JavaWeb实现用户登录的拦截

1、在web.xml中如下配置

<filter-name>loginFilter</filter-name>    <filter-class>cmcc.rsc.paweb.scan.LoginFilter</filter-class> </filter> <filter-mapping>    <filter-name>loginFilter</filter-name>    <url-pattern>/*</url-pattern> </filter-mapping>

2、在后台代码部分添加一个继承Filter的过滤器类

package cmcc.rsc.paweb.scan;import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;public class LoginFilter implements Filter {    @Override    public void destroy() {    }    @Override    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,            FilterChain filterChain) throws IOException, ServletException {        // 判断是否是http请求        if (!(servletRequest instanceof HttpServletRequest)            || !(servletResponse instanceof HttpServletResponse)) {          throw new ServletException(              "OncePerRequestFilter just supports HTTP requests");        }        // 获得在下面代码中要用的request,response,session对象        HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;        HttpServletResponse httpResponse = (HttpServletResponse) servletResponse;        HttpSession session = httpRequest.getSession(true);        String[] strs = { "forgetPsd", "login", "logout", "static" }; // 路径中包含这些字符串的,可以不用登录直接访问        StringBuffer url = httpRequest.getRequestURL();        /**         * 过滤掉根目录         */        String path = httpRequest.getContextPath();        String protAndPath = httpRequest.getServerPort() == 80 ? "" : ":"            + httpRequest.getServerPort();        String basePath = httpRequest.getScheme() + "://"            + httpRequest.getServerName() + protAndPath + path + "/";        if (basePath.equalsIgnoreCase(url.toString())) {          filterChain.doFilter(servletRequest, servletResponse);          return;        }        // 特殊用途的路径可以直接访问        if (strs != null && strs.length > 0) {          for (String str : strs) {            if (url.indexOf(str) >= 0) {              filterChain.doFilter(servletRequest, servletResponse);              return;            }          }        }        // 从session中获取用户信息        String loginInfo = (String) session.getAttribute("pa_uuid");        if (null != loginInfo && !"".equals(loginInfo)) {          // 用户存在,可以访问此地址          filterChain.doFilter(servletRequest, servletResponse);        } else {          // 用户不存在,踢回登录页面//        String returnUrl = httpRequest.getContextPath() + "/loginpage";          String returnUrl = "http://localhost:3000/login";          httpRequest.setCharacterEncoding("UTF-8");          httpResponse.setContentType("text/html; charset=UTF-8"); // 转码          httpResponse              .getWriter()              .println(                            "<script language=\"javascript\">alert(\"您还没有登录，请先登录!\");if(window.opener==null){window.top.location.href=\""                                    + returnUrl                                    + "\";}else{window.opener.top.location.href=\""                                    + returnUrl                                    + "\";window.close();}</script>");          return;        }    }    @Override    public void init(FilterConfig arg0) throws ServletException {    }}