Filter中排除對指定URL的過濾

1. 咱們能夠在web.xml中配置filter來對指定的URL進行過濾,進行一些特殊操做如權限驗證等。html

<!– session過濾filter –>
<filter>
    <filter-name>SessionFilter</filter-name>
    <filter-class>com.xm.chris.SessionFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>SessionFilter</filter-name>
    <url-pattern>/resources/*</url-pattern>
</filter-mapping>
public class SessionFilter implements Filter {
    private static final String CONTENT_TYPE = "text/html; charset=UTF-8";
    private FilterConfig _filterConfig = null;

    public void init(FilterConfig filterConfig) throws ServletException {
        _filterConfig = filterConfig;
    }

    public void destroy() {
        _filterConfig = null;
    }

    public void doFilter(ServletRequest request, ServletResponse response,
                         FilterChain chain) throws IOException,
            ServletException {
        HttpServletRequest rq = (HttpServletRequest) request;
        HttpSession httpSession = rq.getSession();
        Long userId = (Long) httpSession.getAttribute("userId");
        if (userId == null) {
            response.setContentType(CONTENT_TYPE);
            PrintWriter out = response.getWriter();
            out.println("<html>");
            out.println("<head><title>Error</title></head>");
            out.println("<body>");
            out.println("<p id='Message'>錯誤.</p>");
            out.println("</body></html>");
            out.close();
        } else {
            chain.doFilter(request, response);
        }

    }
}

 這時全部請求了contextPath/resources/*路徑的request都會被SessionFilter驗證是否登陸。web

2. 可是咱們有一些特定的url不想驗證登陸,想要直接可以訪問,怎麼辦呢?服務器

這時能夠配置一個參數,告訴Filter哪些url不想驗證。session

<filter>
    <filter-name>SecurityFilter</filter-name>
    <filter-class>com.oracle.ccsc.jcs.sx.filter.SecurityFilter</filter-class>
    <init-param>
        <param-name>excludedPages</param-name>
        <param-value>/xm/portal/notice</param-value>
    </init-param>
</filter>

 而後在Filter中就能夠根據參數判斷是否須要過濾。oracle

public class SecurityFilter implements Filter {
    private static final String CONTENT_TYPE = "text/html; charset=UTF-8";
    private FilterConfig _filterConfig = null;

    private String excludedPages;
    private String[] excludedPageArray;

    public void init(FilterConfig filterConfig) throws ServletException {
        _filterConfig = filterConfig;

        excludedPages = filterConfig.getInitParameter("excludedPages");
        if (StringUtils.isNotEmpty(excludedPages)) {
            excludedPageArray = excludedPages.split(",");
        }
    }

    public void destroy() {
        _filterConfig = null;
    }

    public void doFilter(ServletRequest request, ServletResponse response,
                         FilterChain chain) throws IOException,
            ServletException {
        HttpServletRequest rq = (HttpServletRequest) request;
  
        boolean isExcludedPage = false;
        for (String page : excludedPageArray) { //判斷是否在過濾url以外if (rq.getPathInfo().equals(page)) {
                isExcludedPage = true;
                break;
            }
        }
        if (isExcludedPage) { //在過濾url以外
            chain.doFilter(request, response);
        } else { //不在過濾url以外,判斷登陸
            HttpSession httpSession = rq.getSession();
            Long userId = (Long) httpSession.getAttribute("userId");
            if (userId == null) {
                response.setContentType(CONTENT_TYPE);
                PrintWriter out = response.getWriter();
                out.println("<html>");
                out.println("<head><title>Error</title></head>");
                out.println("<body>");
                out.println("<p id='Message'>錯誤.</p>");
                out.println("</body></html>");
                out.close();
            } else {
                chain.doFilter(request, response);
            }
        }
    }
}

3. 關於用Servlet獲取URL地址。app

在HttpServletRequest類裏,有如下六個取URL的函數函數

getContextPath 取得項目名 
getServletPath 取得Servlet名 
getPathInfo 取得Servlet後的URL名,不包括URL參數 
getRequestURL 取得不包括參數的URL 
getRequestURI 取得不包括參數的URI,即去掉協議和服務器名的URL url

具體以下圖:spa

相對應的函數的值以下: 

getContextPath:/ServletTest 
getServletPath:/main 
getPathInfo:/index/testpage/test 
getRequestURL:http://localhost:8080/ServletTest/main/index/testpage/test 
getRequestURI:/ServletTest/main/index/testpage/test code

相關文章
相關標籤/搜索