1.首先寫一個權限過濾filter類,實現Filter接口
import javax.servlet.Filter;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.FilterChain;import java.io.IOException;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpSession;import javax.servlet.http.HttpServletResponse;public class RightFilter
implements Filter {
public void init(FilterConfig filterConfig) throws ServletException {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse) response; HttpSession session = req.getSession(true); //從session裏取的用戶名信息 String username = (String) session.getAttribute("username"); //判斷如果沒有取到用戶信息,就跳轉到登陸頁面 if (username == null || "".equals(username)) { //跳轉到登陸頁面 res.sendRedirect("http://"+req.getHeader("Host")+"/login.jsp"); } else { //已經登陸,繼續此次請求 chain.doFilter(request,response); } } public void destroy() { }
}
2.然後在web.xml裏配置需要登陸權限驗證的JSP文件:
a.如果是某個具體的JSP文件(如a.jsp)需要登陸驗證
<web-app> ... <filter> <filter-name>right</filter-name> <filter-class>com.taihuatalk.taihua.common.RightFilter</filter-class> </filter> <filter-mapping> <filter-name>right</filter-name> <url-pattern>/a.jsp</url-pattern> </filter-mapping> ...</web-app>b.如果是某一個目錄(如a/目錄)整個目錄下的文件都需要登陸驗證:
<web-app> ... <filter> <filter-name>right</filter-name> <filter-class>com.taihuatalk.taihua.common.RightFilter</filter-class> </filter> <filter-mapping> <filter-name>right</filter-name> <url-pattern>/a/*</url-pattern> </filter-mapping> ...</web-app>