Mad*_*shi 2 java jsp java-ee servlet-filters
我已经访问了Java FilterImplementation以进行会话检查链接,其中提到了Spring安全性.我没有得到我需要的帮助.
应用过滤器后,login.jsp无法加载CSS和图像.
我正在尝试在web.xml中提供过滤器并在login.jsp以外的页面上应用过滤器的简单示例.Web.xml文件是:
<filter>
<filter-name>struts2</filter-name>
<filter-class>
org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>AuthenticationFilter2</filter-name>
<filter-class>filter.AuthorizationFilter2</filter-class>
<init-param>
<param-name>avoid-urls</param-name>
<param-value>login.jsp</param-value>
</init-param>`
<filter>
过滤器类是:
private ArrayList<String> urlList;
public void destroy() {
// TODO Auto-generated method stub
System.out.println("authorization filter2 destroy method....");
}
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
System.out.println("authorization filter2 doFilter method....");
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
String url = request.getServletPath();
System.out.println("ppp:"+request.getRequestURL());
System.out.println("url is :"+url);
boolean allowedRequest = false;
System.out.println("url list is :"+urlList);
if(urlList.contains(url.substring(1))) {
allowedRequest = true;
}
System.out.println("request allowed....."+allowedRequest);
if (!allowedRequest) {
Map session = ActionContext.getContext().getSession();
/*HttpSession session = request.getSession(false);*/
/* if (null == session) {
response.sendRedirect("login.jsp");
}*/
System.out.println("session contains login :"+session.containsKey("login"));
if(!session.containsKey("login")){
response.sendRedirect("login.jsp");
}
}
chain.doFilter(req, res);
}
public void init(FilterConfig config) throws ServletException {
System.out.println("authorization filter2 init method....");
String urls = config.getInitParameter("avoid-urls");
StringTokenizer token = new StringTokenizer(urls, ",");
urlList = new ArrayList<String>();
while (token.hasMoreTokens()) {
urlList.add(token.nextToken());
}
}
登录页面包含css并images根据要求.
请帮帮我.谢谢.
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
String uri = ((HttpServletRequest)request).getRequestURI();
@SuppressWarnings("rawtypes")
Map session = ActionContext.getContext().getSession();
if ( uri.indexOf("/css") > 0){
chain.doFilter(request, response);
}
else if( uri.indexOf("/images") > 0){
chain.doFilter(request, response);
}
else if( uri.indexOf("/js") > 0){
chain.doFilter(request, response);
}
else if (session.containsKey("login")) {
chain.doFilter(request, response);
}
else {
((HttpServletResponse)response).sendRedirect(((HttpServletRequest)request).getContextPath() + "/login?authentication=failed");
}
}
把这段代码放在你的动作类中,它可以工作.谢谢你们.
| 归档时间: |
|
| 查看次数: |
5192 次 |
| 最近记录: |