在用户登时,我想用Filter过滤jsp,.do,action文件有一个Filter
package demo.filter;import java.io.IOException;import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.*;public class LoginFilter implements Filter { public void init(FilterConfig config) throws ServletException {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest)request;
HttpSession session = req.getSession();
if(session.getAttribute("name")!=null){
chain.doFilter(request, response);
}else{
request.getRequestDispatcher("login.jsp").forward(request, response);
}
} public void destroy() {
}
}在web.xml中配置如下: <filter>
<filter-name>loginFilter</filter-name>
<filter-class>demo.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>如果在用户登录则可以继续看后面页面.否则要跳转到login.jsp页面.可是我在未登陆时还是可以访问.do的,而不是转到 login.jsp页面.
request.getRequestDispatcher("login.jsp").forward(request, response); 这句话好象不起作用.
还有过滤*.jsp,*.do时,如果.do后面有参数,如:login.do?name=aaa&password=bbb,这样的形式,按照配置的过滤器,可以被过滤掉吗?
package demo.filter;import java.io.IOException;import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.*;public class LoginFilter implements Filter { public void init(FilterConfig config) throws ServletException {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest)request;
HttpSession session = req.getSession();
if(session.getAttribute("name")!=null){
chain.doFilter(request, response);
}else{
request.getRequestDispatcher("login.jsp").forward(request, response);
}
} public void destroy() {
}
}在web.xml中配置如下: <filter>
<filter-name>loginFilter</filter-name>
<filter-class>demo.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>如果在用户登录则可以继续看后面页面.否则要跳转到login.jsp页面.可是我在未登陆时还是可以访问.do的,而不是转到 login.jsp页面.
request.getRequestDispatcher("login.jsp").forward(request, response); 这句话好象不起作用.
还有过滤*.jsp,*.do时,如果.do后面有参数,如:login.do?name=aaa&password=bbb,这样的形式,按照配置的过滤器,可以被过滤掉吗?
httpResponse.encodeRedirectURL(toPageURL);
httpResponse.sendRedirect(toPageURL);
package demo.filter;import java.io.IOException;import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.*;public class LoginFilter implements Filter { public void init(FilterConfig config) throws ServletException {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
HttpSession session = req.getSession();
if(session.getAttribute("name")!=null){
chain.doFilter(request, response);
}else{
String toPageURL = httpRequest.getContextPath() + "login.jsp";
httpResponse.encodeRedirectURL(toPageURL);
httpResponse.sendRedirect(toPageURL);
}
} public void destroy() {
}
}
<filter-name>loginFilter</filter-name>
<filter-class>demo.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
全部过滤..
private FilterConfig _filterConfig = null; public void init(FilterConfig filterConfig) throws ServletException {
_filterConfig = filterConfig;
} public void destroy() {
_filterConfig = null;
} public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req=(HttpServletRequest)request;
HttpServletResponse resp=(HttpServletResponse)response;
req.setCharacterEncoding("GBK");
if (req.getSession().isNew()){
resp.sendRedirect("login.htm");
}
chain.doFilter(request, response);
}
}
我是这样做的,绝对成功
public static boolean isContains(String container, String[] regx) {
boolean result = false; for (int i = 0; i < regx.length; i++) {
if (container.indexOf(regx[i]) != -1) {
result=true;
}
}
return result;
} public FilterConfig config; public void setFilterConfig(FilterConfig config) {
this.config = config;
} public FilterConfig getFilterConfig() {
return config;
} public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper((HttpServletResponse) response);
System.out.println(wrapper);
String logonStrings = config.getInitParameter("logonStrings");//logonStrings,登陆页面
String includeStrings = config.getInitParameter("includeStrings");//includeStrings,过滤页面参数
String redirectPath = req.getContextPath()+ config.getInitParameter("redirectPath");//redirectPath,没有登陆转向页面
String disabletestfilter = config.getInitParameter("disabletestfilter");//disabletestfilter,过滤器是否有效。 if (disabletestfilter.toUpperCase().equals("N")) {
chain.doFilter(request, response);
return;
}
String[] logonList = logonStrings.split(";");
String[] includeList = includeStrings.split(";");
Object userInfo =req.getSession().getAttribute("userInfo");
Object isLogin = req.getSession().getAttribute("isLogin");
System.out.println(userInfo);
System.out.println(isLogin);
if (userInfo== null||isLogin==null) {
if (!LoginFilter.isContains(req.getRequestURI(),includeList)) {
chain.doFilter(request, response);
return;
}
if (LoginFilter.isContains(req.getRequestURI(),logonList)) {
chain.doFilter(request, response);
return;
}
wrapper.sendRedirect(redirectPath);
} else {
chain.doFilter(request, response);
}
} public void destroy() {
this.config = null;
} public void init(FilterConfig filterConfig) throws ServletException {
this.config = filterConfig;
}
}
web.xml<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.exam.filter.LoginFilter</filter-class>
<init-param>
<param-name>logonStrings</param-name>
<param-value>/login.jsp</param-value>
</init-param>
<init-param>
<param-name>includeStrings</param-name>
<param-value>.jsp;</param-value> //可以自己修改!
</init-param>
<init-param>
<param-name>redirectPath</param-name>
<param-value>/login.jsp</param-value>
</init-param>
<init-param>
<param-name>disabletestfilter</param-name>
<param-value>Y</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>