程序師世界是廣大編程愛好者互助、分享、學習的平台,程序師世界有你更精彩!
首頁
編程語言
C語言|JAVA編程
Python編程
網頁編程
ASP編程|PHP編程
JSP編程
數據庫知識
MYSQL數據庫|SqlServer數據庫
Oracle數據庫|DB2數據庫
 程式師世界 >> 編程語言 >> JAVA編程 >> 關於JAVA >> java中應用Filter掌握用戶登錄權限詳細實例

java中應用Filter掌握用戶登錄權限詳細實例

編輯:關於JAVA

java中應用Filter掌握用戶登錄權限詳細實例。本站提示廣大學習愛好者:(java中應用Filter掌握用戶登錄權限詳細實例)文章只能為提供參考,不一定能成為您想要的結果。以下是java中應用Filter掌握用戶登錄權限詳細實例正文


學jsp這麼長時光,做的項目也有七八個了,可一切的項目都是用戶登錄就直接跳轉到其具有權限的頁面,或許顯示可拜訪頁面的鏈接。應用這類方法來老練地掌握拜訪權限。歷來沒有想過假如我沒有登錄,直接輸出地址也能夠直接拜訪用戶的頁面的。

在jsp中權限的掌握是經由過程Filter過濾器來完成的,一切的開辟框架中都集成有Filter,假如不實用開辟框架則有以下完成辦法:

LoginFilter.java


public class LoginFilter implements Filter { 

    private String permitUrls[] = null; 

    private String gotoUrl = null; 

    public void destroy() { 

        // TODO Auto-generated method stub 

        permitUrls = null; 

        gotoUrl = null; 

    } 

    public void doFilter(ServletRequest request, ServletResponse response, 

            FilterChain chain) throws IOException, ServletException { 

        // TODO Auto-generated method stub 

        HttpServletRequest res=(HttpServletRequest) request; 

        HttpServletResponse resp=(HttpServletResponse)response; 

        if(!isPermitUrl(request)){ 

            if(filterCurrUrl(request)){ 

                System.out.println("--->請登錄"); 

                resp.sendRedirect(res.getContextPath()+gotoUrl); 

                return; 

            } 

        } 

        System.out.println("--->許可拜訪"); 

        chain.doFilter(request, response); 

    } 

    public boolean filterCurrUrl(ServletRequest request){ 

        boolean filter=false; 

        HttpServletRequest res=(HttpServletRequest) request; 

        User user =(User) res.getSession().getAttribute("user"); 

        if(null==user) 

            filter=true; 

        return filter; 

    }       

    public boolean isPermitUrl(ServletRequest request) { 

        boolean isPermit = false; 

        String currentUrl = currentUrl(request); 

        if (permitUrls != null && permitUrls.length > 0) { 

            for (int i = 0; i < permitUrls.length; i++) { 

                if (permitUrls[i].equals(currentUrl)) { 

                    isPermit = true; 

                    break; 

                } 

            } 

        } 

        return isPermit; 

    }        

    //要求地址 

    public String currentUrl(ServletRequest request) {   

        HttpServletRequest res = (HttpServletRequest) request; 

        String task = request.getParameter("task"); 

        String path = res.getContextPath(); 

        String uri = res.getRequestURI(); 

        if (task != null) {// uri格局 xx/ser 

            uri = uri.substring(path.length(), uri.length()) + "?" + "task="

                    + task; 

        } else { 

            uri = uri.substring(path.length(), uri.length()); 

        } 

        System.out.println("以後要求地址:" + uri); 

        return uri; 

    } 

    public void init(FilterConfig filterConfig) throws ServletException { 

        // TODO Auto-generated method stub 

        String permitUrls = filterConfig.getInitParameter("permitUrls"); 

        String gotoUrl = filterConfig.getInitParameter("gotoUrl"); 

  

        this.gotoUrl = gotoUrl; 

  

        if (permitUrls != null && permitUrls.length() > 0) { 

            this.permitUrls = permitUrls.split(","); 

        } 

    } 

}

Web.xml


<filter> 

    <filter-name>loginFilter</filter-name> 

    <filter-class>filter.LoginFilter</filter-class> 

  

    <init-param> 

        <param-name>ignore</param-name> 

        <param-value>false</param-value> 

    </init-param> 

    <init-param> 

        <param-name>permitUrls</param-name> 

        <param-value>/,/servlet/Loginservlet?task=login,/public.jsp,/login.jsp</param-value> 

    </init-param> 

    <init-param> 

        <param-name>gotoUrl</param-name> 

        <param-value>/login.jsp</param-value> 

    </init-param> 

</filter> 

<filter-mapping> 

    <filter-name>loginFilter</filter-name> 

    <url-pattern>/*</url-pattern> 

</filter-mapping>

這短代碼重要完成了用戶登錄的過濾,權限過濾道理雷同。只須要把斷定用戶能否登錄換成能否有權限便可以了!

  1. 上一頁:
  2. 下一頁:
Copyright © 程式師世界 All Rights Reserved