www-authenticate认证

7###实例代码

package cn.demo;

import java.io.IOException;
import java.io.Serializable;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.sun.org.apache.xerces.internal.impl.dv.util.Base64;


public class ToolsFilter implements Filter, Serializable {

    private String username;
    private String password;
    
    private static final long serialVersionUID = 1L;

    @Override
    public void destroy() {
        
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        
        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse resp = (HttpServletResponse) response;
        resp.setContentType("text/html; charset=utf-8");
        String authValue = req.getHeader("Authorization");
        if(authValue!=null){
            int sepeIndex = authValue.toUpperCase().indexOf("BASIC ");
            String b64UserAndPwd = authValue.substring(sepeIndex + "BASIC ".length());
            String[] ss =new String(Base64.decode(b64UserAndPwd)).split(":"); 
            String name=ss[0];
            String word=ss[1];
            if(username.equals(name)&&password.equals(word)){
                chain.doFilter(request, response);
                return;
            }
        }
        resp.setStatus(401);
        resp.addHeader("WWW-Authenticate", "Basic realm=KOALUSAP管理工具控制台登录");
        String errMsg = "登录失败，请检查用户名和口令。";
        resp.getWriter().println(errMsg);
    }

    @Override
    public void init(FilterConfig config) throws ServletException {
         username=config.getInitParameter("ADMIN_NAME");
         password=config.getInitParameter("ADMIN_PASSWD");
         
    }

}

web.xml配置

        tools
        cn.demo.ToolsFilter
        
            ADMIN_NAME
            admin
        
        
            ADMIN_PASSWD
            admin
        
    
    
        tools
        /*
        
        REQUEST