SSM中Filter过滤器在登录时的使用

目录

需求

用户在登录注册之前, 不可以访问其他页面

step1

使用Filter拦截器对除了注册登录之外的html页面进行拦截

web.xml中添加过滤器

	<filter>
		<filter-name>AccessFilter</filter-name>
		<filter-class>com.whc.noteserver.web.AccessFilter</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>AccessFilter</filter-name>
		<url-pattern>*.html</url-pattern>
	</filter-mapping>

AccessFilter.java部分代码

	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		// TODO Auto-generated method stub
		HttpServletResponse res=(HttpServletResponse)response;
		HttpServletRequest req=(HttpServletRequest) request;
		String path=req.getRequestURI();
		System.out.println(path);
		if(path.endsWith("login.html")||path.endsWith("logon.html")) {
			chain.doFilter(request, response);//允许继续
		}
		
	}

step2

但是发现在登录之后 其他页面仍然没法显示 所以考虑用session

要在UserController的登录方法中添加一个session

public JsonResult login(User user,HttpSession session) {
		logger.info("登录,"+user.getUsername());
		
		user.setPassword(MD5.md5(user.getPassword(),"123"));
		User userResult=userService.login(user);
		JsonResult jsonResult = null;
		if(userResult!=null) {
			session.setAttribute("id", userResult.getName());
			jsonResult=new JsonResult(jsonResult.SUCCESS,"登陆成功",userResult);
		}else {
			jsonResult=new JsonResult(jsonResult.ERROR,"用户名或密码错误",null);
		}
		return jsonResult;
	}

要在过滤器的doFilter中进行判断

public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		// TODO Auto-generated method stub
		HttpServletResponse res=(HttpServletResponse)response;
		HttpServletRequest req=(HttpServletRequest) request;
		String path=req.getRequestURI();
		System.out.println(path);
		if(path.endsWith("login.html")||path.endsWith("logon.html")) {
			chain.doFilter(request, response);//允许继续
		}
		HttpSession session=req.getSession();
		Object id=session.getAttribute("id");
		if(id==null) {
			System.out.println("未登录");
		}else {
			System.out.println("已登录");
			chain.doFilter(request, response);
		}
	}

step3

未登录时访问 提醒用户要登录 如果未登录 直接跳转到登录界面

在doFilter中如果id为空时加一个跳转操作

String contextPath=req.getContextPath();
System.out.println("contextPath:"+contextPath);
res.sendRedirect(contextPath+"/login.html");
版权声明:本文为qq_41826265原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。