過濾器代碼:
AuthenticationFilter.java
package com.gifer.action;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
public class AuthenticationFilter implements Filter {
private static Logger log = Logger.getLogger(AuthenticationFilter.class);
private static String LOGIN_PAGE = "/login.jsp";
@Override
public void init(FilterConfig arg0) throws ServletException {
if (log.isDebugEnabled()) {
log.info("權限過濾器初始化完成。");
}
}
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
// 當前訪問路徑
String currentUrl = req.getRequestURI();
// 獲取session
HttpSession session = req.getSession();
// 如果不是登錄頁面,就要進行身份認證
if (currentUrl.indexOf(LOGIN_PAGE) == -1) {
if (log.isDebugEnabled()) {
log.info("正在對請求進行權限認證," + "請求URL:" + currentUrl);
}
// 如果session爲空,或者用戶沒有登錄,則重定向輸出登錄頁面
if (session == null || session.getAttribute("user") == null) {
res.sendRedirect(req.getContextPath() + LOGIN_PAGE);
return;
}
}
// 過濾完成,filter鏈繼續向下執行
chain.doFilter(request, response);
}
}
<!-- 自定義權限過濾器 -->
<filter>
<filter-name>authFilter</filter-name>
<filter-class>com.gifer.action.AuthenticationFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>authFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>