Web訪問登陸過濾器控制

tiantangqiu發表於2014-08-15
web.xml

<filter>
<filter-name>AuthFilter</filter-name>
<filter-class>com.acconsys.capital.util.AuthFilter</filter-class>
<init-param>
<param-name>excludeUrl</param-name>
<param-value>login.action,loginSubmit.action</param-value>
</init-param>
</filter>

<filter-mapping>
<filter-name>AuthFilter</filter-name>
<url-pattern>*.action</url-pattern>
</filter-mapping>




public class SystemConstants {

public static final String CURRENT_USER = "current_user";

}

AuthFilter.java


/*******************************************************************************
* @project: Capital501
* @package: com.acconsys.capital.util
* @file: AuthFilter.java
* @created: 2014-8-15
* @purpose:
*
* @version: 1.0
*
* Revision History at the end of file.
*
* Copyright 2014 AcconSys All rights reserved.
******************************************************************************/

package com.acconsys.capital.util;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.acconsys.capital.common.SystemConstants;

public class AuthFilter implements Filter {

private FilterConfig filterConfig = null;
private String sysUrl;

/**
* @see Filter#destroy()
*/
public void destroy() {
this.filterConfig = null;
}

/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
try {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;

if(sysUrl == null) {
StringBuffer requestURL = httpRequest.getRequestURL();
String contextPath = httpRequest.getContextPath();
sysUrl = requestURL.substring(0, requestURL.indexOf(contextPath)) + contextPath;
}

if(isExcludeUrl(httpRequest)) {
chain.doFilter(request, response);
return;
}

HttpSession session = httpRequest.getSession(false);
if (session == null || session.getAttribute(SystemConstants.CURRENT_USER) == null) {
PrintWriter out = httpResponse.getWriter();
out.write("<script>window.top.location.href='" +httpRequest.getContextPath()
+ "/login.action'</script>");
}else{
chain.doFilter(request, response);
}
} catch (Exception ex) {
ex.printStackTrace();
}
}

private boolean isExcludeUrl(HttpServletRequest request) {
String contextPath = request.getContextPath();
String excludeUrl = filterConfig.getInitParameter("excludeUrl");
String requestUri = request.getRequestURI();

int questionIndex = requestUri.indexOf("?");
if (questionIndex > 0) {
requestUri = requestUri.substring(0, questionIndex);
}
String[] actions = excludeUrl.split(",");
for (int i = 0; i < actions.length; i++) {
if (requestUri.equals(contextPath + "/" + actions[i].trim())) {
return true;
}
}
return false;
}

/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
}

}


/*******************************************************************************
* <B>Revision History</B><BR>
* [type 'revision' and press Alt + / to insert revision block]<BR>
*
*
*
* Copyright 2014 AcconSys All rights reserved.
******************************************************************************/


相關文章