Web访问登陆过滤器控制

web.xml

<filter>
    <filter-name>AuthFilter</filter-name>
	<filter-class>com.acconsys.capital.util.AuthFilter</filter-class>
	    <init-param>
		<param-name>excludeUrl</param-name>
		<param-value>login.action,loginSubmit.action</param-value>
	    </init-param>
	</filter>

<filter-mapping>
	<filter-name>AuthFilter</filter-name>
	<url-pattern>*.action</url-pattern>
</filter-mapping>

public class SystemConstants {

public static final String CURRENT_USER = "current_user";

}

AuthFilter.java

/*******************************************************************************
 * @project: Capital501
 * @package: com.acconsys.capital.util
 * @file: AuthFilter.java
 * @created: 2014-8-15
 * @purpose:
 * 
 * @version: 1.0
 * 
 * Revision History at the end of file.
 * 
 * Copyright 2014 AcconSys All rights reserved.
 ******************************************************************************/

package com.acconsys.capital.util;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.acconsys.capital.common.SystemConstants;

public class AuthFilter implements Filter {
	
	private FilterConfig filterConfig = null;
	private String sysUrl;
	
	/**
	 * @see Filter#destroy()
	 */
	public void destroy() {
		this.filterConfig = null;
	}

	/**
	 * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
	 */
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		try {
            HttpServletRequest httpRequest = (HttpServletRequest) request;
            HttpServletResponse httpResponse = (HttpServletResponse) response;

    		if(sysUrl == null) {
    			StringBuffer requestURL = httpRequest.getRequestURL();
    			String contextPath = httpRequest.getContextPath();
    			sysUrl = requestURL.substring(0, requestURL.indexOf(contextPath)) + contextPath;
    		}
            
            if(isExcludeUrl(httpRequest)) {
                chain.doFilter(request, response);
                return;
            }

        	HttpSession session = httpRequest.getSession(false);
        	if (session == null || session.getAttribute(SystemConstants.CURRENT_USER) == null) {
        		PrintWriter out = httpResponse.getWriter();
        		out.write("<script>window.top.location.href='" +httpRequest.getContextPath()
        				+ "/login.action'</script>");
        	}else{
        		chain.doFilter(request, response);
        	}
        } catch (Exception ex) {
        	ex.printStackTrace();
        }
	}
	
	private boolean isExcludeUrl(HttpServletRequest request) {
		String contextPath = request.getContextPath();
		String excludeUrl = filterConfig.getInitParameter("excludeUrl");
		String requestUri = request.getRequestURI();

		int questionIndex = requestUri.indexOf("?");
		if (questionIndex > 0) {
			requestUri = requestUri.substring(0, questionIndex);
		}
		String[] actions = excludeUrl.split(",");
		for (int i = 0; i < actions.length; i++) {
			if (requestUri.equals(contextPath + "/" + actions[i].trim())) {
				return true;
			}
		}
		return false;
	}

	/**
	 * @see Filter#init(FilterConfig)
	 */
	public void init(FilterConfig filterConfig) throws ServletException {
		this.filterConfig = filterConfig;
	}

}


/*******************************************************************************
 * <B>Revision History</B><BR>
 * [type 'revision' and press Alt + / to insert revision block]<BR>
 * 
 * 
 * 
 * Copyright 2014 AcconSys All rights reserved.
 ******************************************************************************/