web.xml 页面配置
(ps:本来是想在init-param里配置静态资源不拦截,结果没生效,于是便改成了只拦截jsp文件,
拦截参数可以同时过滤多种类型资源,如下同时拦截jsp和html文件)
<!--配置过滤器,拦截对pages下的文件访问,使用LoginFilter判断是否允许访问-->
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.sdcit.filter.Filter</filter-class>
<!--<init-param>-->
<!--<param-name>ignores</param-name>-->
<!--<param-value>/bootstrap-3.3.7-dist/*,/css/*,/images/*,/js/*</param-value>-->
<!--</init-param>-->
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>*.jsp</url-pattern>
<!--只过滤jsp文件,即不登陆状态下禁止访问,静态资源不拦截-->
</filter-mapping>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>*.html</url-pattern
</filter-mapping>
Filter类项目摘录;
package com.sdcit.filter;
import com.sdcit.bean.User;
import com.sdcit.service.AuthorityService;
import com.sdcit.service.UserService;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
//@WebFilter(filterName = "Filter")
public class Filter implements javax.servlet.Filter {
public void destroy() {
}
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {
// chain.doFilter(req, resp);
servletRequest.setCharacterEncoding("utf-8");
servletResponse.setCharacterEncoding("utf-8");
HttpServletRequest requ = (HttpServletRequest) servletRequest;
HttpServletResponse res = (HttpServletResponse) servletResponse;
requ.setCharacterEncoding("utf-8");
res.setCharacterEncoding("utf-8");
HttpSession session = requ.getSession(true);
User user = (User) session.getAttribute("user");
String url = requ.getRequestURI();
System.out.println("请求的url-->>" + url);
if(url.equals("/login.jsp") || url.equals("/LoginServlet") || url.equals("/")){
//登陆页,不拦截
System.out.println("登陆页,不拦截");
filterChain.doFilter(servletRequest, servletResponse); //FilterChain 接口的 doFilter 方法用于通知 Web 容器把请求交给 Filter 链中的下一个 Filter 去处理,如果当前调用此方法的 Filter 对象是Filter 链中的最后一个 Filter,那么将把请求交给目标 Servlet 程序去处理。
}else if(user != null) {
System.out.println("用户请求页");
if(session.getAttribute("authList") == null) {
System.out.println("获取权限数据。。。");
UserService userService = new UserService();
int roleId = userService.getRoleIdByUserId(user.getUserId());//通过userId获取roleId角色
AuthorityService authorityService = new AuthorityService();
List<String> authList = authorityService.getAuthoritiesByRoleId(roleId);
// List<String> authList = new ArrayList<String>();//模拟数据测试
// authList.add("1");
// authList.add("3");
// authList.add("6");
requ.setAttribute("authList",authList);
}
filterChain.doFilter(servletRequest, servletResponse); //FilterChain 接口的 doFilter 方法用于通知 Web 容器把请求交给 Filter 链中的下一个 Filter 去处理,如果当前调用此方法的 Filter 对象是Filter 链中的最后一个 Filter,那么将把请求交给目标 Servlet 程序去处理。
}else{
System.out.println("未登录,转向login.jsp");
res.sendRedirect(requ.getContextPath()+"/login.jsp");
}
}
public void init(FilterConfig config) throws ServletException {
}
}