过滤未登录的用户

package com.filter;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.List;
import java.util.StringTokenizer;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class OnlineFilter  implements Filter {
 private static final long serialVersionUID = 1L;
 
 private List notCheckURLList = new ArrayList();

 public void init(FilterConfig filterConfig) throws ServletException {
  String notCheckURLListStr = filterConfig.getInitParameter("notCheckURLList");
   if (notCheckURLListStr != null) {
             StringTokenizer st = new StringTokenizer(notCheckURLListStr, ";");
             notCheckURLList.clear();
             while (st.hasMoreTokens()) {
                 notCheckURLList.add(st.nextToken());
             }
         }
 }

 public void doFilter(ServletRequest request, ServletResponse response,
   FilterChain chain) throws IOException, ServletException {
  RequestDispatcher dispatcher = request
    .getRequestDispatcher("login_mm.jsp");// 这里设置如果没有登陆将要转发到的页面
  HttpServletRequest req = (HttpServletRequest) request;
  HttpServletResponse res = (HttpServletResponse) response;
  HttpSession session = req.getSession(true);

  // System.out.println(((HttpServletRequest) request).getRequestURI());
  // 从session里取的用户名信息
  String username = (String) session
    .getAttribute("userId");// 这里获取session，为了检查session里有没有保存用户信息，没有的话回转发到登陆页面
  // 判断如果没有取到用户信息,就跳转到登陆页面
    if ((checkRequestURIIntNotFilterList(req))
                 && session.getAttribute("userId") == null) {
     chain.doFilter(request, response);
         }
  if (username == null || "".equals(username)) {
   // 跳转到登陆页面
   response.setCharacterEncoding("GBK");
         PrintWriter out=null;
          try{
     out= response.getWriter();
    } catch(Exception e){e.printStackTrace();}
    out.println("<script>location.href='login_mm.jsp';</script>");
   // System.out.println("用户没有登陆，不允许操作");
   res.setHeader("Cache-Control", "no-store");
   res.setDateHeader("Expires", 0);
   res.setHeader("Pragma", "no-cache");
  } else {
   // 已经登陆,继续此次请求
   chain.doFilter(request, response);
   // System.out.println("用户已经登陆，允许操作");
  }
 }

    public void destroy() {
        notCheckURLList.clear();
    }

    private boolean checkRequestURIIntNotFilterList(HttpServletRequest request) {
        String uri = request.getServletPath()
                + (request.getPathInfo() == null ? "" : request.getPathInfo());
        boolean url =  notCheckURLList.contains(uri);
        return url;
    }

}

 

--------------------------------web.xml

  <filter> 
    <filter-name>onlineFilter</filter-name> 
    <filter-class>com.filter.OnlineFilter</filter-class> 
     <init-param>
  <param-name>notCheckURLList</param-name>
  <param-value>/login.do</param-value>
  </init-param>
</filter> 
 
<filter-mapping> 
    <filter-name>onlineFilter</filter-name> 
    <url-pattern>*.do</url-pattern> 
</filter-mapping>