session 过滤器的使用笔记
近日做的项目,需要用session判断用户是否登录,开始使用jsp界面方式判断session是否存在,方式挺简单的,只是需要在每一个jsp界面中都需要加入判断session的文件。另一种方式是过滤器。尝试jsp方式成功了后,觉得用过滤器比较好,于是改造成过滤器,但是总是不行。最后决定还是用jsp,祸不单行,用了之后发现用webflow控制的流程怎么也不好用了,百思不得其解。
今天上午从头搞起,发现了问题的存在,原来是webflow流程的路径传的有问题。兴奋之余写此日记用以鞭策。
下面主要记录过滤器的用法:
java类:
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class UserLoginFilter implements Filter {
protected String encoding = null;
protected FilterConfig filterConfig = null;
protected boolean ignore = false;
protected String forwardPath = null;
public void destroy() {
this.encoding = null;
this.filterConfig = null;
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
// 设置编码方式,web.xml里面有filter参数的初始化设置
if (ignore || (request.getCharacterEncoding() == null)) {
String encoding = selectEncoding(request);
if (encoding != null)
request.setCharacterEncoding(encoding);
}
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
String requesturi = httpServletRequest.getRequestURI();
// 通过检查session中的变量,过虑请求
HttpSession session = httpServletRequest.getSession();
Object currentUser = session.getAttribute("user");
// 当前会话用户为空而且不是请求登录,退出登录,欢迎页面和根目录则退回到应用的根目录
if (currentUser == null
&& !requesturi.endsWith("/login.jsp")
&& !requesturi.endsWith("/index.jsp")
&& !requesturi.endsWith(httpServletRequest.getContextPath()
+ "/")) {
session.setAttribute("login", "yes");
httpServletResponse.sendRedirect(httpServletRequest
.getContextPath() + "/");
return;
}
chain.doFilter(request, response);
}
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
this.encoding = filterConfig.getInitParameter("encoding");
this.forwardPath = filterConfig.getInitParameter("forwardpath");
String value = filterConfig.getInitParameter("ignore");
if (value == null)
this.ignore = true;
else if (value.equalsIgnoreCase("true"))
this.ignore = true;
else if (value.equalsIgnoreCase("yes"))
this.ignore = true;
else
this.ignore = false;
}
protected String selectEncoding(ServletRequest request) {
return (this.encoding);
}
}
然后将新建的Filter添加到web.xml中,部署Filter需要添加两部分:
1.filter元素
filter元素位于部署描述符文件(web.xml)的前部,所有filter-mapping、servlet或servlet-mapping元素之前。
2.filter-mapping元素
filter-mapping元素位于web.xml文件中filter元素之后serlvet元素之前
<filter>
<filter-name>Login Filter</filter-name>
<filter-class>com.controllers.UserLoginFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>GBK</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Login Filter</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>Login Filter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
判断session过时:直接再web.xml加入如下代码,15代表session的有效期是15分钟
<session-config>
<session-timeout>15</session-timeout>
</session-config>
浙公网安备 33010602011771号