标签:auto des vax alt ext.get inf 9.png attr font
描述:首先若用户没有在页面提交注册(直接访问list.jsp),就只能被允许访问a.jsp。其他页面均不被允许访问
在login.jsp提交信息之后,可以在b.jsp访问,
代码如下:
创建留个页面(login.jsp、list.jsp、a.jsp、b.jsp、c.jsp、d.jsp),这里就不写了,可以参考全部代码(在本文的最后面有链接)
创建Logservlet去处理登入后的逻辑处理
package com.gqx.login;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LogServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String name=request.getParameter("user");
if (name!=null && name!="") {
request.getSession().setAttribute("user", name);
response.sendRedirect(request.getContextPath()+"/login/list.jsp");
}else {
response.sendRedirect(request.getContextPath()+"/login/login.jsp");
}
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doGet(request, response);
}
}
然后是最重要的Filter过滤器了,这里对权限的设置实在web.xml里面配置实现的,如下
<!-- 用户信息放入到session中的关键字 --> <context-param> <param-name>userSession</param-name> <param-value>USERSISSION</param-value> </context-param> <!-- 未登入,需重定向的页面 --> <context-param> <param-name>rediretPage</param-name> <param-value>/login/login.jsp</param-value> </context-param> <!-- 不需要拦截或检查的url,可以被外界直接访问的--> <context-param> <param-name>uncheckedUrl</param-name> <param-value>/login/a.jsp,/login/list.jsp,/login/login.jsp,/LogServlet</param-value> </context-param> <filter> <filter-name>LoginFilter</filter-name> <filter-class>com.gqx.login.LoginFilter</filter-class> </filter> <filter-mapping> <filter-name>LoginFilter</filter-name> <url-pattern>/login/*</url-pattern> </filter-mapping>
接着是根据xml里面的配置去做有选择性的去做过滤
package com.gqx.login;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.jms.Session;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LoginFilter implements Filter {
private String userSession;
private String rediretPage;
private String uncheckedUrl;
@Override
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
ServletContext servletContext=arg0.getServletContext();
userSession=servletContext.getInitParameter("userSession");
rediretPage=servletContext.getInitParameter("rediretPage");
uncheckedUrl=servletContext.getInitParameter("uncheckedUrl");
}
@Override
public void destroy() {
// TODO Auto-generated method stub
}
@Override
public void doFilter(ServletRequest arg0, ServletResponse arg1,
FilterChain arg2) throws IOException, ServletException {
// TODO Auto-generated method stub
HttpServletRequest request=(HttpServletRequest)arg0;
HttpServletResponse response=(HttpServletResponse)arg1;
//1、获取来的请求的URL
String requestUrl=request.getRequestURL().toString(); // http://localhost:8080/FilterDemo/login/login.jsp
String requestUri=request.getRequestURI().toString();// /FilterDemo/login/login.jsp
String servletPath=request.getServletPath();// /login/login.jsp
//2、检查1获取的servletPath是否为不需要检查的URL中的而一个
List<String> urls=Arrays.asList(uncheckedUrl.split(","));
if (urls.contains(servletPath)) {
arg2.doFilter(request, response);
return;
}
//3、从session中获取userSession,判断值是否存在
Object user=request.getSession().getAttribute("user");
if (user==null) {
response.sendRedirect(request.getContextPath()+rediretPage);
return;
}
//4、存在,就允许访问
arg2.doFilter(request, response);
}
}
根据以上的代码就可以实现那些功能了。
问题描述:通过设置允许用户去访问某些页面,若设置某用户可以访问某些页面,提交之后,去登入,在列表页根据用户的权限去及时的反应。
标签:auto des vax alt ext.get inf 9.png attr font
原文地址:http://www.cnblogs.com/helloworldcode/p/6107788.html
