`

权限过滤器

阅读更多

在网页制作中往往有些页面在用户没有登录是不能访问的,通常我们可以用session判断但如果页面较多那写的重复代码就多了所以这里我们可以用一个过滤器。

package com.zchen.util.filter;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class AuthFilter implements Filter {

	public void destroy() {
		System.out.println("authfilter destroy");
	}

	public void doFilter(ServletRequest req, ServletResponse resp,
			FilterChain chain) throws IOException, ServletException {
		//System.out.println("authfilter dofilter");
		HttpServletRequest request = (HttpServletRequest)req;
		HttpServletResponse response = (HttpServletResponse)resp;
		HttpSession session = request.getSession(false);
		
		if(session == null || (String)session.getAttribute("admin") == null ||!((String)session.getAttribute("admin")).equals("admin")) {
			System.out.println(request.getContextPath());
			response.sendRedirect( request.getContextPath() + "/AdminLogin.jsp");
			return;
		}
		chain.doFilter(req, resp);
	}

	public void init(FilterConfig config) throws ServletException {
		System.out.println("authfilter init");
	}

}

 在web.xml中配置:

	<filter>
		<filter-name>AuthFilter</filter-name>
		<filter-class>
			com.zchen.util.filter.AuthFilter
		</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>AuthFilter</filter-name>
		<url-pattern>/admin/*</url-pattern>
	</filter-mapping>

 

 

有些时候也用过滤器来过滤掉一下黑名单

package com.zchen.util.filter;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

public class IPFilter implements Filter {
	
	FilterConfig fc = null;
	
	public void destroy() {
		System.out.println("IPFilter destroy");
	}

	public void doFilter(ServletRequest req, ServletResponse resp,
			FilterChain chain) throws IOException, ServletException {
		//System.out.println("IPFilter dofilter");
		String ip = req.getRemoteAddr();
		String strIPBlackList = fc.getInitParameter("IPBlackList");
		if(strIPBlackList.indexOf(ip) != -1) {
			PrintWriter out = resp.getWriter();
			out.println("Your IP is not welcome!");
			return;
		}
		chain.doFilter(req, resp);
	}

	public void init(FilterConfig fc) throws ServletException {
		System.out.println("IPFilter init");
		this.fc = fc;
	}

}

 

	<filter>
		<filter-name>IPFilter</filter-name>
		<filter-class>
			com.zchen.util.filter.IPFilter
		</filter-class>
		<init-param>
			<param-name>IPBlackList</param-name>
			<param-value>192.168.0.16,192.168.0.165</param-value>
		</init-param>
	</filter>
	<filter-mapping>
		<filter-name>IPFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

 

分享到:
评论

相关推荐

Global site tag (gtag.js) - Google Analytics