权限管理
简单的权限管理。
<%--
Document : succes
Created on : 2011-5-4, 19:16:10
Author : Administrator
--%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>JSP Page</title>
</head>
<body>
<h1>欢迎你的光临!</h1>
<%=session.getAttribute("user")%>
<a href="cc/adminsucess.jsp"> 管理员入口</a>
</body>
</html>
这是登陆成功的页面,sessio里面的user保存着登陆的用户名,当用户名为admin时可以访问/cc文件夹的所有页面。当不是的话,就直接跳转至另一个错误页面。
值得注意的是,如果直接在地址栏中写入受限制的网页的话就直接跳转至登陆页面。也就是必须要登录不登陆不能进入其他页面
下面是过滤器的内容
package quanxian;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.*;
import javax.servlet.*;
/**
* Title: LOGIN FILTER.
*
* Description: System user login servlet filter.
*
* Copyright: Copyright (c) 2007/10/05
*
* Company: JaMing SoftRoom
*
* @author: Jamee
*
* @version 1.0
*/
public class NewClass implements Filter{
FilterConfig config;
public void init(FilterConfig config)throws ServletException
{
this.config=config;
}
public void doFilter(ServletRequest request,ServletResponse response,
FilterChain chain)throws IOException,ServletException
{
HttpServletRequest hreq=(HttpServletRequest)request;
HttpServletResponse hrep=(HttpServletResponse)response;
request.setCharacterEncoding("GBK");
HttpSession session=hreq.getSession();
String back="default.jsp";
RequestDispatcher dispatcher=hreq.getRequestDispatcher(back);
if(session.getAttribute("user") ==null)
hreq.getRequestDispatcher("../index.jsp").forward(request, response);
try{
String user=(String)session.getAttribute("user");
boolean login=user.equals("admin");
if(login)
{
chain.doFilter(request,response);
}else{
dispatcher.forward(request,response);
}
}catch(Exception e){
dispatcher.forward(request,response);
}
}
public void destroy()
{
}
}
下面是配置文件的内容
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<filter>
<filter-name>quanxian</filter-name>
<filter-class>quanxian.NewClass</filter-class>
</filter>
<filter-mapping>
<filter-name>quanxian</filter-name>
<url-pattern>/cc/*</url-pattern>
</filter-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
</web-app>
浙公网安备 33010602011771号