登錄驗證的過濾器,放行靜態資源
import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import java.io.IOException; /** * 登錄驗證的過濾器 */ @WebFilter("/*") public class LoginFilter implements Filter { public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException { System.out.println(req); //0.強制轉換 HttpServletRequest request = (HttpServletRequest) req; //1.獲取資源請求路徑 String uri = request.getRequestURI(); //2.判斷是否包含登錄相關資源路徑,要注意排除掉 css/js/圖片/驗證碼等資源 if(uri.contains("/login.jsp") || uri.contains("/loginServlet") || uri.contains("/css/") || uri.contains("/js/") || uri.contains("/fonts/") || uri.contains("/checkCodeServlet") ){ //包含,用戶就是想登錄。放行 chain.doFilter(req, resp); }else{ //不包含,需要驗證用戶是否登錄 //3.從獲取session中獲取user Object user = request.getSession().getAttribute("user"); if(user != null){ //登錄了。放行 chain.doFilter(req, resp); }else{ //沒有登錄。跳轉登錄頁面 request.setAttribute("login_msg","您尚未登錄,請登錄"); request.getRequestDispatcher("/login.jsp").forward(request,resp); } } // chain.doFilter(req, resp); } public void init(FilterConfig config) throws ServletException { } public void destroy() { } }