javaweb——登陆权限过滤器的编写

package com.xinrui.flower.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
*
* @ClassName: ValidateFilter
* @Description: 登陆权限过滤器
* @author 梁志成
* @date 2016年3月20日 上午11:42:35
*
*/
public class ValidateFilter implements Filter {

private ServletContext servletContext;

@Override
public void destroy() {

}

@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {

HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse rep = (HttpServletResponse) response;
HttpSession session = req.getSession();

// 1.可以进行配置(用户访问的页面,都可以在web.xml中进行配置)

// 获取配置的登录页面地址
String login_page = servletContext.getInitParameter("login_page");
// 获取我们需要登录才能访问的页面地址
String validate_page = servletContext.getInitParameter("validate_page");

// 获取共用的页面(不需要可以就访问的页面地址)
String common_page = servletContext.getInitParameter("common_page");

// 获取当前用户访问的路径地址
String current_url = req.getServletPath();

System.out.println("当前访问页面:" + current_url);
System.out.println("公共的:" + common_page);

// 判断当前访问路径是否允许
if (common_page.indexOf(current_url) != -1) {
System.out.println("你是公共页面,直接访问");
} else if (validate_page.indexOf(current_url) != -1
&& session.getAttribute("username") != null) {

System.out.println("你是需要登录才能访问的,并且你也已经登录了,可以访问.");
// 已经登陆,可以进行访问
chain.doFilter(request, response);
} else {
// 跳转到登录页面
rep.sendRedirect(req.getContextPath() + login_page);
}

}

@Override
public void init(FilterConfig config) throws ServletException {
servletContext = config.getServletContext();
}

}

<!-- 验证用户是否登录的Filter -->
<filter>
<filter-name>validateLogin</filter-name>
<filter-class>com.xinrui.flower.filter.ValidateFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>validateLogin</filter-name>
<url-pattern>*.html</url-pattern>
</filter-mapping>

<!-- 配置登录页面路径 -->
<context-param>
<param-name>login_page</param-name>
<param-value>/login.html</param-value>
</context-param>

<!-- 配置需要登录才能操作的页面路径 -->
<context-param>
<param-name>validate_page</param-name>
<param-value>/test.html</param-value>
</context-param>

<!-- 配置不需要登录就能访问的页面 -->
<context-param>
<param-name>common_page</param-name>
<param-value>/index.html,/login.html,/exit.html,/register.html,/*.do,/red.
html,/width.html,/pink.html,/purple.html</param-value>
</context-param>