?? loginfilter.java
字號(hào):
package com.tool;
import java.io.IOException;
import java.util.Locale;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import com.bean.AccountAndGroup;
import org.apache.struts.Globals;
/**
*
* <p>Title: </p>
*
* <p>Description: 對(duì)未登陸用戶進(jìn)行過(guò)濾</p>
*
* <p>Copyright: Copyright (c) 2007</p>
*
* <p>Company: </p>
*
* @author 詹偉勝
* @version 1.0
*/
public class LoginFilter implements Filter {
private String managerName;
private String pwd;
public void init(FilterConfig filterConfig) throws ServletException {
this.managerName = filterConfig.getInitParameter("managerName");
this.pwd = filterConfig.getInitParameter("pwd");
}
public void doFilter(ServletRequest request,
ServletResponse response,
FilterChain filterChain) throws IOException,
ServletException {
HttpServletRequest request2 = (HttpServletRequest) request;
HttpServletResponse response2 = (HttpServletResponse) response;
HttpSession session = request2.getSession();
String requestUri = request2.getRequestURI();
String rootStr = request2.getContextPath();
String requestURL = request2.getRequestURL().toString() + "?" +
request2.getQueryString();
// System.out.println(request2.getLocalName());
// System.out.println("requestURL="+requestURL);
// System.out.println(request2.getPathInfo());
// System.out.println(request2.getProtocol());
if (rootStr == null) rootStr = "";
if (!rootStr.equals("")) rootStr = rootStr + "/";
AccountAndGroup acountAndGroup = (AccountAndGroup) session.getAttribute(
"loginAcountAndGroup");
//不需控制的URL
if (requestUri.indexOf("index.jsp") != -1 ||
requestUri.indexOf("error.jsp") != -1 ||
requestUri.indexOf("loginAction.do") != -1 ||
requestUri.equals("/")||
requestUri.equals(rootStr)||
(requestUri.indexOf(".js")!=-1&&requestUri.indexOf(".jsp")==-1)){
// System.out.println("1");//----------------
filterChain.doFilter(request2, response);
}
else if (acountAndGroup == null) { //客戶還未登陸
session.setAttribute("msg", "您還未登陸或登陸超時(shí)!");
response2.sendRedirect(request2.getContextPath() +
"/frameset/error.jsp");
} else { //客戶已登陸,對(duì)其權(quán)限進(jìn)行控制
//不需進(jìn)行控制的共用URL
if (requestURL.indexOf("/css/") != -1 ||
requestURL.indexOf("/frameset/") != -1 ||
requestUri.indexOf("modifySelfAcount.jsp")!=-1||
requestURL.indexOf("/js/") != -1){
// System.out.println("2");//----------------
filterChain.doFilter(request2, response);
}
//管理員不需控制
else if (acountAndGroup.getAccountName().equals(this.managerName) &&
acountAndGroup.getPwd().equals(this.pwd)) {
// System.out.println("3");//--------------------
filterChain.doFilter(request2, response);
}
//其它URL都必需進(jìn)行權(quán)限控制
else {
String[] allRoleUrl = (String[]) session.getAttribute(
"loginAllRoleUrl");
int isValidate = 0;
System.out.println("requestURL=" + requestURL);//-----------------
for (int i = 0; i < allRoleUrl.length; i++) {
System.out.println("allRoleUrl["+i+"]=#"+allRoleUrl[i]+"#");//------------------
if (requestURL.indexOf(allRoleUrl[i]) != -1) {
isValidate = 1;
break;
}
}
if (isValidate == 1) {
filterChain.doFilter(request2, response);
} else {
session.setAttribute("msg", "權(quán)限不足!");
response2.sendRedirect(request2.getContextPath() +
"/frameset/error.jsp");
}
}
}
}
public void destroy() {
this.managerName=null;
this.pwd=null;
}
}
?? 快捷鍵說(shuō)明
復(fù)制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號(hào)
Ctrl + =
減小字號(hào)
Ctrl + -