在web項目中寫一個過濾器實現用戶不登陸,直接給鏈接,無法進入頁面,而重定向到登陸界面的功能。
項目是用springMVC+spring+hibernate實現 (和這個沒有多大關系)
第一步:
首先寫一個登錄權限過濾類--LoginFilter類實現Filter接口
1 package com.agen.util; 2 3 import java.io.IOException; 4 5 import javax.servlet.Filter; 6 import javax.servlet.FilterChain; 7 import javax.servlet.FilterConfig; 8 import javax.servlet.ServletException; 9 import javax.servlet.ServletRequest; 10 import javax.servlet.ServletResponse; 11 import javax.servlet.http.HttpServletRequest; 12 import javax.servlet.http.HttpServletResponse; 13 import javax.servlet.http.HttpSession; 14 15 import org.springframework.util.Assert; 16 import org.springframework.util.StringUtils; 17 18 import com.agen.entity.User; 19 20 /** 21 * 首先寫一個登錄權限過濾類--LoginFilter類實現Filter接口 22 * @author 申旭棟 23 *下面這三個方法是必須要實現的 24 */ 25 public class LoginFilter implements Filter { 26 27 @Override 28 public void init(FilterConfig filterConfig) throws ServletException { 29 // TODO Auto-generated method stub 30 } 31 32 33 @Override 34 public void doFilter(ServletRequest request, ServletResponse response,FilterChain chain) throws IOException, ServletException { 35 // 獲得在下面代碼中要用的request,response,session對象 36 HttpServletRequest servletRequest = (HttpServletRequest) request; 37 HttpServletResponse servletResponse = (HttpServletResponse) response; 38 HttpSession session = servletRequest.getSession(); 39 40 // 獲得用戶請求的URI 41 String path = servletRequest.getRequestURI(); 42 43 // 從session里取用戶 44 User user = (User) session.getAttribute("user"); 45 46 // 登陸頁面無需過濾 47 if("/biologyInfo/".equals(path) || "/biologyInfo/login/login1.htmls".equals(path)) { 48 chain.doFilter(servletRequest, servletResponse); 49 return; 50 } 51 52 // 判斷如果沒有取到用戶信息,說明這個請求是沒有登錄就在請求 就跳轉到登陸頁面 53 if (user == null) { 54 // 跳轉到登陸頁面 55 servletResponse.sendRedirect("/biologyInfo/login/login1.htmls"); 56 } else { 57 // 已經登陸,繼續此次請求 58 chain.doFilter(request, response); 59 } 60 61 } 62 63 @Override 64 public void destroy() { 65 // TODO Auto-generated method stub 66 } 67 68 }
第二步:
在web.xml中配置一下filter
1 <!-- 配置 登陸 過濾器 --> 2 <filter> 3 <filter-name>login</filter-name> 4 <filter-class>com.agen.util.LoginFilter</filter-class> 5 </filter> 6 7 <filter-mapping> 8 <filter-name>login</filter-name> 9 <url-pattern>*.htmls</url-pattern><!--此處寫/*代表瀏覽器地址欄中的所有請求都會被攔截 包括css文件和js文件 .htmls這是僅攔截以.htmls結尾的請求 --> 10 </filter-mapping>
這樣這個過濾器就寫成了。
說明:
1.在web.xml中配置的filter的 <url-pattern>參數中的值,意思就是攔截的請求路徑,就是瀏覽器的地址欄中的URL,因為頁面上不論是頁面,還是js文件,還是css文件都是通過請求得到的。
2.而上面的web.xml中配置的 <url-pattern>*.htmls</url-pattern>表示攔截僅攔截.htmls結尾的URL,而將js或者css文件結尾的URL都放過。
3.而訪問頁面都是通過以下這樣的請求去訪問的頁面,
http://192.168.16.104:8080/biologyInfo/login/geneinfo.htmls
http://192.168.16.104:8080/biologyInfo/login/welcome1.htmls
而這些都是先去找了后台的controller,從服務器才去的頁面
貼出服務器端的代碼:
1 package com.agen.controller; 2 3 import java.util.UUID; 4 5 import javax.annotation.Resource; 6 import javax.servlet.http.HttpServletRequest; 7 import javax.servlet.http.HttpSession; 8 9 import org.hibernate.Criteria; 10 import org.hibernate.Session; 11 import org.hibernate.SessionFactory; 12 import org.hibernate.criterion.Criterion; 13 import org.hibernate.criterion.Restrictions; 14 import org.springframework.beans.factory.annotation.Autowired; 15 import org.springframework.http.HttpRequest; 16 import org.springframework.stereotype.Controller; 17 import org.springframework.ui.Model; 18 import org.springframework.util.Assert; 19 import org.springframework.web.bind.annotation.RequestMapping; 20 import org.springframework.web.bind.annotation.ResponseBody; 21 22 import com.agen.entity.User; 23 import com.agen.service.AuthorityService; 24 import com.agen.service.RoleService; 25 import com.agen.service.UserSevice; 26 import com.fasterxml.jackson.annotation.JsonCreator.Mode; 27 28 29 @Controller() 30 @RequestMapping("login") 31 public class LoginController { 32 33 @Resource(name="userSevice") 34 private UserSevice userService; 35 36 @Resource(name="roleService") 37 private RoleService roleService; 38 39 @Resource(name="authorityService") 40 private AuthorityService authorityService; 41 42 @Autowired 43 private SessionFactory sessionFactory; 44 45 public Session getCurrentSession() { 46 // 需要開啟事物,才能得到CurrentSession getCurrentSession()是獲取已有的 沒有 就創建新的 47 return sessionFactory.getCurrentSession(); 48 } 49 50 51 @RequestMapping("/login1") 52 public String login(User user, Model model,HttpServletRequest request){ 53 if(user.getUserName()==null &&user.getPassword()==null){ 54 model.addAttribute("error", "0"); 55 return "../../../index"; 56 }else{ 57 Criteria criteria = getCurrentSession().createCriteria(User.class); 58 criteria.add(Restrictions.eq("userName", user.getUserName())); 59 User user2 = userService.uniqueResult(criteria); 60 if(user2 == null) { 61 model.addAttribute("error", "1"); 62 return "../../../index"; 63 } else if(!( user2.getPassword() .equals(user.getPassword()) )){ 64 model.addAttribute("error", "2"); 65 return "../../../index"; 66 } 67 Assert.notNull(user); 68 HttpSession session = request.getSession(); 69 session.setAttribute("user", user); 70 return "/index/index"; 71 } 72 73 } 74 75 @RequestMapping("/register") 76 @ResponseBody 77 public boolean register(User user){ 78 boolean flag = false; 79 user.setUserId(UUID.randomUUID().toString()); 80 Criteria criteria = getCurrentSession().createCriteria(User.class); 81 criteria.add(Restrictions.eq("userName", user.getUserName())); 82 User user2 = userService.uniqueResult(criteria); 83 if(user2 != null){ 84 flag = false; 85 }else{ 86 userService.save(user); 87 flag = true; 88 } 89 return flag; 90 } 91 92 93 /** 94 * 頁面二級菜單 95 * @return 96 */ 97 @RequestMapping("/welcome1") 98 public String welcome(){ 99 100 return "/index/welcome"; 101 } 102 @RequestMapping("/geneinfo") 103 public String geneinfo(){ 104 return "/geneinfo/geneinfoone"; 105 } 106 107 }