|
1 web.xml里添加filter配置信息。
<filter>
<filter-name>Authentication</filter-name>
<filter-class>
com.nova.colimas.web.filters.AuthenticationFilter
</filter-class>
<init-param>
<param-name>onError</param-name>
<param-value>/pages/index.jsp</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Authentication</filter-name>
<url-pattern>/protect/*</url-pattern>
</filter-mapping>
<filter-class>定义使用com.nova.colimas.web.filters.AuthenticationFilter类执行过滤Action。
<init-param>当验证失败后Forward到/pages/index.jsp
<filter-mapping>只有当地址包括/protect/时运行filter类
2 实现com.nova.colimas.web.filters.AuthenticationFilter
package com.nova.colimas.web.filters;
import java.io.IOException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.*;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import com.nova.colimas.web.bean.UserBean;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.struts.Globals;
import org.apache.struts.action.*;
import com.nova.colimas.web.constants.Constants;
/**
* Filter implementation for user authentication。必须实现Filter接口
* @author tyrone
* @version $Id: AuthenticationFilter.java,v 1.0
*/
public class AuthenticationFilter implements Filter
{
/**
* filterConfig will store the reference of FilterConfig
*/
private FilterConfig filterConfig;
private String onErrorUrl;
/**
* store the reference of the FilterConfig.
* @param config FilterConfig object
* @throws ServletException
*/
public void init(FilterConfig config) throws ServletException
{
//获得验证失败forward地址
filterConfig = config;
onErrorUrl=filterConfig.getInitParameter("onError");
if (onErrorUrl==null || "".equals(onErrorUrl)){
onErrorUrl="/pages/index.jsp";
}
}
/**
* User Authentication is done. If User is authenticated successful then
* control is transferred to logon URI
* @param ServletRequest Request
* @param ServletRequest Response
* @param FilterChain Filter Chain
* @throws ServletException,IOException
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain next)
throws IOException, ServletException
{
HttpServletRequest httpRequest = (HttpServletRequest)request;
HttpServletResponse httpResponse=(HttpServletResponse)response;
// Current session
HttpSession httpSession = httpRequest.getSession();
//Session里是否有用户信息。
if (httpSession.getAttribute(Constants.USER_KEY) == null)
{
ActionErrors errors=new ActionErrors();
errors.add(ActionErrors.GLOBAL_ERROR,
new ActionError("error authentication"));
httpRequest.setAttribute(Globals.ERROR_KEY,errors);
//没有,验证失败forward到/pages/index.jsp httpRequest.getRequestDispatcher(onErrorUrl).forward(httpRequest,httpResponse);
}else
//成果过滤Action结束
next.doFilter(request,response);
}
/**
* destroy() method is called by the servlet container
*/
public void destroy()
{
}
}
|
