📄 securityfilter.java
字号:
package cn.myapps.base.web.filter;
import java.io.IOException;
import java.util.Date;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import cn.myapps.constans.Web;
import cn.myapps.core.deploy.application.ejb.ApplicationProcess;
import cn.myapps.core.deploy.application.ejb.ApplicationVO;
import cn.myapps.core.permission.ejb.PermissionPackage;
import cn.myapps.core.user.action.WebUser;
import cn.myapps.core.user.ejb.UserVO;
import cn.myapps.util.ProcessFactory;
import java.util.*;
public class SecurityFilter extends HttpServlet implements Filter {
private static final long serialVersionUID = -853305800678372152L;
private static Map appDomainNameMap=null;
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest hreq = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
HttpSession session = hreq.getSession();
WebUser user = (WebUser) session
.getAttribute(Web.SESSION_ATTRIBUTE_USER);
String uri = hreq.getRequestURI();
String queryString=hreq.getQueryString();
String fulluri=uri;
if(queryString!=null)
fulluri+="?"+queryString;
ApplicationVO appvo = null;
String httpHead = hreq.getServerName();
String welcomePage=null;
try {
if(appDomainNameMap==null){
ApplicationProcess process = (ApplicationProcess) ProcessFactory
.createProcess(ApplicationProcess.class);
appDomainNameMap=process.getAppDomain_Cache();
}
appvo=(ApplicationVO)appDomainNameMap.get(httpHead);
if(appvo!=null&&appvo.getWelcomePage()!=null&&appvo.getWelcomePage().trim().length()>0)
welcomePage=appvo.getWelcomePage();
} catch (Exception e1) {
e1.printStackTrace();
}
if (uri.indexOf("login.action") >= 0 || uri.indexOf("logout.jsp") >= 0
|| uri.indexOf("permissionErr.jsp") >= 0 || uri.equals("")
|| uri.equals("/") || (uri.indexOf("timeOut.jsp") >= 0)
|| (uri.indexOf("login_error.jsp") >= 0)
|| ((uri.indexOf(".action") < 0 && uri.indexOf(".jsp") < 0))||(welcomePage!=null&&fulluri.indexOf(welcomePage)>0)) {
chain.doFilter(request, response);
return;
} else {
if (user == null) {
if (appvo!= null) {
UserVO uservo = new UserVO();
uservo.setId("GUEST");
uservo.setName("GUEST");
uservo.setLoginno("GUEST");
uservo.setApplicationid(appvo.getId());
try {
user = new WebUser(uservo);
} catch (Exception e) {
e.printStackTrace();
}
session.setAttribute(Web.SESSION_ATTRIBUTE_USER,user);
resp.sendRedirect(hreq.getContextPath()
+ welcomePage);
return;
} else {
resp.sendRedirect(hreq.getContextPath()
+ "/core/security/timeOut.jsp");
return;
}
}
}
if (PermissionPackage.checkPermission(hreq, user)) {
chain.doFilter(request, response);
} else {
if (user.getId().equals("GUEST")) {
resp.sendRedirect(hreq.getContextPath()
+ "/core/security/timeOut.jsp");
} else {
resp.sendRedirect(hreq.getContextPath() + "/permissionErr.jsp");
}
}
}
public void init(FilterConfig filterConfig) throws ServletException {
}
public void destroy() {
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -