Java Servlet Filter实现Web路径和用户日志过滤器

package com.sunfairs.filter;

import java.io.IOException;
import java.util.List;
import java.util.Vector;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.log4j.Logger;

import com.sunfairs.bean.Authority;
import com.sunfairs.constant.ShopConstants;
import com.sunfairs.dao.AuthorityDAO;

public class ApplicationFilter implements Filter {
private static final Logger logger = Logger.getLogger(ApplicationFilter.class);
private String filterPaths;

public void destroy() {

}

public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
AuthorityDAO authorityDao = new AuthorityDAO();
httpRequest.setCharacterEncoding("UTF-8");
String requestPath = httpRequest.getRequestURI();
String requestServer = requestPath.substring(0,requestPath.indexOf("/", 1));
String filterPath = httpRequest.getServletPath();
String queryString = httpRequest.getQueryString();
String action = "";
if(queryString!=null && !queryString.equals("")){
if(queryString.indexOf("&")!=-1){
action = "?"+queryString.substring(0, queryString.indexOf("&"));
}
else{
action = "?"+queryString;
}
}
//logger.info(action);
RequestDispatcher dispatcher = httpRequest.getRequestDispatcher("/system_login.jsp");
//logger.info(filterPath);
//logger.info(requestPath);
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+requestPath;
HttpSession session = httpRequest.getSession();
String department = (String) session.getAttribute(ShopConstants.LOGIN_DEPARTMENT);
String requestUser = (String) session.getAttribute(ShopConstants.LOGIN_USER);
Long userId = (Long) session.getAttribute(ShopConstants.LOGIN_ID);
logger.info(department+"/"+requestUser+"--"+basePath+action);
String[]filterPathArray = this.filterPaths.split(",");
boolean isStartsWith = false;
if(userId!=null && requestUser != null){
if(filterPath.indexOf("j_logout")==-1){
for(int i=0;i<filterPathArray.length;i++){
if(filterPath.startsWith(filterPathArray[i])){
isStartsWith = true;
break;
}
}
if(isStartsWith){
List authorityList = authorityDao.findUsedByUserId(userId);
Vector<String> paths = new Vector<String>();
for(int j=0;j<authorityList.size();j++){
Authority userAuthor = (Authority) authorityList.get(j);
paths.add(userAuthor.getPath());
}
if(!paths.contains(filterPath+action)){
httpResponse.sendRedirect(requestServer+"/requestDeny.jsp");
}
else{
chain.doFilter(request, response);
}
}
else{
chain.doFilter(request, response);
}
}
else{
chain.doFilter(request, response);
}
}
else{
if(!filterPath.equals("/system/userTable.do")){
session.setAttribute("lastPage", filterPath+queryString);
dispatcher.forward(httpRequest, httpResponse);
}
else{
chain.doFilter(request, response);
}
}
//chain.doFilter(httpRequest, httpResponse);
}

public void init(FilterConfig config) throws ServletException {
String filterPaths = config.getInitParameter("filterPaths");
if(filterPaths!=null){
this.filterPaths = filterPaths;
logger.info("初始化拦截路径成功!");
}
else{
this.filterPaths = "/order/";
}
}

}