1. 咱們能夠在web.xml中配置filter來對指定的URL進行過濾,進行一些特殊操做如權限驗證等。html
<!– session過濾filter –> <filter> <filter-name>SessionFilter</filter-name> <filter-class>com.xm.chris.SessionFilter</filter-class> </filter> <filter-mapping> <filter-name>SessionFilter</filter-name> <url-pattern>/resources/*</url-pattern> </filter-mapping>
public class SessionFilter implements Filter { private static final String CONTENT_TYPE = "text/html; charset=UTF-8"; private FilterConfig _filterConfig = null; public void init(FilterConfig filterConfig) throws ServletException { _filterConfig = filterConfig; } public void destroy() { _filterConfig = null; } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest rq = (HttpServletRequest) request; HttpSession httpSession = rq.getSession(); Long userId = (Long) httpSession.getAttribute("userId"); if (userId == null) { response.setContentType(CONTENT_TYPE); PrintWriter out = response.getWriter(); out.println("<html>"); out.println("<head><title>Error</title></head>"); out.println("<body>"); out.println("<p id='Message'>錯誤.</p>"); out.println("</body></html>"); out.close(); } else { chain.doFilter(request, response); } } }
這時全部請求了contextPath/resources/*路徑的request都會被SessionFilter驗證是否登陸。web
2. 可是咱們有一些特定的url不想驗證登陸,想要直接可以訪問,怎麼辦呢?服務器
這時能夠配置一個參數,告訴Filter哪些url不想驗證。session
<filter> <filter-name>SecurityFilter</filter-name> <filter-class>com.oracle.ccsc.jcs.sx.filter.SecurityFilter</filter-class> <init-param> <param-name>excludedPages</param-name> <param-value>/xm/portal/notice</param-value> </init-param> </filter>
而後在Filter中就能夠根據參數判斷是否須要過濾。oracle
public class SecurityFilter implements Filter { private static final String CONTENT_TYPE = "text/html; charset=UTF-8"; private FilterConfig _filterConfig = null; private String excludedPages; private String[] excludedPageArray; public void init(FilterConfig filterConfig) throws ServletException { _filterConfig = filterConfig; excludedPages = filterConfig.getInitParameter("excludedPages"); if (StringUtils.isNotEmpty(excludedPages)) { excludedPageArray = excludedPages.split(","); } } public void destroy() { _filterConfig = null; } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest rq = (HttpServletRequest) request; boolean isExcludedPage = false; for (String page : excludedPageArray) { //判斷是否在過濾url以外if (rq.getPathInfo().equals(page)) { isExcludedPage = true; break; } } if (isExcludedPage) { //在過濾url以外 chain.doFilter(request, response); } else { //不在過濾url以外,判斷登陸 HttpSession httpSession = rq.getSession(); Long userId = (Long) httpSession.getAttribute("userId"); if (userId == null) { response.setContentType(CONTENT_TYPE); PrintWriter out = response.getWriter(); out.println("<html>"); out.println("<head><title>Error</title></head>"); out.println("<body>"); out.println("<p id='Message'>錯誤.</p>"); out.println("</body></html>"); out.close(); } else { chain.doFilter(request, response); } } } }
3. 關於用Servlet獲取URL地址。app
在HttpServletRequest類裏,有如下六個取URL的函數函數
getContextPath 取得項目名
getServletPath 取得Servlet名
getPathInfo 取得Servlet後的URL名,不包括URL參數
getRequestURL 取得不包括參數的URL
getRequestURI 取得不包括參數的URI,即去掉協議和服務器名的URL url
具體以下圖:spa
相對應的函數的值以下:
getContextPath:/ServletTest
getServletPath:/main
getPathInfo:/index/testpage/test
getRequestURL:http://localhost:8080/ServletTest/main/index/testpage/test
getRequestURI:/ServletTest/main/index/testpage/test code