securityfilter.java

社区文章采用的是平板、树形自由选择的两种展示方式

/* 
 * Created on 2007-3-8
 * Last modified on 2007-12-20
 * Powered by YeQiangWei.com
 */
package com.yeqiangwei.club.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.jboss.logging.Logger;

import com.yeqiangwei.club.controller.action.UserAction;
import com.yeqiangwei.club.model.Online;
import com.yeqiangwei.club.service.ServiceLocator;
import com.yeqiangwei.club.service.ServiceWrapper;
import com.yeqiangwei.club.service.security.UserPower;
import com.yeqiangwei.club.service.user.OnlineService;
import com.yeqiangwei.club.service.util.BasicInfoService;
import com.yeqiangwei.util.HttpServletUtils;
import com.yeqiangwei.util.Validator;


public class SecurityFilter implements Filter {
	
	private static final Logger logger = Logger.getLogger(SecurityFilter.class.getName());
	
	protected FilterConfig filterConfig = null;
	
	private UserPower userPower;
	
	private UserAction userAction;
	
	public void init(FilterConfig filterConfig) throws ServletException {
		 this.filterConfig = filterConfig;
	}

	public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) 
		throws IOException, ServletException
	{
		HttpServletRequest request = (HttpServletRequest) req;
		HttpServletResponse response = (HttpServletResponse) res;
		this.getUserAction().loginInit(request,response);
		boolean permission = this.getUserPower().canAccess(request,response);
		
		this.getOnlineService().utils(request); //在线IP
		String ip = request.getRemoteAddr();
		Online online = this.getOnlineService().findByIp(ip);
		if(!Validator.isEmpty(online)){
			if(!Validator.isEmpty(online.getIPLockEntry())){
				if(online.getIPLockEntry().getIsLoked()){//如果IP被锁定则开始跳转！
					String url = online.getIPLockEntry().getRedirect();
					if(Validator.isEmpty(url)||!url.startsWith("http")){
						url = getBasicInfoService().findOnly().getUrl();
					}
					online.setMessage("ip="+ip+"被禁止访问，重定向到"+url);
					response.sendRedirect(url);
					return ;
				}
			}else{
				logger.error("IPLockEntry is null, ip="+ip+" 未记录封锁状态！");
			}
		}else{
			logger.error("Online is null, ip="+ip+" 未记录在线状态！");
		}
		
		if(permission){
			chain.doFilter(request,response);
		}else{
			if(request.getRequestURI().indexOf("/admin/")!=-1){
				HttpServletUtils.redirect(response,"login.jsp");
			}else{
				HttpServletUtils.forward(request,response,"/club/msg.jsp");
			}
			return ;
		}
	}

	public void destroy() {
		this.filterConfig = null;
	}

	private UserPower getUserPower() {
		if(userPower==null){
			userPower = new UserPower();
		}
		return userPower;
		
	}

	private UserAction getUserAction() {
		if(Validator.isEmpty(userAction)){
			userAction = new com.yeqiangwei.club.controller.action.UserAction();
		}
		return userAction;
	}

	private OnlineService getOnlineService(){
		return ServiceWrapper.<OnlineService>getSingletonInstance(ServiceLocator.ONLINE);
	}
	
	private static BasicInfoService getBasicInfoService() {
		return ServiceWrapper.<BasicInfoService>getSingletonInstance(ServiceLocator.BASICINFO);
	}
}