<!-- 登陆过滤web.xml -->
<filter>
<filter-name>login</filter-name>
<filter-class>com.car.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>login</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
package com.car.filter;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus;
import org.springframework.web.filter.OncePerRequestFilter;
public class LoginFilter extends OncePerRequestFilter {
@Override
protected void doFilterInternal(HttpServletRequest request,HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
// 不过滤的url
String[] notFilter = new String[] { "login","static"};
String uri = request.getRequestURI();
boolean doFilter = true;
for (String s : notFilter) {
if (uri.indexOf(s) != -1) {
// 如果uri中包含不过滤的uri,则不进行过滤
doFilter = false;
break;
}
}
if (doFilter) {
// 执行过滤
// 从session中获取登录者实体
Object obj = null;
if(obj == null){
obj = request.getSession().getAttribute("admin");
}
if(obj == null){
obj = request.getSession().getAttribute("student");
}
if (obj == null) {
boolean isAjaxRequest = isAjaxRequest(request);
if (isAjaxRequest) {
response.setCharacterEncoding("UTF-8");
response.sendError(HttpStatus.UNAUTHORIZED.value(),
"您已经太长时间没有操作,请刷新页面");
return;
}
response.sendRedirect("login");
return;
} else {
// 如果session中存在登陆实体,则继续
chain.doFilter(request, response);
}
} else {
chain.doFilter(request, response);
}
}
/**
* 判断是否为Ajax请求
* @param request
* @return
*/
public static boolean isAjaxRequest(HttpServletRequest request) {
String header = request.getHeader("X-Requested-With");
if (header != null && "XMLHttpRequest".equals(header)) {
return true;
} else {
return false;
}
}
}