过滤器和拦截器
一、基础知识
http://www.cnblogs.com/wangyuyu/archive/2013/07/02/3167354.html 该博客讲得比较好。
二、过滤器实例 (实现,不是管理员登录,后台地址不可访问)
1.编写登录过滤器LoginFilter.java
package cn.edu.cqu.cqzy.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import cn.edu.cqu.cqzy.entity.User; public class LoginFilter extends HttpServlet implements Filter{ private static final long serialVersionUID = 136364L; public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) resp; HttpSession session = request.getSession(true); User user = (User) session.getAttribute("loginUser"); if(user==null||user.getAuthority()!=4){ String location = "/jsp/invade.jsp"; request.getRequestDispatcher(location).forward(request, response); response.setHeader("Cache-Control", "no-store"); response.setDateHeader("Expires", 0); response.setHeader("Pragma", "no-cache"); }else{ chain.doFilter(request, response); } } public void init(FilterConfig arg0) throws ServletException { } }
2.在web.xml配置该过滤器
<filter> <filter-name>accessFilter</filter-name> <filter-class>cn.edu.cqu.cqzy.filter.LoginFilter</filter-class> </filter> <filter-mapping> <filter-name>accessFilter</filter-name> <url-pattern>/adminJsp/*</url-pattern> </filter-mapping>
tips:该配置要放到struts拦截器前面,将所有后台界面放入adminJsp文件夹,即可实现过滤。
执行顺序 : 先过滤--》拦截--》执行Action--》拦截后 --》过滤后
三、拦截器实例 (实现在不同界面登录后,返回原界面;思想:登录前,记录下登录前的请求地址及参数,登录后,转发回去)
1.编写登录拦截器 LoginInterceptor.java
package cn.edu.cqu.cqzy.interceptor; import java.util.Map; import javax.servlet.http.HttpServletRequest; import org.apache.struts2.ServletActionContext; import com.opensymphony.xwork2.ActionContext; import com.opensymphony.xwork2.ActionInvocation; import com.opensymphony.xwork2.interceptor.Interceptor; public class LoginIntercepter implements Interceptor{ /** * */ private static final long serialVersionUID = 1346436L; public void destroy() { // TODO Auto-generated method stub } public void init() { // TODO Auto-generated method stub } public String intercept(ActionInvocation invocation) throws Exception { ActionContext context = invocation.getInvocationContext(); // 获取session Map<String, Object> session = context.getSession(); Object user = session.get("loginUser"); // 用户还未登陆 if (user == null) { // 获取HttpServletRequest对象 HttpServletRequest req = ServletActionContext.getRequest(); // 获取此请求的地址,请求地址包含application name,进行subString操作,去除application name String path = req.getRequestURI().substring(14); // 获得请求中的参数 String queryString = req.getQueryString(); // 预防空指针 if (queryString == null) { queryString = ""; } // 拼凑得到登陆之前的地址 String realPath = path + "?" + queryString; // 存入session,方便调用 session.put("prePage", realPath); return invocation.invoke(); } // 用户已经登陆,放行 return invocation.invoke(); } }
2.在struts.xml中配置拦截器
2.1 定义拦截栈
<interceptors> <interceptor name="loginInterceptor" class="cn.edu.cqu.cqzy.interceptor.LoginIntercepter"/> <interceptor-stack name="JumpTo"> <interceptor-ref name="loginInterceptor"/> <interceptor-ref name="defaultStack"/> </interceptor-stack> </interceptors>
2.2 在需要action中,加入拦截栈名 eg:
<action name="list" class="cn.edu.cqu.cqzy.action.ListCategoryAction"> <param name="p.pageSize">10</param> <result>/jsp/yxk.jsp</result> <result name="fail" type="redirect">/jsp/error.jsp</result> <interceptor-ref name="JumpTo"/> </action> ...... <action name="listSongByCId" class="cn.edu.cqu.cqzy.action.ListSongsByCategoryId"> <param name="p.pageSize">38</param> <result >/jsp/yxk3.jsp</result> <result name="fail" type="redirect">/jsp/error.jsp</result> <interceptor-ref name="JumpTo"/> </action>
3 在登录控制程序中,加入相应代码 LoginAction.java
...... //获取跳转到登陆界面之前的页面地址,由拦截器提供 prePage = (String) session.getAttribute("prePage"); try { //重定向到原界面
ServletActionContext.getResponse().sendRedirect(prePage); return null; } catch (IOException e) { e.printStackTrace(); }