对部分路径放行[如login.jsp, index.jsp等等]

1. 写一个过滤器, 对一部分路径放行

SessionCheckUserFilter.java:

package cn.itcast.crm.filter;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import cn.itcast.crm.domain.SysUser;
import cn.itcast.crm.util.SessionUtils;

public class SessionCheckUserFilter implements Filter {
	private List<String> list;
	
	// 要放行的路径
	public void init(FilterConfig filterConfig) throws ServletException {
		//自己处理放置在资源文件,利用流读入
		list=new ArrayList<String>();
		list.add("/image.jsp");
		list.add("/index.jsp");
		list.add("/WEB-INF/page/login.jsp");
		list.add("/sys/sysUserAction_isLogin.do");
	}
	
	public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {

		HttpServletRequest request=(HttpServletRequest)req;
		HttpServletResponse response=(HttpServletResponse)res;
		String path=request.getServletPath();
		
		//对 /image.jsp  /index.jsp  /login.jsp   /sys/sysUserAction_isLogin路径过滤器要放行
		if(list!=null&&list.contains(path)){
			chain.doFilter(request, response);
			return;
		}
		
		//获取当前的登陆用户
		SysUser sysUser=SessionUtils.getSysUserFormSession(request);
		
		//如果用户!=null 表示用户已经登陆, 也要放行
		if(sysUser!=null){
			//放行
			chain.doFilter(request, response);
		}else{  //如果用户==null 表示用户没有登陆
			//重定向到login.jsp(index.jsp)
			response.sendRedirect(request.getContextPath());
		}
	}

	public void destroy() {

	}
}

2. 在web.xml中配置过滤器, 放在访问控制器之前

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
	http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

       <filter>
		<filter-name>SessionCheckUserFilter</filter-name>
		<filter-class>cn.itcast.crm.filter.SessionCheckUserFilter</filter-class>
	</filter>

	<filter-mapping>
		<filter-name>SessionCheckUserFilter</filter-name>
		<url-pattern>*.jsp</url-pattern>
		<dispatcher>REQUEST</dispatcher> <!-- 表示请求和转发都进行拦截 -->
		<dispatcher>FORWARD</dispatcher>
	</filter-mapping>
	
	<filter-mapping>
		<filter-name>SessionCheckUserFilter</filter-name>
		<url-pattern>*.do</url-pattern>
		<dispatcher>REQUEST</dispatcher>
		<dispatcher>FORWARD</dispatcher>
	</filter-mapping>
}

至此, 过滤器就起作用了

 

posted @ 2017-05-31 21:22  半生戎马,共话桑麻、  阅读(185)  评论(0)    收藏  举报
levels of contents