页面访问的控制

spring aop:

import javax.servlet.http.HttpServletRequest;   
import org.aopalliance.intercept.MethodInterceptor;   
import org.aopalliance.intercept.MethodInvocation;   
import org.apache.struts.action.ActionMapping;   
  
/**  
 * 这是一个拦截器,用来验证用户是否通过验证  
 *  
 */  
public class AuthorityInterceptor implements MethodInterceptor {   
  
    public Object invoke(MethodInvocation invocation) throws Throwable   
    {   
        HttpServletRequest request = null;   
        ActionMapping mapping = null;   
        Object[] args = invocation.getArguments();   
        for (int i = 0 ; i < args.length ; i++ )   
        {   
            if (args[i] instanceof HttpServletRequest) request = (HttpServletRequest)args[i];   
            if (args[i] instanceof ActionMapping) mapping = (ActionMapping)args[i];   
        }   
        if ( request.getSession().getAttribute("adminname") != null)   
        {   
            return invocation.proceed();   
        }   
        else  
        {   
            return mapping.findForward("login");   
        }   
    }   
}  

<bean class="org.springframework.aop.framework.autoproxy.BeanNameAutoProxyCreator">   
    <property name="beanNames">   
           <list>   
              <value>/vaiiduser</value>   
               <value>/admin</value>   
              <value>/phone</value>   
           </list>   
    </property>   
       <property name="interceptorNames">   
           <list>   
               <value>authorityInterceptor</value>    
           </list>   
       </property>   
   </bean>   
  
<bean id="authorityInterceptor" class="org.mmc.utils.AuthorityInterceptor"/> 

servlet过滤器

import java.io.IOException;   
  
import javax.servlet.Filter;   
import javax.servlet.FilterChain;   
import javax.servlet.FilterConfig;   
import javax.servlet.ServletException;   
import javax.servlet.ServletRequest;   
import javax.servlet.ServletResponse;   
import javax.servlet.http.HttpServletRequest;   
import javax.servlet.http.HttpServletResponse;   
import javax.servlet.http.HttpSession;   
  
  
/**  
 * 设置字符集、过滤未登录的非法请求  
 */  
public class UserLoginFilter implements Filter {   
    protected String encoding = null;   
  
    protected FilterConfig filterConfig = null;   
  
    protected boolean ignore = false;   
  
    protected String forwardPath = null;   
  
    public void destroy() {   
        this.encoding = null;   
        this.filterConfig = null;   
    }   
  
    public void doFilter(ServletRequest request, ServletResponse response,   
            FilterChain chain) throws IOException, ServletException {   
  
        // 设置编码方式，web.xml里面有filter参数的初始化设置   
        if (ignore || (request.getCharacterEncoding() == null)) {   
            String encoding = selectEncoding(request);   
            if (encoding != null)   
                request.setCharacterEncoding(encoding);   
        }   
        HttpServletRequest httpServletRequest = (HttpServletRequest) request;   
        HttpServletResponse httpServletResponse = (HttpServletResponse) response;   
        String requesturi = httpServletRequest.getRequestURI();   
        // 通过检查session中的变量，过虑请求,最好把username提取出来当常量   
        HttpSession session = httpServletRequest.getSession();   
        Object currentUser = session.getAttribute("username");   
        // 当前会话用户为空而且不是请求登录，退出登录，欢迎页面和根目录则退回到应用的根目录   
        if (currentUser == null  
                && !requesturi.endsWith("/login.action")   
                && !requesturi.endsWith("/logout.action")   
                && !requesturi.endsWith("/index.jsp")   
                && !requesturi.endsWith(httpServletRequest.getContextPath()   
                        + "/")) {   
            httpServletResponse.sendRedirect(httpServletRequest   
                    .getContextPath()   
                    + "/");   
            return;   
        }   
        chain.doFilter(request, response);   
    }   
  
    public void init(FilterConfig filterConfig) throws ServletException {   
        this.filterConfig = filterConfig;   
        this.encoding = filterConfig.getInitParameter("encoding");   
        this.forwardPath = filterConfig.getInitParameter("forwardpath");   
        String value = filterConfig.getInitParameter("ignore");   
        if (value == null)   
            this.ignore = true;   
        else if (value.equalsIgnoreCase("true"))   
            this.ignore = true;   
        else if (value.equalsIgnoreCase("yes"))   
            this.ignore = true;   
        else  
            this.ignore = false;   
    }   
  
    protected String selectEncoding(ServletRequest request) {   
        return (this.encoding);   
    }   
}

<filter>   
    <filter-name>Login Filter</filter-name>   
    <filter-class>   
        你的包名(自己改一下).UserLoginFilter   
    </filter-class>   
    <init-param>   
        <param-name>encoding</param-name>   
        <param-value>GBK</param-value>   
    </init-param>   
    <init-param>   
        <param-name>ignore</param-name>   
        <param-value>false</param-value>   
    </init-param>   
    <init-param>   
        <param-name>forwardpath</param-name>   
        <param-value>index.jsp</param-value>   
    </init-param>   
</filter>   
<filter-mapping>   
<filter-name>Login Filter</filter-name>   
    <url-pattern>/*</url-pattern>   
</filter-mapping>