判断是否是管理员为什么要用Filter 来做呢-----Authentication Filters?There are are various types of filters suggested by the specifications:Authentication Filters.Data compression Filters.Encryption Filters.Filters that trigger resource access events.Image Conversion Filters.Logging and Auditing Filters.MIME-TYPE Chain Filters.Tokenizing Filters .XSL/T Filters That Transform XML Content.
Filter就是拦截下url-mapping指定格式的一个请求操作,检查下它做了什么,然后做一定的处理。
进行拦截判断是管理员登录 还是 普通用户
<url-pattern>/*</url-pattern>
表示对所有请求进行拦截
校验是不是管理员,需要自己在Filter中,从请求里获得一些参数,进行判断的。
<filter>
<filter-name>UserRoleCheck</filter-name>
<filter-class>yourPackage.UserRoleCheck</filter-class>
<init-param>
<param-name>adminRole</param-name>
<param-value>adminName</param-value>
</init-param>
<init-param>
<param-name>adminPwd</param-name>
<param-value>adminPwd</param-value>
</init-param>
</filter>
public void init(FilterConfig config)
throws ServletException{
String userName = config.getInitParameter("adminRole");
String userPwd = config.getInitParameter("adminPwd");
}
public void doFilter(ServletRequest request,
ServletResponse response,
FilterChain chain)
throws java.io.IOException, ServletException { if(!userName.equals(adminName) || !userPwd.equals(adminPwd)
System.out.println("STOP!!!");
chain.doFilter(request,response);
}
<filter>
<filter-name>UserRoleCheck</filter-name>
<filter-class>yourPackage.UserRoleCheck</filter-class>
<init-param>
<param-name>adminRole</param-name>
<param-value>admin</param-value>
</init-param>
<init-param>
<param-name>adminPwd</param-name>
<param-value>pppp</param-value>
</init-param>
</filter> public void init(FilterConfig config)
throws ServletException{
String adminName = config.getInitParameter("adminRole");
String adminPwd = config.getInitParameter("adminPwd");
}
public void doFilter(ServletRequest request,
ServletResponse response,
FilterChain chain)
throws java.io.IOException, ServletException {
String userName = request.getParameter("userName");
String userPwd = request.getParameter("userPwd"); if(!userName.equals(adminName) || !userPwd.equals(adminPwd)
System.out.println("STOP!!!");
chain.doFilter(request,response);
}
如果在WebRoot中有一个folder在folder里有管理员页面而在WebRoot
下有用户界面,然后web.xml中要写2个filter2个filter-mapping
<filter>
<filter-name>demo</filter-name>
<filter-class>hibernateChar11.servlet.ManagerServlet</filter-class>
</filter>
<filter-mapping>
<filter-name>demo</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>demo1</filter-name>
<filter-class>hibernateChar11.servlet.ManagerServlet</filter-class>
</filter>
<filter-mapping>
<filter-name>demo1</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
那么我现在不理解的是在<url-pattern>/*</url-pattern>中
/*是代表<filter-class>hibernateChar11.servlet.ManagerServlet</filter-class>所有servlet界面那么如果我想访问folder里的管理员界面是不是<filter-class>hibernateChar11.servlet.ManagerServlet</filter-class>
也要进行相应的修改怎么修改,在<url-pattern></url-pattern>里想访问folder中管理员所有jsp界面是不是这样写呢/folder/.jsp不清楚
如在<url-pattern>/*.action</url-pattern>中配置过滤的连接,
你这只是部分操作需要过滤,又不是所有的操作,可以写得明确点,而不是限制所有的路径