struts2过滤用户非法登陆

本文介绍了一种通过自定义过滤器(LoginFilter)实现用户非法登录的预防机制,并展示了如何在web.xml中配置此过滤器来保护网站资源不被未授权访问。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

1、过滤用户非法登录(LoginFilter.java)

package comm;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 *过滤用户非法登录(过滤jsp页面)
 */
public class LoginFilter extends HttpServlet implements Filter {
	public void destroy() {
	}

	public void doFilter(ServletRequest sRequest, ServletResponse sResponse,
			FilterChain filterChain) throws IOException, ServletException {

		HttpServletRequest request = (HttpServletRequest) sRequest;
		HttpServletResponse response = (HttpServletResponse) sResponse;
		HttpSession session = request.getSession();

		String contextPath = request.getContextPath();
		String url = request.getRequestURI();

		String user = (String) session.getAttribute("userName");

		// 非登录页面或非登录验证页面,则非法过滤
		if (url.indexOf("login.jsp") < 0
				&& url.indexOf("loginAction!check") < 0 && user == null) {// 转入登陆页面

			// 解决:加了过滤器后,CSS不能显示问题
			if (url.indexOf(".jpg") > 0 || url.indexOf(".bmp") > 0
					|| url.indexOf(".gif") > 0 || url.indexOf(".css") > 0
					|| url.indexOf(".png") > 0) {
				filterChain.doFilter(sRequest, sResponse);
				return;
			}

			response.sendRedirect(contextPath + "/login.jsp");
		} else {
			filterChain.doFilter(sRequest, sResponse);
		}
	}

	public void init(FilterConfig arg0) throws ServletException {

	}
}

2、web.xml配置

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" 
	xmlns="http://java.sun.com/xml/ns/javaee" 
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
	http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
  <welcome-file-list>
      <welcome-file>pages/user/index.jsp</welcome-file>
  </welcome-file-list>
  
    <!-- 过滤用户非法登录 -->
    <filter>     
         <filter-name>loginFilter</filter-name>     
         <filter-class>comm.LoginFilter</filter-class>     
    </filter>     
    <filter-mapping>  
         <filter-name>loginFilter</filter-name>  
         <url-pattern>/*</url-pattern>  
    </filter-mapping>
  
  <filter>
      <filter-name>struts2</filter-name>
  	  <filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class>
  </filter>
  <filter-mapping>
  	  <filter-name>struts2</filter-name>
  	  <url-pattern>/*</url-pattern>
  </filter-mapping>
</web-app>


评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值