在web项目中写一个过滤器实现用户不登陆,直接给链接,无法进入页面,而重定向到登陆界面的功能。
项目是用springMVC+spring+hibernate实现 (和这个没有多大关系)
第一步:
首先写一个登录权限过滤类--LoginFilter类实现Filter接口
1 package com.agen.util; 2 3 import java.io.IOException; 4 5 import javax.servlet.Filter; 6 import javax.servlet.FilterChain; 7 import javax.servlet.FilterConfig; 8 import javax.servlet.ServletException; 9 import javax.servlet.ServletRequest;10 import javax.servlet.ServletResponse;11 import javax.servlet.http.HttpServletRequest;12 import javax.servlet.http.HttpServletResponse;13 import javax.servlet.http.HttpSession;14 15 import org.springframework.util.Assert;16 import org.springframework.util.StringUtils;17 18 import com.agen.entity.User;19 20 /**21 * 首先写一个登录权限过滤类--LoginFilter类实现Filter接口22 * @author 申旭栋23 *下面这三个方法是必须要实现的24 */25 public class LoginFilter implements Filter {26 27 @Override28 public void init(FilterConfig filterConfig) throws ServletException {29 // TODO Auto-generated method stub30 }31 32 33 @Override34 public void doFilter(ServletRequest request, ServletResponse response,FilterChain chain) throws IOException, ServletException {35 // 获得在下面代码中要用的request,response,session对象36 HttpServletRequest servletRequest = (HttpServletRequest) request;37 HttpServletResponse servletResponse = (HttpServletResponse) response;38 HttpSession session = servletRequest.getSession();39 40 // 获得用户请求的URI41 String path = servletRequest.getRequestURI();42 43 // 从session里取用户44 User user = (User) session.getAttribute("user");45 46 // 登陆页面无需过滤47 if("/biologyInfo/".equals(path) || "/biologyInfo/login/login1.htmls".equals(path)) {48 chain.doFilter(servletRequest, servletResponse);49 return;50 }51 52 // 判断如果没有取到用户信息,说明这个请求是没有登录就在请求 就跳转到登陆页面 53 if (user == null) {54 // 跳转到登陆页面55 servletResponse.sendRedirect("/biologyInfo/login/login1.htmls");56 } else {57 // 已经登陆,继续此次请求58 chain.doFilter(request, response);59 }60 61 }62 63 @Override64 public void destroy() {65 // TODO Auto-generated method stub66 }67 68 } 第二步:
在web.xml中配置一下filter
1 23 6 7login 4com.agen.util.LoginFilter 58 login 9*.htmls 10
这样这个过滤器就写成了。
说明:
1.在web.xml中配置的filter的 <url-pattern>参数中的值,意思就是拦截的请求路径,就是浏览器的地址栏中的URL,因为页面上不论是页面,还是js文件,还是css文件都是通过请求得到的。
2.而上面的web.xml中配置的 <url-pattern>*.htmls</url-pattern>表示拦截仅拦截.htmls结尾的URL,而将js或者css文件结尾的URL都放过。
3.而访问页面都是通过以下这样的请求去访问的页面,
http://192.168.16.104:8080/biologyInfo/login/geneinfo.htmls
http://192.168.16.104:8080/biologyInfo/login/welcome1.htmls
而这些都是先去找了后台的controller,从服务器才去的页面
贴出服务器端的代码:
1 package com.agen.controller; 2 3 import java.util.UUID; 4 5 import javax.annotation.Resource; 6 import javax.servlet.http.HttpServletRequest; 7 import javax.servlet.http.HttpSession; 8 9 import org.hibernate.Criteria; 10 import org.hibernate.Session; 11 import org.hibernate.SessionFactory; 12 import org.hibernate.criterion.Criterion; 13 import org.hibernate.criterion.Restrictions; 14 import org.springframework.beans.factory.annotation.Autowired; 15 import org.springframework.http.HttpRequest; 16 import org.springframework.stereotype.Controller; 17 import org.springframework.ui.Model; 18 import org.springframework.util.Assert; 19 import org.springframework.web.bind.annotation.RequestMapping; 20 import org.springframework.web.bind.annotation.ResponseBody; 21 22 import com.agen.entity.User; 23 import com.agen.service.AuthorityService; 24 import com.agen.service.RoleService; 25 import com.agen.service.UserSevice; 26 import com.fasterxml.jackson.annotation.JsonCreator.Mode; 27 28 29 @Controller() 30 @RequestMapping("login") 31 public class LoginController { 32 33 @Resource(name="userSevice") 34 private UserSevice userService; 35 36 @Resource(name="roleService") 37 private RoleService roleService; 38 39 @Resource(name="authorityService") 40 private AuthorityService authorityService; 41 42 @Autowired 43 private SessionFactory sessionFactory; 44 45 public Session getCurrentSession() { 46 // 需要开启事物,才能得到CurrentSession getCurrentSession()是获取已有的 没有 就创建新的 47 return sessionFactory.getCurrentSession(); 48 } 49 50 51 @RequestMapping("/login1") 52 public String login(User user, Model model,HttpServletRequest request){ 53 if(user.getUserName()==null &&user.getPassword()==null){ 54 model.addAttribute("error", "0"); 55 return "../../../index"; 56 }else{ 57 Criteria criteria = getCurrentSession().createCriteria(User.class); 58 criteria.add(Restrictions.eq("userName", user.getUserName())); 59 User user2 = userService.uniqueResult(criteria); 60 if(user2 == null) { 61 model.addAttribute("error", "1"); 62 return "../../../index"; 63 } else if(!( user2.getPassword() .equals(user.getPassword()) )){ 64 model.addAttribute("error", "2"); 65 return "../../../index"; 66 } 67 Assert.notNull(user); 68 HttpSession session = request.getSession(); 69 session.setAttribute("user", user); 70 return "/index/index"; 71 } 72 73 } 74 75 @RequestMapping("/register") 76 @ResponseBody 77 public boolean register(User user){ 78 boolean flag = false; 79 user.setUserId(UUID.randomUUID().toString()); 80 Criteria criteria = getCurrentSession().createCriteria(User.class); 81 criteria.add(Restrictions.eq("userName", user.getUserName())); 82 User user2 = userService.uniqueResult(criteria); 83 if(user2 != null){ 84 flag = false; 85 }else{ 86 userService.save(user); 87 flag = true; 88 } 89 return flag; 90 } 91 92 93 /** 94 * 页面二级菜单 95 * @return 96 */ 97 @RequestMapping("/welcome1") 98 public String welcome(){ 99 100 return "/index/welcome";101 }102 @RequestMapping("/geneinfo")103 public String geneinfo(){ 104 return "/geneinfo/geneinfoone";105 }106 107 }