本文共 4244 字,大约阅读时间需要 14 分钟。
实现的功能:判断用户是否已登录,未登录用户禁止访问任何页面或action,自动跳转到登录页面。SecurityServlet com.*.web.servlet.SecurityServlet SecurityServlet *.jsp SecurityServlet *.do
package com.*.web.servlet;import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;public class SecurityServlet extends HttpServlet implements Filter { private static final long serialVersionUID = 1L; public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) throws IOException, ServletException { HttpServletRequest request=(HttpServletRequest)arg0; HttpServletResponse response =(HttpServletResponse) arg1; HttpSession session = request.getSession(true); String usercode = (String) request.getRemoteUser();// 登录人 String user_role = (String)session.getAttribute("role");//登录人角色 String url=request.getRequestURI(); if(usercode==null || "".equals(usercode) || user_role == null || "".equals(user_role)) { //判断获取的路径不为空且不是访问登录页面或执行登录操作时跳转 if(url!=null && !url.equals("") && ( url.indexOf("Login")<0 && url.indexOf("login")<0 )) { response.sendRedirect(request.getContextPath() + "/login.jsp"); return ; } } arg2.doFilter(arg0, arg1); return; } public void init(FilterConfig arg0) throws ServletException { }}
springLoginInterceptor
*Controller
package com.web.servlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;import org.aopalliance.intercept.MethodInterceptor;import org.aopalliance.intercept.MethodInvocation;import org.apache.log4j.Logger;import org.apache.struts.action.ActionMapping;public class SpringLoginInterceptor implements MethodInterceptor { private static final Logger log = Logger .getLogger(SpringLoginInterceptor .class); @Override public Object invoke(MethodInvocation invocation) throws Throwable { log.info("拦截开始!"); Object[] args = invocation.getArguments(); HttpServletRequest request = null; HttpServletResponse response = null; ActionMapping mapping = null; for (int i = 0 ; i < args.length ; i++ ) { if (args[i] instanceof HttpServletRequest) request = (HttpServletRequest)args[i]; if (args[i] instanceof HttpServletResponse) response = (HttpServletResponse)args[i]; if (args[i] instanceof ActionMapping) mapping = (ActionMapping)args[i]; } if (request != null && mapping != null) { String url=request.getRequestURI(); HttpSession session = request.getSession(true); String usercode = (String) request.getRemoteUser();// 登录人 String user_role = (String)session.getAttribute("user_role");//登录人角色 if (usercode == null || usercode.equals("")) { if ( url.indexOf("Login")<0 && url.indexOf("login")<0 ) { return mapping.findForward("loginInterceptor"); } return invocation.proceed(); } else { return invocation.proceed(); } } else { return invocation.proceed(); } }}
转载地址:http://bblvi.baihongyu.com/