java web应用URL过滤

转自http://www.yihaomen.com/article/java/117.htm,有改动,收录做笔记
首先是过滤器的类

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class SecurityFilter implements Filter {

    public void destroy() {
        // TODO Auto-generated method stub

    }
    public void doFilter(ServletRequest arg0, ServletResponse arg1,
            FilterChain arg2) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) arg0;
        HttpServletResponse response = (HttpServletResponse) arg1;
        HttpSession session = request.getSession(true);
        Object obj = (Object)session.getAttribute("CURRENT_USER");
        String url = request.getRequestURI();
        System.out.println(">>>>RequestURI:"+url);
        System.out.println(">>>RequestContext:"+request.getContextPath());
        if(obj==null){
            // 判断获取的路径不为空且不是访问登录页面或执行登录操作时跳转
            if (url != null && !url.equals("")) {
                response.sendRedirect(request.getContextPath() + "/login.jsp");
                return;
            }
        }
        arg2.doFilter(arg0, arg1);
        return;
    }

    public void init(FilterConfig arg0) throws ServletException {
    }
}

web.xml配置

    <filter>  
        <filter-name>SecurityFilterfilter-name>  
        <filter-class>com.gjp.o2o.web.filter.SecurityFilterfilter-class>  
    filter>  
    <filter-mapping>  
        <filter-name>SecurityFilterfilter-name>  
        <url-pattern>/admin/*url-pattern>  
    filter-mapping>
    <filter-mapping>  
        <filter-name>SecurityFilterfilter-name>  
        <url-pattern>/facilitator/*url-pattern>  
    filter-mapping> 

注意:错误的几种写法

<filter-mapping>  
    <filter-name>authorityfilter-name>  
    <url-pattern>/pages/cmm/*;/pages/genbill/*url-pattern>  
filter-mapping> 

还有这样写是错误的

<url-pattern>/direcotry/*.jspurl-pattern>

spring拦截器对servlet的过滤方式

首先是写拦截器

import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.aopalliance.intercept.MethodInterceptor;
import org.aopalliance.intercept.MethodInvocation;
import org.apache.log4j.Logger;
//import org.apache.struts.action.ActionMapping;

public class LoginInterceptor implements MethodInterceptor {
    private static final Logger log = Logger.getLogger(LoginInterceptor.class);

    public Object invoke(MethodInvocation invocation) throws Throwable {
        System.out.println("拦截开始!");
        Object[] args = invocation.getArguments();  
        HttpServletRequest request = null;
        HttpServletResponse response = null;
        for (int i = 0 ; i < args.length ; i++ )    {
            if (args[i] instanceof HttpServletRequest) request = (HttpServletRequest)args[i];   
            if (args[i] instanceof HttpServletResponse) response = (HttpServletResponse)args[i];

        }
        if (request != null ) {
            String url=request.getRequestURI();
            String operation=request.getParameter("operation");
            HttpSession session = request.getSession(true);     
            Object obj = (Object)session.getAttribute("CURRENT_USER");
            System.out.println(">>>>RequestURI:"+url);
            System.out.println(">>>RequestContext:"+request.getContextPath());
            System.out.println(">>>Operation:"+operation);
            if (obj == null&&(!"login".equals(operation))) {
                response.sendRedirect(request.getContextPath() + "/login.jsp");
                return false;
            }
            else {
                /*do something*/
                return invocation.proceed();
            }
        }
        else {
            return invocation.proceed();
        }
    }

}

然后在spring配置文件中配置:


<bean id="loginInterceptor" class="com.gjp.o2o.web.interceptor.LoginInterceptor" >bean>

<bean id="autoPorxyFactoryBean" class="org.springframework.aop.framework.autoproxy.BeanNameAutoProxyCreator">
        <property name="interceptorNames">
            <list>
                <value>loginInterceptorvalue>
            list>
        property>
        <property name="beanNames" >
            <list>
                <value>*Servletvalue>
            list>
        property>
    bean>

你可能感兴趣的:(过滤器,url,java,web)