花生肉泥 Blog

验证用户是否登陆的拦截器

java
2015/03/22 Share

需要用到的jar包:commons-lang3-3.1.jar

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
package com.mju.zx.filter;

import java.io.IOException;
import java.net.URLEncoder;
import java.util.regex.Pattern;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;



/**
* 用于检查用户是否登录了系统的过滤器<br>
*/
public class SessionFilter implements Filter {

    /** 要检查的 session 的名称 */
    private String sessionKey;
    
    /** 需要排除(不拦截)的URL的正则表达式 */
    private Pattern excepUrlPattern;
    
    /** 检查不通过时,转发的URL */
    private String forwardUrl;

    @Override
    public void init(FilterConfig cfg) throws ServletException {
        sessionKey = cfg.getInitParameter("sessionKey");

        String excepUrlRegex = cfg.getInitParameter("excepUrlRegex");
        if (!StringUtils.isBlank(excepUrlRegex)) {
            excepUrlPattern = Pattern.compile(excepUrlRegex);
        }

        forwardUrl = cfg.getInitParameter("forwardUrl");
    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        // 如果 sessionKey 为空,则直接放行
        if (StringUtils.isBlank(sessionKey)) {
            chain.doFilter(req, res);
            return;
        }

        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;
        String servletPath = request.getServletPath();

        // 如果请求的路径与forwardUrl相同,或请求的路径是排除的URL时,则直接放行
        if (servletPath.equals(forwardUrl) || excepUrlPattern.matcher(servletPath).matches()) {
            chain.doFilter(req, res);
            return;
        }

        Object sessionObj = request.getSession().getAttribute(sessionKey);
        // 如果Session为空,则跳转到指定页面
        if (sessionObj == null) {
            String contextPath = request.getContextPath();
            String redirect = servletPath + "?" + StringUtils.defaultString(request.getQueryString());
            /*
             * login.jsp 的 <form> 表单中新增一个隐藏表单域:
             * <input type="hidden" name="redirect" value="${param.redirect }">
             *
             *  LoginServlet.java 的 service 的方法中新增如下代码:
             *  String redirect = request.getParamter("redirect");
             *  if(loginSuccess){
             *      if(redirect == null || redirect.length() == 0){
             *          // 跳转到项目主页(home.jsp)
             *      }else{
             *          // 跳转到登录前访问的页面(java.net.URLDecoder.decode(s, "UTF-8"))
             *      }
             *  }
             */
            response.sendRedirect(contextPath + StringUtils.defaultIfEmpty(forwardUrl, "/")
                            + "?redirect=" + URLEncoder.encode(redirect, "UTF-8"));
        } else {
            chain.doFilter(req, res);
        }
    }

    @Override
    public void destroy() {
    }
}
CATALOG
总计 : 48
2018
2017
2016
2015
2000
java TCP-IP 网络 EOS Esper 股票 lua win32 python 数学 机器学习 网络工程 TCP 周易 易经 八卦 逆向 DLL 注入 测试 破解 MFC MMD 渲染
java 实验 lua win32 python 网络工程 周易 逆向工程 MMD