filter可以用来进行权限控制,比如admin文件夹下的文件只允许管理员进入,那么,可以给admin文件夹加上一个过滤器:
简单代码示例:
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
public class RCFilter implements Filter {
public void destroy() {}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req=(HttpServletRequest) request;
String admin=(String) req.getSession().getAttribute("admin"); //查看管理员是否登录,这里只是用于演示,方便起见,用字符串代替管理员类
if(admin==null)
{
System.out.println("您不是管理员,不得进入该页面!"); //管理员未登录,不放行
}
else chain.doFilter(request, response); //放行
}
public void init(FilterConfig fConfig) throws ServletException {}
}
RCFilter
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
<display-name></display-name>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<filter>
<display-name>RCFilter</display-name>
<filter-name>RCFilter</filter-name>
<filter-class>RCFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>RCFilter</filter-name>
<url-pattern>/admin/*</url-pattern>
</filter-mapping>
</web-app>
web.xml