登录界面拦截java_java拦截通过url访问页面,必须通过登录页面访问目标页面
在web.xml中配置過濾:
LoginFilter
com.verification.action.LoginFilter
LoginFilter
y/form/dealParse.do
/*? 攔截所有請求
/.do? ?攔截以“.do”結尾的請求
/index.jsp? 攔截指定的jsp
/artery/form/*? 攔截該目錄下的所有請求
等等
攔截器,攔截請求類:
思路:比較“由登錄頁面登錄后的session中屬性值”和“通過url直接訪問的session中的屬性值”,找到其中不一樣的,這就是判斷依據。(判斷依據可以參考登錄邏輯類的代碼)
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
* 主頁面攔截,必須從登陸頁面進入index
*/
public class LoginFilter implements Filter {
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest servletRequest,
ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession hs = request.getSession();
if ("ture".equals(hs.getAttribute("isLogin"))) {//登錄后,進入session查看session中的登錄狀態找到判斷依據,
chain.doFilter(request, response);
return;
}
response.sendRedirect(request.getContextPath() + "/login.jsp");
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}
登錄邏輯代碼:
import javax.crypto.spec.DESedeKeySpec;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import com.thunisoft.artery.module.config.ArteryConfigUtil;
import com.thunisoft.summer.component.crypto.CryptFactory;
import com.thunisoft.summer.component.crypto.CryptUtil;
import com.thunisoft.verification.bean.IdentityBean;
/**
* 登錄頁身份認證
* @author sunwenhao
*/
public class IdentityVerificationAction extends Action {
private final Log logger = LogFactory.getLog(IdentityVerificationAction.class);
private static final String IS_LOGIN_KEY = "isLogin";//在此處設置了登錄的判斷屬性
private static final String IS_LOGIN_VALUE = "ture";//在此處設置了登錄的屬性的判斷初始屬性
private static final String SEC_STR="Hso2ThxNiSofHso2ThxNiSof";
@Override
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response)
throws Exception {
IdentityBean identityInfo = (IdentityBean)form;
boolean success = verificationInfo(identityInfo);
//如果驗證身份成功或者不使用登錄頁
if(success) {
request.getSession().setAttribute(IS_LOGIN_KEY, IS_LOGIN_VALUE);
return mapping.findForward("success");
}
request.setAttribute("msg", "用戶名或密碼錯誤");
return mapping.findForward("fail");
}
/**
* 是否登錄
*
* @param request
* @param response
*
* @return
*/
public static boolean isLogin(HttpServletRequest request, HttpServletResponse response) {
String isLogin = (String)request.getSession().getAttribute(IS_LOGIN_KEY);
return IS_LOGIN_VALUE.equals(isLogin);
}
/**
* 驗證登錄信息
*
* @param request
* @param response
*
* @return
*/
private boolean verificationInfo(IdentityBean identityInfo) {
String user = identityInfo.getUsername();
String pwd = identityInfo.getPassword();
pwd=CryptUtil.encrypt(CryptFactory.ALGORITHM_3DES, pwd, SEC_STR);
String username = ArteryConfigUtil.getProperty("username");
String password = ArteryConfigUtil.getProperty("password");
try {
if(username.equals(user) && password.equals(pwd))
return true;
return false;
} catch (Exception e) {
logger.error("驗證用戶名和密碼時出現錯誤.");
return false;
}
}
}
創作挑戰賽新人創作獎勵來咯,堅持創作打卡瓜分現金大獎總結
以上是生活随笔為你收集整理的登录界面拦截java_java拦截通过url访问页面,必须通过登录页面访问目标页面的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 同一本房产证可以在第二个银行抵押贷款吗
- 下一篇: 绝地求生测试服画面优化软件,绝地求生正式