求解一个filter有关问题
日期:2014-05-17 浏览次数:20602 次
求解一个filter问题
这个filter的意思是登录后才能浏览其他页面
xml配置如下
<filter>
<filter-name>SecurityFilter</filter-name>
<filter-class>com.csy.filter.SecurityFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SecurityFilter</filter-name>
<url-pattern>/index.jsp</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
filtet代码如下
package com.csy.filter;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.Filter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class SecurityFilter implements Filter {
public void init(FilterConfig filterConfig) {
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws ServletException, IOException{
HttpSession session = ((HttpServletRequest)request).getSession();
if(session.getAttribute("login") == null) {
((HttpServletResponse)response).sendRedirect("login.jsp");
} else {
filterChain.doFilter(request, response);
}
}
public void destroy() {
}
}
为什么我还是可以不登录,直接访问到index.jsp呢?
------解决方案--------------------
打个断点调试,如果进不了SecurityFilter 里面的断点,则是web.xml中的拦截器没有写对。参考:
这个filter的意思是登录后才能浏览其他页面
xml配置如下
<filter>
<filter-name>SecurityFilter</filter-name>
<filter-class>com.csy.filter.SecurityFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SecurityFilter</filter-name>
<url-pattern>/index.jsp</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
filtet代码如下
package com.csy.filter;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.Filter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class SecurityFilter implements Filter {
public void init(FilterConfig filterConfig) {
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws ServletException, IOException{
HttpSession session = ((HttpServletRequest)request).getSession();
if(session.getAttribute("login") == null) {
((HttpServletResponse)response).sendRedirect("login.jsp");
} else {
filterChain.doFilter(request, response);
}
}
public void destroy() {
}
}
为什么我还是可以不登录,直接访问到index.jsp呢?
------解决方案--------------------
打个断点调试,如果进不了SecurityFilter 里面的断点,则是web.xml中的拦截器没有写对。参考:
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>
com.csy.filter.SecurityFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>*.action</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
免责声明: 本文仅代表作者个人观点,与爱易网无关。其原创性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容、文字的真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
