<!-- 判断登陆的过滤器 -->
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>
tools.LoginFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
public class LoginFilter implements Filter { protected FilterConfig filterConfig;
protected String encodingName;
protected boolean enable; public LoginFilter() {
encodingName = "UTF-8";
enable = false;
} // 初始化
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException { HttpServletRequest httprequest = (HttpServletRequest) request;
HttpServletResponse httpresponse = (HttpServletResponse) response;
HttpSession session = httprequest.getSession();
ActingAdminUser user=new ActingAdminUser();
RequestDispatcher dispatcher=request.getRequestDispatcher("login.jsp");
try { //获得在session中所记录的user,该属性由登录部分的代码写入
user = (ActingAdminUser) session.getAttribute("user");
if (user!=null||httprequest.getServletPath().startsWith("/adminUser.do")||httprequest.getServletPath().startsWith("/login.jsp") ) //验证成功,继续处理
{
chain.doFilter(request, response);
} else //验证不成功,让用户登录。
{
dispatcher.forward(httprequest, httpresponse);
}
} catch (Exception e) {
e.printStackTrace();
}
} public void destroy() {
}
}<!-- 菜单 -->
<action path="/adminMenu" type="action.AdminMenuAction" name="actingForm" parameter="pare" >
<forward name="ok" path="/login.jsp"></forward>
</action>
<!-- 用户 -->
<action path="/adminUser" type="action.AdminUserAction" name="actingForm" parameter="pare" >
<forward name="loginok" path="/regedit.jsp"></forward>
<forward name="loginerror" path="/login.jsp"></forward> </action>
<!-- 聚会信息 -->
<action path="/partyitems/hipartyitems" type="action.HipartyitemsAction" name="actingForm" parameter="pare" >
<forward name="partylist" path="/partyitems/partyitemslist.jsp"></forward>
<forward name="toUpdate" path="/partyitems/Updatepartyitems.jsp"></forward>
<forward name="toAdd" path="/partyitems/Addpartyitems.jsp"></forward>
</action>
<action path="/modoerShops" type="action.ModoerShopsAction" name="actingForm" parameter="pare" />
如果别人知道我的网站有个xxx.do?pare=xxx的话,而且pare后面那个参数是action没有的肯定会报异常啊,Request[/adminUser] does not contain handler parameter named 'pare'. This may be caused by whitespace in the label text.,那服务器肯定停了,那别人怎么上我的网站啊,所以就想到过滤器,就是想实现登陆过滤,只要没登陆成功,不管你怎么在地址栏打,服务器也不停,
那个太遥远了吧,我是在tomcat下运行的,异常就停掉了,有办法让他不停吗?
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping> <filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
别人打的是什么xxx.do?pare=xxx我都不懂,怎么捕获?