import javax.servlet.http.HttpServletRequest;
import org.aopalliance.intercept.MethodInterceptor;
import org.aopalliance.intercept.MethodInvocation;
import org.apache.struts.action.ActionMapping;
/**
* 這是一個攔截器,用來驗證用戶是否通過驗證
*
*/
public class AuthorityInterceptor implements MethodInterceptor {
public Object invoke(MethodInvocation invocation) throws Throwable
{
HttpServletRequest request = null;
ActionMapping mapping = null;
Object[] args = invocation.getArguments();
for (int i = 0 ; i < args.length ; i++ )
{
if (args[i] instanceof HttpServletRequest) request = (HttpServletRequest)args[i];
if (args[i] instanceof ActionMapping) mapping = (ActionMapping)args[i];
}
if ( request.getSession().getAttribute("adminname") != null)
{
return invocation.proceed();
}
else
{
return mapping.findForward("login");
}
}
}
<bean class="org.springframework.aop.framework.autoproxy.BeanNameAutoProxyCreator">
<property name="beanNames">
<list>
<value>/vaiiduser</value>
<value>/admin</value>
<value>/phone</value>
</list>
</property>
<property name="interceptorNames">
<list>
<value>authorityInterceptor</value>
</list>
</property>
</bean>
<bean id="authorityInterceptor" class="org.mmc.utils.AuthorityInterceptor"/>
servlet過濾器
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
* 設置字符集、過濾未登錄的非法請求
*/
public class UserLoginFilter implements Filter {
protected String encoding = null;
protected FilterConfig filterConfig = null;
protected boolean ignore = false;
protected String forwardPath = null;
public void destroy() {
this.encoding = null;
this.filterConfig = null;
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
// 設置編碼方式,web.xml裏面有filter參數的初始化設置
if (ignore || (request.getCharacterEncoding() == null)) {
String encoding = selectEncoding(request);
if (encoding != null)
request.setCharacterEncoding(encoding);
}
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
String requesturi = httpServletRequest.getRequestURI();
// 通過檢查session中的變量,過慮請求,最好把username提取出來當常量
HttpSession session = httpServletRequest.getSession();
Object currentUser = session.getAttribute("username");
// 當前會話用戶爲空而且不是請求登錄,退出登錄,歡迎頁面和根目錄則退回到應用的根目錄
if (currentUser == null
&& !requesturi.endsWith("/login.action")
&& !requesturi.endsWith("/logout.action")
&& !requesturi.endsWith("/index.jsp")
&& !requesturi.endsWith(httpServletRequest.getContextPath()
+ "/")) {
httpServletResponse.sendRedirect(httpServletRequest
.getContextPath()
+ "/");
return;
}
chain.doFilter(request, response);
}
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
this.encoding = filterConfig.getInitParameter("encoding");
this.forwardPath = filterConfig.getInitParameter("forwardpath");
String value = filterConfig.getInitParameter("ignore");
if (value == null)
this.ignore = true;
else if (value.equalsIgnoreCase("true"))
this.ignore = true;
else if (value.equalsIgnoreCase("yes"))
this.ignore = true;
else
this.ignore = false;
}
protected String selectEncoding(ServletRequest request) {
return (this.encoding);
}
}
<filter>
<filter-name>Login Filter</filter-name>
<filter-class>
你的包名(自己改一下).UserLoginFilter
</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>GBK</param-value>
</init-param>
<init-param>
<param-name>ignore</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>forwardpath</param-name>
<param-value>index.jsp</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Login Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>