public class LoginFilter implements Filter {
private FilterConfig fc;
public void doFilter(ServletRequest sRequest, ServletResponse sResponse,FilterChain chain) throws IOException, ServletException {
HttpServletRequest request=(HttpServletRequest)sRequest;
HttpSession session=request.getSession();
Object loginer=session.getAttribute("loginer");
String servletPath=request.getServletPath();
if("/add".equals(servletPath)){
if("yes".equals(request.getParameter("noname")))
chain.doFilter(sRequest,sResponse);
else{
if(loginer==null&&!(loginer instanceof com.valuebean.UserBean)){
RequestDispatcher rd=request.getRequestDispatcher("/login.jsp");
rd.forward(request,sResponse);
}
else
chain.doFilter(sRequest,sResponse);
}
}
else{
if(loginer==null&&!(loginer instanceof com.valuebean.UserBean)){
RequestDispatcher rd=request.getRequestDispatcher("/login.jsp");
rd.forward(request,sResponse);
}
else
chain.doFilter(sRequest,sResponse);
}
}
public void init(FilterConfig fc) throws ServletException {
this.fc=fc;
}
public void destroy() {
this.fc=null;
}
}
public class AbleFilter implements Filter {
private FilterConfig fc;
public void destroy() {
this.fc=null;
}
public void doFilter(ServletRequest sRequest, ServletResponse sResponse,FilterChain chain) throws IOException, ServletException {
System.out.println("执行AbleFilter过滤器!");
HttpServletRequest request=(HttpServletRequest)sRequest;
HttpSession session=request.getSession();
UserBean loginer=(UserBean)session.getAttribute("loginer");
boolean mark=validateAble(loginer);
if(mark){
chain.doFilter(sRequest,sResponse);
System.out.println("返回AbleFilter");
}
else{
String message="<li>您没有权限进行该操作!</li>";
message+="<a href='javascript:window.history.go(-1)'>返回</a>";
request.setAttribute("message",message);
RequestDispatcher rd=request.getRequestDispatcher("/fail.jsp");
rd.forward(request,sResponse);
}
}
private boolean validateAble(UserBean loginer){
boolean mark=false;
if("1".equals(loginer.getAble()))
mark=true;
return mark;
}
public void init(FilterConfig fc) throws ServletException {
this.fc=fc;
}
}
public class SubmitFilter implements Filter {
private FilterConfig fc;
public void doFilter(ServletRequest sRequest, ServletResponse sResponse,FilterChain chain) throws IOException, ServletException {
HttpServletRequest request=(HttpServletRequest)sRequest;
String method=request.getMethod();
if(method.equalsIgnoreCase("POST"))
chain.doFilter(sRequest,sResponse);
else{
String message="<li>不是以POST方式进行的请求!</li>";
message+="<a href='javascript:window.history.go(-1)'>返回</a>";
request.setAttribute("message",message);
RequestDispatcher rd=request.getRequestDispatcher("/fail.jsp");
rd.forward(request,sResponse);
}
}
public void init(FilterConfig fc) throws ServletException {
this.fc=fc;
}
public void destroy() {
this.fc=null;
}
}
web.xml
<!-- 判断是否登录的过滤器 -->
<filter>
<filter-name>login</filter-name>
<filter-class>com.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>login</filter-name>
<url-pattern>/add</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>login</filter-name>
<url-pattern>/modifyview</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>login</filter-name>
<url-pattern>/modifyrun</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>login</filter-name>
<url-pattern>/delete</url-pattern>
</filter-mapping>
<!-- 判断是否有权限的过滤器 -->
<filter>
<filter-name>able</filter-name>
<filter-class>com.filter.AbleFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>able</filter-name>
<url-pattern>/modifyview</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>able</filter-name>
<url-pattern>/modifyrun</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>able</filter-name>
<url-pattern>/delete</url-pattern>
</filter-mapping>
<!-- 判断是否以POST方式提交表单的过滤器 -->
<filter>
<filter-name>method</filter-name>
<filter-class>com.filter.SubmitFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>method</filter-name>
<url-pattern>/add</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>method</filter-name>
<url-pattern>/modifyrun</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>method</filter-name>
<url-pattern>/login</url-pattern>
</filter-mapping>
fail.jsp
<%@ page contentType="text/html;charset=gb2312"%>
<%@ taglib uri="http://java.sun.com/jstl/core_rt" prefix="c" %>
<html>
<head>
<title>错误提示!</title>
<link type="text/css" rel="stylesheet" href="css/style.css">
</head>
<body>
<center>
<c:set var="mess" value="${requestScope.message}"/>
<c:if test="${empty mess}">
<c:set var="mess" value="●访问失败!"/>
</c:if>
<table border="1" width="360" height="150" style="margin-top:120">
<tr><td align="center">${mess}</td></tr>
</table>
</center>
</body>
</html>