📄 loginfilter.java
字号:
package com.tool;
import java.io.IOException;
import java.util.Locale;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import com.bean.AccountAndGroup;
import org.apache.struts.Globals;
/**
*
* <p>Title: </p>
*
* <p>Description: 对未登陆用户进行过滤</p>
*
* <p>Copyright: Copyright (c) 2007</p>
*
* <p>Company: </p>
*
* @author 詹伟胜
* @version 1.0
*/
public class LoginFilter implements Filter {
private String managerName;
private String pwd;
public void init(FilterConfig filterConfig) throws ServletException {
this.managerName = filterConfig.getInitParameter("managerName");
this.pwd = filterConfig.getInitParameter("pwd");
}
public void doFilter(ServletRequest request,
ServletResponse response,
FilterChain filterChain) throws IOException,
ServletException {
HttpServletRequest request2 = (HttpServletRequest) request;
HttpServletResponse response2 = (HttpServletResponse) response;
HttpSession session = request2.getSession();
String requestUri = request2.getRequestURI();
String rootStr = request2.getContextPath();
String requestURL = request2.getRequestURL().toString() + "?" +
request2.getQueryString();
// System.out.println(request2.getLocalName());
// System.out.println("requestURL="+requestURL);
// System.out.println(request2.getPathInfo());
// System.out.println(request2.getProtocol());
if (rootStr == null) rootStr = "";
if (!rootStr.equals("")) rootStr = rootStr + "/";
AccountAndGroup acountAndGroup = (AccountAndGroup) session.getAttribute(
"loginAcountAndGroup");
//不需控制的URL
if (requestUri.indexOf("index.jsp") != -1 ||
requestUri.indexOf("error.jsp") != -1 ||
requestUri.indexOf("loginAction.do") != -1 ||
requestUri.equals("/")||
requestUri.equals(rootStr)||
(requestUri.indexOf(".js")!=-1&&requestUri.indexOf(".jsp")==-1)){
// System.out.println("1");//----------------
filterChain.doFilter(request2, response);
}
else if (acountAndGroup == null) { //客户还未登陆
session.setAttribute("msg", "您还未登陆或登陆超时!");
response2.sendRedirect(request2.getContextPath() +
"/frameset/error.jsp");
} else { //客户已登陆,对其权限进行控制
//不需进行控制的共用URL
if (requestURL.indexOf("/css/") != -1 ||
requestURL.indexOf("/frameset/") != -1 ||
requestUri.indexOf("modifySelfAcount.jsp")!=-1||
requestURL.indexOf("/js/") != -1){
// System.out.println("2");//----------------
filterChain.doFilter(request2, response);
}
//管理员不需控制
else if (acountAndGroup.getAccountName().equals(this.managerName) &&
acountAndGroup.getPwd().equals(this.pwd)) {
// System.out.println("3");//--------------------
filterChain.doFilter(request2, response);
}
//其它URL都必需进行权限控制
else {
String[] allRoleUrl = (String[]) session.getAttribute(
"loginAllRoleUrl");
int isValidate = 0;
System.out.println("requestURL=" + requestURL);//-----------------
for (int i = 0; i < allRoleUrl.length; i++) {
System.out.println("allRoleUrl["+i+"]=#"+allRoleUrl[i]+"#");//------------------
if (requestURL.indexOf(allRoleUrl[i]) != -1) {
isValidate = 1;
break;
}
}
if (isValidate == 1) {
filterChain.doFilter(request2, response);
} else {
session.setAttribute("msg", "权限不足!");
response2.sendRedirect(request2.getContextPath() +
"/frameset/error.jsp");
}
}
}
}
public void destroy() {
this.managerName=null;
this.pwd=null;
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -