Java Servlet Filter实现Web路径和用户日志过滤器时间:2021-06-08 21:02:36 以下是本人在项目中用Servlet Filter实现的Web路径和用户日志过滤器:package com.sunfairs.filter; import java.io.IOException; import java.util.List; import java.util.Vector; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.RequestDispatcher; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.log4j.Logger; import com.sunfairs.bean.Authority; import com.sunfairs.constant.ShopConstants; import com.sunfairs.dao.AuthorityDAO; public class ApplicationFilter implements Filter { private static final Logger logger = Logger.getLogger(ApplicationFilter.class); private String filterPaths; public void destroy() { } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; AuthorityDAO authorityDao = new AuthorityDAO(); httpRequest.setCharacterEncoding("UTF-8"); String requestPath = httpRequest.getRequestURI(); String requestServer = requestPath.substring(0,requestPath.indexOf("/", 1)); String filterPath = httpRequest.getServletPath(); String queryString = httpRequest.getQueryString(); String action = ""; if(queryString!=null && !queryString.equals("")){ if(queryString.indexOf("&")!=-1){ action = "?"+queryString.substring(0, queryString.indexOf("&")); } else{ action = "?"+queryString; } } //logger.info(action); RequestDispatcher dispatcher = httpRequest.getRequestDispatcher("/system_login.jsp"); //logger.info(filterPath); //logger.info(requestPath); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+requestPath; HttpSession session = httpRequest.getSession(); String department = (String) session.getAttribute(ShopConstants.LOGIN_DEPARTMENT); String requestUser = (String) session.getAttribute(ShopConstants.LOGIN_USER); Long userId = (Long) session.getAttribute(ShopConstants.LOGIN_ID); logger.info(department+"/"+requestUser+"--"+basePath+action); String[]filterPathArray = this.filterPaths.split(","); boolean isStartsWith = false; if(userId!=null && requestUser != null){ if(filterPath.indexOf("j_logout")==-1){ for(int i=0;i<filterPathArray.length;i++){ if(filterPath.startsWith(filterPathArray[i])){ isStartsWith = true; break; } } if(isStartsWith){ List authorityList = authorityDao.findUsedByUserId(userId); Vector<String> paths = new Vector<String>(); for(int j=0;j<authorityList.size();j++){ Authority userAuthor = (Authority) authorityList.get(j); paths.add(userAuthor.getPath()); } if(!paths.contains(filterPath+action)){ httpResponse.sendRedirect(requestServer+"/requestDeny.jsp"); } else{ chain.doFilter(request, response); } } else{ chain.doFilter(request, response); } } else{ chain.doFilter(request, response); } } else{ if(!filterPath.equals("/system/userTable.do")){ session.setAttribute("lastPage", filterPath+queryString); dispatcher.forward(httpRequest, httpResponse); } else{ chain.doFilter(request, response); } } //chain.doFilter(httpRequest, httpResponse); } public void init(FilterConfig config) throws ServletException { String filterPaths = config.getInitParameter("filterPaths"); if(filterPaths!=null){ this.filterPaths = filterPaths; logger.info("初始化拦截路径成功!"); } else{ this.filterPaths = "/order/"; } } }