws ServletException
     *             [违例类型] [违例说明]
     * @see
     */
    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
        throws IOException, ServletException
    {
        HttpServletRequest request = (HttpServletRequest)req;
        HttpServletResponse response = (HttpServletResponse)resp;
        
        request.setCharacterEncoding("utf-8");//utf-8
        // response.setCharacterEncoding(KeyConstant.DEFAULT_CHARSET);
        
        final String servletPath = request.getServletPath();
        
        HttpSession session = request.getSession();
        
        String account = (String)session.getAttribute(BaseConstants.CURRENT_STAFF);
        // 登录，不需要判断session是否失效
        if (servletPath.endsWith("userLogin.action"))
        {
            if(StringUtils.isEmpty(request.getParameter("yzmbox"))){
                RequestDispatcher dispatch = request.getRequestDispatcher("/index.jsp");
                dispatch.forward(request, response);
                return;
            }
            //request.
            chain.doFilter(request, response);
            return;
        }
        
        RequestDispatcher dispatch = request.getRequestDispatcher("/index.jsp");
        if (account == null)
        {
            //response.
            //SysManagerAction sys = new SysManagerAction();
            //sys.loginOut();
            //dispatch.
            //Red
            dispatch.forward(request, response);
            return;
        }
        
        chain.doFilter(request, response);
    }
    
}