日期:2014-05-20 浏览次数:20841 次
String targetURL = path.substring(path.indexOf("/", 1), path.length()); // 截取到当前文件名用于比较 String refer = request.getHeader("Referer"); if ("/mylogin/mylogin_tologin.dzquota".equals(targetURL) || "/WEB-INF/jsp/login/login.jsp".equals(targetURL) || (null != session && null != session .getAttribute(UserConstants.DEFAULT_CERT_CODE_FLAG))) { chain.doFilter(request, response); } // 未登录/session过期 else { response.sendRedirect(request.getContextPath() + "/mylogin/mylogin_tologin.dzquota"); return; }
<filter-name>auth</filter-name> <filter-class>com.quota.core.web.filter.AuthFilter</filter-class> </filter> <filter-mapping> <filter-name>auth</filter-name> <url-pattern>*.jsp</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </filter-mapping> <filter-mapping> <filter-name>auth</filter-name> <url-pattern>*.dzquota</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </filter-mapping>
<servlet-mapping> <servlet-name>action</servlet-name> <url-pattern>*.dzquota</url-pattern> </servlet-mapping>
------解决方案--------------------
配置成<url-pattern>/*</url-pattern>不就可以了啊
------解决方案--------------------
顺便问问
*.dzquota 是啥东东?
------解决方案--------------------
JSP页面放到WebRoot下面,直接只对action拦截就可以了。。
------解决方案--------------------
Spring Security
------解决方案--------------------
如果用strut2的话,用拦截器控制