sessionfilter.java

java学习的必要的资料,servlet的说明很好

package com.estore.struts.utils;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

public class SessionFilter implements Filter {

	public void destroy() {
	}

	/*
	 *
	 * 是对所有的业务请求进行过滤,查看session有没有过期,以及session中有没有登录用户的信息;
	 */
	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {
		/*
		 * 对所有的带/biz路径的请求进行过滤，也就是对所有的业务请求做判断，看用户的session有没有过期；
		 * 如果出错就把错误信息封装到request的中，转向一个统一处理错误的页面/common/error.jsp；
		 * 如果都没有错误则直接通过；
		 */
		HttpSession session = ((HttpServletRequest) request).getSession(false);
		if (session == null) {
			String message = "该Session已经过期!请重新<a href='/EC_Port/pages/login.jsp' style='color:red;'>登录</a>!";
			request.setAttribute("message", message);
			
			RequestDispatcher dispatcher = request.getRequestDispatcher("/error");
			dispatcher.forward(request, response);
			
		} else if (session.getAttribute("user") == null) {
			String message = "你还没有登录,请重新<a href='/EC_Port/pages/login.jsp' style='color:red;'>登录</a>!&nbsp;请<a onclick='javascript:history.go(-1)' style='color:red;'>返回</a>!";
			request.setAttribute("message", message);
			
			RequestDispatcher dispatcher = request.getRequestDispatcher("/error");
			dispatcher.forward(request, response);
		} else {
			chain.doFilter(request, response);
		}
	}

	public void init(FilterConfig arg0) throws ServletException {
	}

}