一:實現思路
(1)將request強轉成HttpServletRequest,這樣才有getRequestURI()方法
(2)獲取資源訪問路徑
(3)判斷uri中是否有登錄選項,要注意排除掉css/js/圖片/驗證碼等資源
(4)如果包含登錄選項,直接放行,如果不包含,則需要驗證用戶是否登錄
(5)從session中獲取user,登錄了就放行,沒有登錄就轉發到登錄頁面
二:代碼實現
<code>
@WebFilter("/*")
public class LoginFilter implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
//先強轉成HttpServletRequest,這樣才有getRequestURI()方法
HttpServletRequest request = (HttpServletRequest) req;
//獲取資源訪問路徑
String uri = request.getRequestURI();
System.out.println(uri);
//判斷uri中是否有登錄選項
if(uri.contains("login_v2.jsp")||uri.contains("/login")||uri.contains("/css/")|| uri.contains("/js/")|| uri.contains("/fonts/")||uri.contains("/code")){
//直接放行
chain.doFilter(req, resp);
}else {
//判斷session中是否有user
//有,直接放行
Object user = request.getSession().getAttribute("user");
if(user!=null){
chain.doFilter(req, resp);
}else {
//沒有,提醒去登錄,並請求轉發到登錄頁面
request.setAttribute("login-msg","您尚未登錄,請登錄");
request.getRequestDispatcher("/login_v2.jsp").forward(request,resp);
}
}
}
public void init(FilterConfig config) throws ServletException {
}
}
/<code>
分享到:
關鍵字: HttpServletRequest user 包含
