权限过滤器

程序员文章站 2024-01-21 14:40:10

...

在网页制作中往往有些页面在用户没有登录是不能访问的，通常我们可以用session判断但如果页面较多那写的重复代码就多了所以这里我们可以用一个过滤器。

package com.zchen.util.filter;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class AuthFilter implements Filter {

	public void destroy() {
		System.out.println("authfilter destroy");
	}

	public void doFilter(ServletRequest req, ServletResponse resp,
			FilterChain chain) throws IOException, ServletException {
		//System.out.println("authfilter dofilter");
		HttpServletRequest request = (HttpServletRequest)req;
		HttpServletResponse response = (HttpServletResponse)resp;
		HttpSession session = request.getSession(false);
		
		if(session == null || (String)session.getAttribute("admin") == null ||!((String)session.getAttribute("admin")).equals("admin")) {
			System.out.println(request.getContextPath());
			response.sendRedirect( request.getContextPath() + "/AdminLogin.jsp");
			return;
		}
		chain.doFilter(req, resp);
	}

	public void init(FilterConfig config) throws ServletException {
		System.out.println("authfilter init");
	}

}

在web.xml中配置：

	<filter>
		<filter-name>AuthFilter</filter-name>
		<filter-class>
			com.zchen.util.filter.AuthFilter
		</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>AuthFilter</filter-name>
		<url-pattern>/admin/*</url-pattern>
	</filter-mapping>

有些时候也用过滤器来过滤掉一下黑名单

package com.zchen.util.filter;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

public class IPFilter implements Filter {
	
	FilterConfig fc = null;
	
	public void destroy() {
		System.out.println("IPFilter destroy");
	}

	public void doFilter(ServletRequest req, ServletResponse resp,
			FilterChain chain) throws IOException, ServletException {
		//System.out.println("IPFilter dofilter");
		String ip = req.getRemoteAddr();
		String strIPBlackList = fc.getInitParameter("IPBlackList");
		if(strIPBlackList.indexOf(ip) != -1) {
			PrintWriter out = resp.getWriter();
			out.println("Your IP is not welcome!");
			return;
		}
		chain.doFilter(req, resp);
	}

	public void init(FilterConfig fc) throws ServletException {
		System.out.println("IPFilter init");
		this.fc = fc;
	}

}

	<filter>
		<filter-name>IPFilter</filter-name>
		<filter-class>
			com.zchen.util.filter.IPFilter
		</filter-class>
		<init-param>
			<param-name>IPBlackList</param-name>
			<param-value>192.168.0.16,192.168.0.165</param-value>
		</init-param>
	</filter>
	<filter-mapping>
		<filter-name>IPFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

权限过滤器

权限过滤器

权限过滤器

过滤器实现简单权限控制

系统设计第一课，权限管理如何理解

AngularJS中过滤器的使用与自定义实例代码

Ubuntu16.04 ext4格式硬盘挂载普通用户权限控制的操作方法

自定义Hive权限控制(2) 权限配置项目

MySQL权限_MySQL

ASP.NET MVC学习之过滤器（一）

Linux下部署Symfoy2对app/cache和app/logs目录的权限设置，symfoy2logs