📄 saftyfilter.java
字号:
package com.core.web;
/**
* 这个类是安全过滤器,主要拦截所有的请求,检查用户的权限。
*
*
*
*/
import java.io.IOException;
import java.util.Collection;
import java.util.Vector;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.servlet.RequestDispatcher;
import org.apache.commons.logging.LogFactory;
import org.apache.commons.logging.Log;
import com.core.Config;
import com.opensymphony.xwork.ActionContext;
import java.util.List;
//import com.xckj.mdgl.index.login.UserCount;
//import com.xckj.mdgl.sysmng.organize.user.User;
import java.io.PrintWriter;
public class SaftyFilter implements Filter {
private static Log log = LogFactory.getLog(SaftyFilter.class);
private FilterConfig config;
public void init(FilterConfig filterConfig) throws ServletException {
this.config = filterConfig;
}
public void destroy() {
this.config = null;
}
public FilterConfig getFilterConfig() {
return this.config;
}
public void setFilterConfig(FilterConfig filterConfig) {
this.config = filterConfig;
}
/**
* 过滤器的关键方法。一共有三种情况:
* 1、新用户登录。
* 2、原有用户超时。
* 3、原有用户正常访问。
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain fc) throws IOException, ServletException {
//进行请求和响应的类型转换
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
// List list = UserCount.getList();
// for(int i=0;i<list.size();i++){
// User user = (User)list.get(i);
// if(!ActionContext.getContext().getSession().containsValue(user)){
// new UserCount().userRemoved(user);
// }
// }
// try {
// showMessage(httpResponse, (User) ActionContext.getContext().getSession().get("user"));
// } catch (Exception ex) {
// }
fc.doFilter(request, response);
// // 1、新用户登录。
// String servletPath = httpRequest.getServletPath();
// if (servletPath.equals(Config.LOGON_ACTION_NAME)){
// log.info("新用户登录");
// processNewLogon(httpRequest, httpResponse);
// fc.doFilter(request, response);
// }
//
// HttpSession httpSession = httpRequest.getSession(false);
// // 2、原有用户超时。
// if (httpSession == null) {
// log.info("连接超时");
// processTimeOut(httpRequest, httpResponse);
// fc.doFilter(request, response);
// } else { //3、原有用户正常访问。
// log.info("原有用户访问");
// processLogon(httpRequest, httpResponse);
// fc.doFilter(request, response);
// }
}
/**
* 接收系统短信
* @param response ServletResponse
* @param user User
*/
// private void showMessage(ServletResponse response, User user){
// try {
// PrintWriter out = response.getWriter();
// out.print("<SCRIPT LANGUAGE=\"JavaScript\">");
// out.print(" var oPopup = window.createPopup(); ");
// out.print(" var popTop=50; ");
// out.print(" function popmsg(msgstr){ ");
// out.print(" var winstr = \"<table width=\"184\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\"; ");
// out.print(" winstr += \"<tr><td><img src=\"/images/tip_r1_c1.gif\" width=\"184\" height=\"18\"></td></tr>\"; ");
// out.print(" winstr += \"</table><table width=\"184\" height=\"82\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\"; ");
// out.print(" winstr += \"<tr><td align=\"center\" background=\"/images/tip_r2_c1.gif\">\" + msgstr + \"</td></tr></table>\"; ");
// out.print(" oPopup.document.body.innerHTML = winstr; ");
// out.print(" popshow(); ");
// out.print(" } ");
// out.print(" function popshow(){ ");
// out.print(" window.status=popTop; ");
// out.print(" if(popTop>1720){ ");
// out.print(" clearTimeout(mytime); ");
// out.print(" oPopup.hide(); ");
// out.print(" return; ");
// out.print(" }else if(popTop>1520&&popTop<1720){ ");
// out.print(" oPopup.show(screen.width-250,screen.height,241,1720-popTop); ");
// out.print(" }else if(popTop>1500&&popTop<1520){ ");
// out.print(" oPopup.show(screen.width-250,screen.height+(popTop-1720),241,172); ");
// out.print(" }else if(popTop<180){ ");
// out.print(" oPopup.show(screen.width-250,screen.height,241,popTop); ");
// out.print(" }else if(popTop<220){ ");
// out.print(" oPopup.show(screen.width-250,screen.height,241,popTop); ");
// out.print(" oPopup.show(screen.width-250,screen.height-popTop,241,172); ");
// out.print(" } ");
// out.print(" popTop+=10; ");
// out.print(" var mytime=setTimeout(\"popshow();\",50); ");
// out.print(" } ");
// out.print(" popmsg(\"建站资源网友情提示,注意保护眼睛\"); ");
// out.print("</SCRIPT> ");
// }
// catch (IOException ex) {
// log.error("showMessage错误");
// ex.printStackTrace();
// }
// }
/**
* 处理用户新登录的情况:
* 1、校验用户名和密码。
* 2、缓存用户信息和权限列表。
*/
private void processNewLogon(HttpServletRequest hreq, HttpServletResponse hrep) throws IOException, ServletException {
String username = hreq.getParameter("username");
String password = hreq.getParameter("password");
// SysUser user = null;
// SaftyHelper helper = new SaftyHelper();
// Collection functionList = null; // operation list granted to the user
//
// //用户名校验
// try {
// user = helper.findUser(head.getUserID());
// } catch (WebException we) {
// we.printStackTrace();
// return dealException(1404, "非法用户名" + we.getMessage(), head);
// }
// //口令校验
// String pwd = head.getPassword();
// if (pwd == null)
// pwd = "";
// if (!pwd.equals(user.getPassWD())) {
//
// return dealException(1405, "非法口令", head);
// }
// head.setUsrName(user.getOperatorName());
// // 获取用户有权使用的功能列表
// try {
//
// functionList = helper.getFunctionListByUser(user.getUserID());
// }
// catch (WebException we) {
// we.printStackTrace();
// return dealException(1406, "获取系统功能列表时发生异常" + we.getMessage(), head);
// }
//
// //创建session对象
// HttpSession httpSession = hreq.getSession(true);
// httpSession.setAttribute(SessionNames.FUNCTION_LIST, functionList);
// httpSession.setAttribute(SessionNames.USER, user);
}
/**
* 处理用户超时的情况:
* 1、跳转到提示页面。
*/
private void processTimeOut(HttpServletRequest hreq, HttpServletResponse hrep) throws IOException, ServletException {
RequestDispatcher rd = hreq.getRequestDispatcher("TimeOut.jsp");
rd.forward(hreq, hrep);
}
/**
*
*/
private void processLogon(HttpServletRequest hreq, HttpServletResponse hrep) throws IOException, ServletException {
// String userID = head.getUserID();
// if (userID == null)
// userID = "";
// String functionID = head.getFunctionID();
// if (functionID == null)
// functionID = "";
// String pwd = head.getPassword();
// if (pwd == null)
// pwd = "";
// HttpSession httpSession = hreq.getSession(false);
// String strSessionUserID =
// ( (String) httpSession.getAttribute(SessionNames.USER_ID));
//
// String strPWD = ( (String) httpSession.getAttribute(SessionNames.PWD));
// //校验用户ID
// if (! (userID.trim().equals(strSessionUserID.trim()))) {
// return dealException(1407, "非法用户", head);
// }
// //校验用户口令
// if (! (pwd.trim().equals(strPWD.trim()))) {
// return dealException(1405, "非法口令", head);
// }
// // 退出登录
// if (functionID.equals("F0")) {
// hreq.setAttribute(RequestNames.IS_LOG_OFF, "true");
// LogHelper log =
// new LogHelper("com.lbs.sieaf.webcontroller.SaftyFilter.class");
// log.log(head, 1408, "退出系统");
// log = null;
// return null;
// }
// // 校验功能ID
// Collection functionList = null;
// functionList =
// (Collection) httpSession.getAttribute(SessionNames.FUNCTION_LIST);
//
// SaftyHelper helper = new SaftyHelper();
// Vector list = new Vector();
// list.add("F06.07.02.01");
// list.add("F06.07.03.01");
// list.add("F03.05.01.04");
// list.add("F03.05.01.05");
// list.add("F11.01.01.26");
// //list.add("");
// //list.add("");
//
// if ( (!helper.postValidate(functionList, functionID))
// && (!helper.postValidate(list, functionID))) {
// if (!functionID.startsWith("F12")) {
// return dealException(1409, "您没有操作此功能的权限!", head);
// }
// }
// return null;
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -