本文介绍了一种防止用户直接访问JSP页面的方法,通过创建一个名为JspFilter的过滤器来实现。该过滤器检查所有传入请求,并在检测到以.jsp结尾的URL时将用户重定向到主页。
在项目中,我们需要控制用户不能直接访问JSP页面,需要实现此功能很简单,1.使用过滤器控制如果用户请求了JSP页面,直接跳转到指定的URL,如主页,2.在web.xml文件中配置,当服务器启动时,自动加载过滤器
1、编码JspFilter过滤器,需要实现Filter
package com.weixin.common.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* JSP过滤器,不能直接访问JSP
*
* @author Administrator
*
*/
public class JspFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
// TODO Auto-generated method stub
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
String url = httpServletRequest.getRequestURI();
if (url != null && url.endsWith(".jsp")) {
// TODO 这里可以跳转到主页
String contextPath = httpServletRequest.getContextPath();
httpServletResponse.sendRedirect(contextPath + "/user/index.do");
return;
}
chain.doFilter(httpServletRequest, httpServletResponse);
}
@Override
public void destroy() {
// TODO Auto-generated method stub
}
}
<!-- jsp过滤器 start -->
<filter>
<filter-name>jspFilter</filter-name>
<filter-class>com.weixin.common.filter.JspFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>jspFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- jsp过滤器 end -->
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
