<filter>
<filter-name>SessionInvalidate</filter-name>
<filter-class>com.nonglin.action.SessionCheckFilter</filter-class> <!-- 过滤器核心类的class地址 -->
<init-param>
<param-name>charset</param-name> <!-- 定义编码格式 -->
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>logonStrings</param-name><!-- 对登录页面不进行过滤 -->
<param-value>login.jsp</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>SessionInvalidate</filter-name>
<url-pattern>*.jsp</url-pattern> <!-- 过滤文件类型 -->
</filter-mapping>
SessionCheckFilter.java
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
* 用于检测用户是否登陆的过滤器,如果未登录,则重定向到指的登录页面 配置参数 checkSessionKey 需检查的在 Session 中保存的关键字
* redirectURL 如果用户未登录,则重定向到指定的页面,URL不包括 ContextPath notCheckURLList
* 不做检查的URL列表,以分号分开,并且 URL 中不包括 ContextPath
*/
public class SessionCheckFilter implements Filter {
public FilterConfig config;
/** *客户请求服务器时经过(相当于一个门卡)
* *@param request 客户请求
* *@param response 服务器响应
* *@param chain 滤镜链,通过 chain。doFilter(request,response)方法将请求传给下一个Filter或者Servlet
*
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req= (HttpServletRequest) request;
HttpServletResponse resp= (HttpServletResponse) response;
HttpSession session=req.getSession(); //获取serssion;
String path= req.getRequestURI(); //获取url链接;
String username =(String) session.getAttribute("username");
if(path.endsWith("login.jsp")){//登录页面不过滤
chain.doFilter(req, resp);
}else if(username!=null){//已经登录
chain.doFilter(request, response);
System.out.println("登录过");
return ;
}
}
public void init(FilterConfig filterConfig) throws ServletException {
}
public void destroy() {
// TODO Auto-generated method stub
System.out.println("销毁...");
}
}