1.首先寫一個權限過濾filter類,實現Filter接口
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.FilterChain;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpServletResponse;
public class RightFilter
implements Filter {
public void init(FilterConfig filterConfig) throws ServletException {
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession(true);
//從session裏取的用戶名信息
String username = (String) session.getAttribute("username");
//判斷如果沒有取到用戶信息,就跳轉到登陸頁面
if (username == null || "".equals(username)) {
//跳轉到登陸頁面
res.sendRedirect("http://"+req.getHeader("Host")+"/login.jsp");
}
else {
//已經登陸,繼續此次請求
chain.doFilter(request,response);
}
}
public void destroy() {
}
}
2.然後在web.xml裏配置需要登陸權限驗證的JSP文件:
a.如果是某個具體的JSP文件(如a.jsp)需要登陸驗證
...
<filter>
<filter-name>right</filter-name>
<filter-class>com.taihuatalk.taihua.common.RightFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>right</filter-name>
<url-pattern>/a.jsp</url-pattern>
</filter-mapping>
...
</web-app>
b.如果是某一個目錄(如a/目錄)整個目錄下的文件都需要登陸驗證:
...
<filter>
<filter-name>right</filter-name>
<filter-class>com.taihuatalk.taihua.common.RightFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>right</filter-name>
<url-pattern>/a/*</url-pattern>
</filter-mapping>
...
</web-app>