jsp页面权限设置有关问题
日期:2014-05-16 浏览次数:20338 次
jsp页面权限设置问题
在jsp页面中来设置权限,这里用Filter的方式来设置页面权限。下面举的例是一个简单用户登陆注册的例子,所以注册页面和登录页面是用户不用登陆就可以进去查看的。例子如下:
package com.itjob.filter;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class RightFilter implements Filter {
private static final String LOGIN_URI = "LOGIN_URI";
private static final String REG_URI = "REG_URI";
private String login_page;
private String reg_page;
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
resp.setContentType("text/html;");
resp.setCharacterEncoding("utf-8");
HttpSession session = req.getSession();
PrintWriter out = resp.getWriter();
// 得到用户请求的URI
String request_uri = req.getRequestURI();//="/JSPWork/index.jsp"
// 得到web应用程序的上下文路径
String ctxPath = req.getContextPath();//="/JSPWork"
// 去除上下文路径,得到剩余部分的路径
String uri = request_uri.substring(ctxPath.length());//="index.jsp"
// 判断用户访问的是否是登录页面
if (uri.equals(login_page) || uri.equals(reg_page)){//注册和登录页面不过滤,如果不这么写,什么页面也进入不了
chain.doFilter(request, response);
return;
} else {
// 如果访问的不是登录页面,则判断用户是否已经登录
if (null != session.getAttribute("username")
&& "" != session.getAttribute("username")) {
chain.doFilter(request, response);
return;
} else {
resp.sendRedirect("/JSPWork/login.jsp");
return;
}
}
}
public void init(FilterConfig config) throws ServletException {
// TODO Auto-generated method stub
// 从部署描述符中获取登录页面和首页的URI
login_page = config.getInitParameter(LOGIN_URI);
reg_page = config.getInitParameter(REG_URI);
// System.out.println(logon_page);
if (null == login_page || null == reg_page) {
throw new ServletException("没有找到登录页面或主页");
}
}
}
在web.xml中注意添加以下内容:
<init-param>
<param-name>LOGIN_URI</param-name>
<param-value>/login.jsp</param-value>
</init-param>
<init-param>
<param-name>REG_URI</param-name>
<param-value>/register.jsp</param-value>
</init-param>
在jsp页面中来设置权限,这里用Filter的方式来设置页面权限。下面举的例是一个简单用户登陆注册的例子,所以注册页面和登录页面是用户不用登陆就可以进去查看的。例子如下:
package com.itjob.filter;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class RightFilter implements Filter {
private static final String LOGIN_URI = "LOGIN_URI";
private static final String REG_URI = "REG_URI";
private String login_page;
private String reg_page;
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
resp.setContentType("text/html;");
resp.setCharacterEncoding("utf-8");
HttpSession session = req.getSession();
PrintWriter out = resp.getWriter();
// 得到用户请求的URI
String request_uri = req.getRequestURI();//="/JSPWork/index.jsp"
// 得到web应用程序的上下文路径
String ctxPath = req.getContextPath();//="/JSPWork"
// 去除上下文路径,得到剩余部分的路径
String uri = request_uri.substring(ctxPath.length());//="index.jsp"
// 判断用户访问的是否是登录页面
if (uri.equals(login_page) || uri.equals(reg_page)){//注册和登录页面不过滤,如果不这么写,什么页面也进入不了
chain.doFilter(request, response);
return;
} else {
// 如果访问的不是登录页面,则判断用户是否已经登录
if (null != session.getAttribute("username")
&& "" != session.getAttribute("username")) {
chain.doFilter(request, response);
return;
} else {
resp.sendRedirect("/JSPWork/login.jsp");
return;
}
}
}
public void init(FilterConfig config) throws ServletException {
// TODO Auto-generated method stub
// 从部署描述符中获取登录页面和首页的URI
login_page = config.getInitParameter(LOGIN_URI);
reg_page = config.getInitParameter(REG_URI);
// System.out.println(logon_page);
if (null == login_page || null == reg_page) {
throw new ServletException("没有找到登录页面或主页");
}
}
}
在web.xml中注意添加以下内容:
<init-param>
<param-name>LOGIN_URI</param-name>
<param-value>/login.jsp</param-value>
</init-param>
<init-param>
<param-name>REG_URI</param-name>
<param-value>/register.jsp</param-value>
</init-param>
免责声明: 本文仅代表作者个人观点,与爱易网无关。其原创性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容、文字的真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
