public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
System.out.println("Demo1 过滤前;");
System.out.println("====================================");
System.out.println("获取初始化参数后值");
System.out.println(filterConfig.getInitParameter("testparam"));
HttpServletRequest hreq = (HttpServletRequest) request;
HttpServletResponse hres = (HttpServletResponse) response;
HttpSession session = hreq.getSession();
if (session.getAttribute("user") != null){
chain.doFilter(request, response);
}
if (hreq.getRequestURI().equals(hreq.getContextPath() + "/login.jsp")) {
chain.doFilter(request, response);
}
else{
hres.sendRedirect("/essa/test/login.jsp");
return;
}
chain.doFilter(request, response);
}
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("初始化了");
this.filterConfig = filterConfig;
}
public void destroy() {
System.out.println("销毁了");
}
}
Web.xml
index.jsp
com.essa.config.InitSys
struts2
com.essa.filter.SecurityFilter
testparam
============================ 进行顶层的过滤器应用测试========================================
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
想做几个判断
1.if url 登陆页,获取Json的List中UID/PASS值
remove session所在的值
写入Session,进入Action
else 获取Session.Attribute(UID/PASS)
如果为空到标志页(变换验证),OK返回登录
2.Action中应用:进行UID/Pass进行反复验证
代码实在写不明白了...非常感谢
doFilter 方法里面,各种if都调了chain.doFilter,方法的最后就一行不要再调了。