checkfilter.java

本系统是新华社内部信息管理系统

package com.nitpro.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
 * 处理权限类，没有登陆想直接访问时将无法访问
 * @author 邓锦溏
 * @version 1.0
 */
public class CheckFilter implements Filter {

	protected String Encoding = "GBK";

	protected FilterConfig filterConfig = null;

	/**
	 *@param loginPage
	 * 登陆页面，当用户没有登陆时，将会首先转到这个页面
	 */
	protected String loginPage = "/index.jsp";

	public void init(FilterConfig filterConfig) throws ServletException {

		// 通过FilterConfig获得web.xml中设置的初始化参数
		this.filterConfig = filterConfig;
		if (filterConfig.getInitParameter("loginPage") != null)
			loginPage = filterConfig.getInitParameter("loginPage");
	}

	public void destroy() {
		filterConfig = null;
	}

	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {
		// TODO Auto-generated method stub
		HttpServletRequest req = (HttpServletRequest) request;
		HttpServletResponse res = (HttpServletResponse) response;

		/**
		 * 简单过滤并指定编码过滤，若要通用可以用SetCharacterEncondingFilter
		 */
		request.setCharacterEncoding(Encoding);
		response.setCharacterEncoding(Encoding);
		/**
		 * 通过判断session中是否具有user参数来判断用户是否已经登陆
		 * 并排除过滤index.jsp login.do等情况
		 */
		HttpSession session = req.getSession(true);
			if (req.getRequestURI().length() <= 8
				|| req.getRequestURI().lastIndexOf("/index.jsp") != -1
				|| req.getRequestURI().lastIndexOf("login.do") != -1
				|| session.getAttribute("user") != null) {
			chain.doFilter(req, res);
			return;
		}
		// 尚未登陆
		else {
			ServletContext ctx = filterConfig.getServletContext();
			setForwardURI(req);
			// 跳转到登陆页面
			ctx.getRequestDispatcher(loginPage).forward(req, res);
		}
	}

	/**
	 * 设置原始的请求URL,功能是当你想直接访问某个页面但 没登陆时会自动跳转到登陆页面，登陆成功后自动返回之前欲访问的页面
	 */
	private void setForwardURI(HttpServletRequest request) {
		// 首先获得用户所请求的资源
		String requestURI = request.getRequestURI();
		requestURI = requestURI.substring(requestURI.lastIndexOf("/"),
				requestURI.length());
		// 以及所附的请求字符串
		String queryString = request.getQueryString();
		if (queryString != null) {
			requestURI += requestURI + "?" + queryString;

		} // 将用户的原始请求放在request的属性中

		request.getSession().setAttribute("orignURL", requestURI.toString());
	}
}