JavaWeb实现用户登录的拦截

1、在web.xml中如下配置

<filter-name>loginFilter</filter-name>
    <filter-class>cmcc.rsc.paweb.scan.LoginFilter</filter-class>
 </filter>
 <filter-mapping>
    <filter-name>loginFilter</filter-name>
    <url-pattern>/*</url-pattern>
 </filter-mapping>

2、在后台代码部分添加一个继承Filter的过滤器类

package cmcc.rsc.paweb.scan;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class LoginFilter implements Filter {

    @Override
    public void destroy() {

    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
            FilterChain filterChain) throws IOException, ServletException {
        // 判断是否是http请求
        if (!(servletRequest instanceof HttpServletRequest)
            || !(servletResponse instanceof HttpServletResponse)) {
          throw new ServletException(
              "OncePerRequestFilter just supports HTTP requests");
        }
        // 获得在下面代码中要用的request,response,session对象
        HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpResponse = (HttpServletResponse) servletResponse;
        HttpSession session = httpRequest.getSession(true);

        String[] strs = { "forgetPsd", "login", "logout", "static" }; // 路径中包含这些字符串的,可以不用登录直接访问
        StringBuffer url = httpRequest.getRequestURL();

        /** * 过滤掉根目录 */
        String path = httpRequest.getContextPath();
        String protAndPath = httpRequest.getServerPort() == 80 ? "" : ":"
            + httpRequest.getServerPort();
        String basePath = httpRequest.getScheme() + "://"
            + httpRequest.getServerName() + protAndPath + path + "/";
        if (basePath.equalsIgnoreCase(url.toString())) {
          filterChain.doFilter(servletRequest, servletResponse);
          return;
        }
        // 特殊用途的路径可以直接访问
        if (strs != null && strs.length > 0) {
          for (String str : strs) {
            if (url.indexOf(str) >= 0) {
              filterChain.doFilter(servletRequest, servletResponse);
              return;
            }
          }
        }
        // 从session中获取用户信息
        String loginInfo = (String) session.getAttribute("pa_uuid");
        if (null != loginInfo && !"".equals(loginInfo)) {
          // 用户存在,可以访问此地址
          filterChain.doFilter(servletRequest, servletResponse);
        } else {
          // 用户不存在,踢回登录页面
// String returnUrl = httpRequest.getContextPath() + "/loginpage";
          String returnUrl = "http://localhost:3000/login";
          httpRequest.setCharacterEncoding("UTF-8");
          httpResponse.setContentType("text/html; charset=UTF-8"); // 转码
          httpResponse
              .getWriter()
              .println(
                            "<script language=\"javascript\">alert(\"您还没有登录,请先登录!\");if(window.opener==null){window.top.location.href=\""
                                    + returnUrl
                                    + "\";}else{window.opener.top.location.href=\""
                                    + returnUrl
                                    + "\";window.close();}</script>");
          return;
        }
    }

    @Override
    public void init(FilterConfig arg0) throws ServletException {

    }

}

你可能感兴趣的:(java,Web)