import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.FilterChain;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpServletResponse;
public class PermissiondoFilter implements Filter {
private FilterConfig filterConfig;
private FilterChain chain;
private HttpServletRequest request;
private HttpServletResponse response;
public void destroy() {
this.filterConfig = null;
}
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
}
public void doFilter(ServletRequest servletRequest,
ServletResponse servletResponse, FilterChain chain) {
this.chain = chain;
this.request = (HttpServletRequest) servletRequest;
this.response = ((HttpServletResponse) servletResponse);
String url = request.getRequestURI();
System.out.println("訪問的完整路徑-->" + url);
try {
HttpSession session = request.getSession();
// 獲取網站訪問根目錄
String accessPath = request.getContextPath();
System.out.println("-訪問的網站根目錄-" + accessPath);
// 截獲根目錄以後的路徑即'/項目名'以後的路徑;
url = url.substring(accessPath.length() + 1, url.length());
System.out.println("-訪問-" + url);
LoginUser loginUser = (LoginUser) session.getAttribute("loginUser");
System.out.println("url-->" + url);
if (noVerifyUrl(url, request)) {
chain.doFilter(request, response);
} else if (loginUser == null) {
response.sendRedirect(accessPath + "/login.jsp");
} else {
System.out.println(loginUser.getUserName() + "-訪問-" + url);
verifyUrl(url, loginUser);
}
} catch (Exception sx) {
sx.printStackTrace();
}
}
/**
* @param url
* 當前請求的url
* @param loginUser
* 當前登錄用戶
* @throws IOException
* @throws ServletException
*/
private void verifyUrl(String url, LoginUser loginUser) throws IOException,
ServletException {
// 獲取user擁有的所有資源串
String sturl = loginUser.getUrl();
System.out.println("可以訪問的地址--->" + sturl);
String url1 = null;
String url2 = null;
String url3 = null;
url1 = url.substring(0, url.indexOf("/"));
if (sturl.indexOf(url) >= 0) {
System.out.println("有權訪問!");
chain.doFilter(request, response);
return;
}
url1 = url.substring(0, url.indexOf("/") + 1);
if (sturl.indexOf(url1 + "*") >= 0) {
System.out.println("有權訪問!");
chain.doFilter(request, response);
return;
}
url2 = url.substring(url1.length(), url.length());
if (null != url2) {
while (url2.contains("/")) {
url2 = url.substring(url1.length(), url.length());
url1 = url1 + url2.substring(0, url2.indexOf("/") + 1);
url3 = url1 + "*";
System.out.println("可以訪問的地址url3--->" + url3);
if (sturl.indexOf(url3) >= 0) {
System.out.println("有權訪問!");
chain.doFilter(request, response);
return;
}
}
}
System.out.println("無權限!");
response.setContentType("text/html;charset=UTF-8");
response.getWriter().println("<div>Sorry,您沒有權限訪問該資源!</div>");
}
/**
* 是否需要判斷權限,如客戶端瀏覽、登錄頁面則不需要判斷權限
*/
protected boolean noVerifyUrl(String url, HttpServletRequest request) {
// login.action
String exclude = "login.jsp,loginAction.action";
if (exclude.indexOf(url) >= 0) {
return true;
}
return false;
}
}