securityfilter.java

网上找的很稀有的单点登陆资料,基于对称加密算法的.

package com.yayisoft.sso.client;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class SecurityFilter implements Filter {

	/**  
	 * Constructor of the object.  
	 */
	public SecurityFilter() {
		super();
	}

//	private FilterConfig filterConfig;

	// Handle the passed-in FilterConfig       
	public void init(FilterConfig filterConfig) throws ServletException {
//		this.filterConfig = filterConfig;//读取配置信息
		
	}

	public void doFilter(ServletRequest req, ServletResponse res,
			FilterChain filterChain)

	{
		try {
			HttpServletRequest request = (HttpServletRequest) req;
			HttpServletResponse response = (HttpServletResponse) res;
			HttpSession session = request.getSession(true);
			String user = (String)session.getAttribute("user");
			
			if(user == null){
				StringBuffer url = request.getRequestURL();
				String baseURL = request.getLocalAddr();
				System.out.println("非法用户被SecurityFilter过滤^.^"+url.toString()+"ip"+baseURL);
				String domain = request.getLocalAddr()+ ":" + request.getLocalPort() + request.getContextPath();// TODO Config
				response.sendRedirect("http://" + domain + "/Reception?url=" + url);
				return;
			}
			// 这里放到达目的地前(进入)处理代码   

			filterChain.doFilter(req, res);

			// 这里放到达目的地(离开)的处理代码   

		} catch (IOException e) {
			e.printStackTrace();
		} catch (ServletException e) {
			e.printStackTrace();
		}
	}

	/**  
	 * Destruction of the servlet. <br>  
	 */
	public void destroy() {
		// Just puts "destroy" string in log   
		// Put your code here   
	}

}