javaweb——登陆权限过滤器的编写

1. 编写登陆权限过滤器

package com.xinrui.flower.filter;import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletContext;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;/** *  * @ClassName: ValidateFilter * @Description: 登陆权限过滤器 * @author 梁志成 * @date 2016年3月20日 上午11:42:35 * */public class ValidateFilter implements Filter {    private ServletContext servletContext;    @Override    public void destroy() {    }    @Override    public void doFilter(ServletRequest request, ServletResponse response,            FilterChain chain) throws IOException, ServletException {        HttpServletRequest req = (HttpServletRequest) request;        HttpServletResponse rep = (HttpServletResponse) response;        HttpSession session = req.getSession();        // 1.可以进行配置(用户访问的页面,都可以在web.xml中进行配置)        // 获取配置的登录页面地址        String login_page = servletContext.getInitParameter("login_page");        // 获取我们需要登录才能访问的页面地址        String validate_page = servletContext.getInitParameter("validate_page");        // 获取共用的页面(不需要可以就访问的页面地址)        String common_page = servletContext.getInitParameter("common_page");        // 获取当前用户访问的路径地址        String current_url = req.getServletPath();        System.out.println("当前访问页面:" + current_url);        System.out.println("公共的:" + common_page);        // 判断当前访问路径是否允许        if (common_page.indexOf(current_url) != -1) {            System.out.println("你是公共页面,直接访问");        } else if (validate_page.indexOf(current_url) != -1                && session.getAttribute("username") != null) {            System.out.println("你是需要登录才能访问的,并且你也已经登录了,可以访问.");            // 已经登陆,可以进行访问            chain.doFilter(request, response);        } else {            // 跳转到登录页面            rep.sendRedirect(req.getContextPath() + login_page);        }    }    @Override    public void init(FilterConfig config) throws ServletException {        servletContext = config.getServletContext();    }}

2.在web.xml中注册该过滤器

 <!-- 验证用户是否登录的Filter -->  <filter>  <filter-name>validateLogin</filter-name>  <filter-class>com.xinrui.flower.filter.ValidateFilter</filter-class> </filter>  <filter-mapping>      <filter-name>validateLogin</filter-name>     <url-pattern>*.html</url-pattern> </filter-mapping>  <!-- 配置登录页面路径 -->   <context-param>       <param-name>login_page</param-name>      <param-value>/login.html</param-value>   </context-param>  <!-- 配置需要登录才能操作的页面路径 -->   <context-param>      <param-name>validate_page</param-name>      <param-value>/test.html</param-value>   </context-param>  <!-- 配置不需要登录就能访问的页面 -->   <context-param>      <param-name>common_page</param-name>      <param-value>/index.html,/login.html,/exit.html,/register.html,/*.do,/red.      html,/width.html,/pink.html,/purple.html</param-value>  </context-param>