authorityfilter.java

一个简单的汽车租赁系统 jsp+struts+oracle

package filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import common.Constants;

import domian.user.UserInfo;

public class AuthorityFilter implements Filter {
	
	FilterConfig filterConfig = null;
	String logon = "UserLogin.jsp";
	String[] ignoreuri = null;

//	// 读取初始化配置参数
	public void init(FilterConfig config) throws ServletException
	{
//		this.filterConfig = config;
//
//		// 读取登录页面连接（在用户没有登录的时候会跳转到该页面）
//		String logon = filterConfig.getInitParameter( "logonpage" );
//		if( !StringUtil.isEmptyString( logon ) )
//			this.logon = logon;
//
//		// 读取不需要登录的连接
//		String ignoreuri = filterConfig.getInitParameter( "ignoreuri" );
//		this.ignoreuri = StringUtil.strTokenizer( ignoreuri, "," );
	}

	// 处理操作
	public void doFilter( ServletRequest request,
			                ServletResponse response,
			                FilterChain chain )
		      throws IOException, ServletException
	{
		HttpServletRequest req = (HttpServletRequest)request;
		HttpServletResponse res = (HttpServletResponse)response;
		String uri = req.getRequestURI();
		
		// 判断当前请求是否为不需要登录的请求
		if( this.ignoreuri!=null ) 
		{
			String requri = req.getRequestURI();
			for( int i=0; i<ignoreuri.length; i++ )
			{
				if( requri.indexOf( ignoreuri[i] ) > 0 )
				{
					chain.doFilter( request, response );
					return;
				}
			}
		}

		// 判断用户是否登录（通过Session中是否有session_userinfo属性来判断）
		HttpSession session = req.getSession();
		UserInfo user = (UserInfo)session.getAttribute("session_userinfo");

		if (uri.indexOf(Constants.USERLOGIN_JSP_NAME) != -1
				|| uri.indexOf(Constants.IDENTITYUSERLOGIN_SERVLET_NAME) != -1||uri.indexOf(Constants.CSS_KEY)!=-1 ||uri.indexOf(Constants.IMAGE_KEY)!=-1
				|| uri.indexOf("frame.swf")!=-1
		        || uri.indexOf("/images")!=-1
		        || uri.indexOf("/img")!=-1
		        || uri.indexOf("/js")!=-1
		        || uri.indexOf("IdentifyUserLogin.do")!=-1){
			chain.doFilter(request, response);
		}
		else if( user!=null  )
		{
			// 用户已经登录
			chain.doFilter( request, response );
		}
		else
		{
			// 用户没有登录，跳转到登录页面
//			RequestUtil.setMsg( this, req, "notlogon" );
			RequestDispatcher dispatcher = request.getRequestDispatcher( logon );
			dispatcher.forward( request, response );
		}

	}

	public void destroy()
	{
		this.filterConfig = null;
		this.ignoreuri = null;
	}



}