来源:http://dengkehai.javaeye.com/blog/207098
一.页面编码过滤器 1.开发EncodingFilter.java文件,继承自javax.servlet.Filter: package bluemoon.crm.systemmanage.struts.Filter; import java.io.*; import javax.servlet.*; public class EncodingFilter implements Filter { protected String encoding = null; protected FilterConfig config; public void init(FilterConfig filterConfig) throws ServletException { this.config = filterConfig; //从web.xml配置文件中获取编码配置 this.encoding = filterConfig.getInitParameter("Encoding"); } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if(request.getCharacterEncoding() == null) { String encode = getEncoding(); if(encode != null) { //设置request的编码方式 request.setCharacterEncoding(encode); } } chain.doFilter(request,response); } public String getEncoding() { return encoding; } public void destroy() { } } 2. 在web.xml文件中加入如下配置信息: <!-- 页面请求编码过滤器 注意每个页面的pageEncoding="GB2312" --> <filter> <filter-name>encodingFilter</filter-name> <filter-class>bluemoon.crm.systemmanage.struts.Filter.EncodingFilter</filter-class> <init-param> <!--这里配置的是filter的初始化参数,初始化filter时可以获得--><param-name>Encoding</param-name> <param-value>GB2312</param-value> </init-param> </filter> <filter-mapping> <filter-name>encodingFilter</filter-name> <!-- 对全部的jsp页面有效,比较郁闷的是没有太多的配置方式 --> <url-pattern>/*</url-pattern> </filter-mapping> <!--页面请求编码过滤器结束--> 二.用户是否登陆过滤器: 1.首先增加一个Action、ActionForm & JSP: login.jsp中为一个登陆表单: UserActionForm.java为一个Struts的ActionForm。 UserAction.java将用户登陆信息添加到session中。 2. 开发UserLoginedFilter.java: package bluemoon.crm.systemmanage.struts.Filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.RequestDispatcher; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.*; import bluemoon.crm.systemmanage.struts.forms.UserActionForm; public class UserLoginedFilter extends HttpServlet implements Filter { protected FilterConfig config; public void init(FilterConfig filterConfig) throws ServletException { this.config = filterConfig; } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { RequestDispatcher dispatcher = request.getRequestDispatcher("userLogin.jsp"); HttpServletRequest userRequest = (HttpServletRequest)request; UserActionForm userActionForm = (UserActionForm)userRequest.getSession().getAttribute("userActionForm"); if(userActionForm == null || userActionForm.getUser_name() == null || userActionForm.getUser_name().trim().length()<1) { System.out.println("用户未登录!"); dispatcher.forward(request,response); return; } System.out.println("用户已登录!"); chain.doFilter(request,response); } public void destroy() { } } 3.在web.xml文件中添加如下配置信息: <!—用户是否登陆过滤器配置 注意只过虑jsp页面,不过虑.do --> <filter> <filter-name>userLoginedFilter</filter-name> <filter-class>bluemoon.crm.systemmanage.struts.Filter.UserLoginedFilter</filter-class> </filter> <filter-mapping> <filter-name>userLoginedFilter</filter-name> <url-pattern>*.jsp</url-pattern> </filter-mapping> <!—用户是否登陆过滤器配置结束 --> 三.用户是否登陆过滤器在多模块中的应用: 1.修改上面的过滤器代码: package bluemoon.crm.systemmanage.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.RequestDispatcher; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.*; import bluemoon.crm.systemmanage.struts.forms.UserForm; //用户未登陆过滤器 public class UserNoLoginedFilter extends HttpServlet implements Filter { protected FilterConfig config; public void init(FilterConfig filterConfig) throws ServletException { this.config = filterConfig; } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { //首先预定义到要转向的页面,由此带来的问题就是userLogin.jsp页面的图片必须要使用绝对路径,方法见userLogin.jsp页面 RequestDispatcher dispatcher = request.getRequestDispatcher("/toLogin.do?prefix=&page=/userLogin.jsp"); //注意在struts-config.xml中增加一个Action,如下: /* *<action * attribute="userForm" * name="userForm" * path="/toLogin" * scope="request" * type="org.apache.struts.actions.SwitchAction" /> */ // 从session中获取用户form HttpServletRequest userRequest = (HttpServletRequest)request; UserForm userForm = (UserForm)userRequest.getSession().getAttribute("userForm"); //如果未登陆则没有userFrom信息 if(userForm == null || userForm.getUser_name() == null || userForm.getUser_name().trim().length()<1) { System.out.println("用户未登录!"); //分发到登陆页面 dispatcher.forward(request,response); //((HttpServletResponse)response).sendRedirect("toModule.do?prefix=&page=/userLogin.jsp"); return; } System.out.println("用户"+userForm.getUser_name()+"已登录!"); chain.doFilter(request,response); } public void destroy() { } } 四.关闭Session过滤器 1.相关的HibernateUtil.java源码: package com.worklog.util; import org.hibernate.*; import org.hibernate.cfg.*; public class HibernateUtil { private static SessionFactory sessionFactory; static { try { sessionFactory = new Configuration().configure().buildSessionFactory(); } catch(Exception e) { e.printStackTrace(); } } public static final ThreadLocal<Session> threadLocalSession = new ThreadLocal<Session>(); public static final ThreadLocal<Transaction> threadLocalTransaction = new ThreadLocal<Transaction>(); public static Session currentSession() { Session session = threadLocalSession.get(); try { if(session == null || !session.isOpen()) { session = openSession(); threadLocalSession.set(session); } } catch(Exception e) { e.printStackTrace(); System.out.println("获取Session失败"); } return session; } public static Session openSession() throws Exception { return getSessionFactory().openSession(); } public static SessionFactory getSessionFactory() throws Exception { return sessionFactory; } public static void closeSession() { Session session = (Session)threadLocalSession.get(); threadLocalSession.set(null); try { if(session != null && session.isOpen()) { //System.out.println("HibernateUtil.java--line59,关闭Session!"); session.close(); } } catch(Exception e) { e.printStackTrace(); System.out.println("关闭Session失败"); } } public static void beginTransaction() { Transaction tx = (Transaction)threadLocalTransaction.get(); try { if(tx == null) { tx = currentSession().beginTransaction(); threadLocalTransaction.set(tx); } } catch(Exception e) { e.printStackTrace(); System.out.println("开始事务失败"); } } public static void commitTransaction() { Transaction tx = (Transaction)threadLocalTransaction.get(); try { if(tx !=null && !tx.wasCommitted() && !tx.wasRolledBack()) { tx.commit(); } threadLocalTransaction.set(null); } catch(Exception e) { e.printStackTrace(); System.out.println("提交失败"); } } public static void rollbackTransaction() { Transaction tx = (Transaction)threadLocalTransaction.get(); try { threadLocalTransaction.set(null); if(tx != null && !tx.wasCommitted() && !tx.wasRolledBack()) tx.rollback(); } catch(Exception e) { e.printStackTrace(); System.out.println("回滚失败"); } } } 2.CloseSessionFilter.java源码: package com.worklog.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import com.worklog.util.HibernateUtil; public class CloseSessionFilter implements Filter{ Log log = LogFactory.getLog(this.getClass()); protected FilterConfig config; public void init(FilterConfig config) throws ServletException { this.config = config; } public void doFilter( ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,ServletException { try { //让后面的Filter链处理请求,这个Filter仅仅拦截响应处理Hibernate操作 chain.doFilter((HttpServletRequest)request, (HttpServletResponse)response); } finally { try { //一直没有合适的关闭session的方法 HibernateUtil.closeSession(); //System.out.println("close session success"); log.debug("close session success"); } catch(Exception e) { HibernateUtil.rollbackTransaction(); System.out.println("can not close session!/nerrors:"+e.getMessage()); log.debug("can not close session!/nerrors:"+e.getMessage()); } finally { HibernateUtil.closeSession(); } } } public void destroy() { } } 3.web.xml配置 <?xml version="1.0" encoding="GB2312"?> <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.4" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"> <!-- 关闭Session过滤器 --> <filter> <filter-name>closeSessionFilter</filter-name> <filter-class>com.worklog.filter.CloseSessionFilter</filter-class> </filter> <filter-mapping> <filter-name>closeSessionFilter</filter-name> <servlet-name>action</servlet-name> </filter-mapping> <!-- 关闭Session过滤器结束 --> <servlet> <servlet-name>action</servlet-name> <servlet-class>org.apache.struts.action.ActionServlet</servlet-class> <init-param> <param-name>config</param-name> <param-value>/WEB-INF/struts-config.xml</param-value> </init-param> <init-param> <param-name>debug</param-name> <param-value>3</param-value> </init-param> <init-param> <param-name>detail</param-name> <param-value>3</param-value> </init-param> <load-on-startup>0</load-on-startup> </servlet> <servlet-mapping> <servlet-name>action</servlet-name> <url-pattern>*.do</url-pattern> </servlet-mapping> </web-app> //使用filter过滤器实现登陆权限验证 1.首先写一个权限过滤filter类,实现Filter接口 public class RightFilter implements Filter { public void init(FilterConfig filterConfig) throws ServletException { } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse) response; HttpSession session = req.getSession(true); String path = req.getRequestURI(); // 从session里取的用户名信息 String userid= (String) session.getAttribute("userid"); for (int i = 0; i < Constants.NoFilter_Pages.length; i++) { if (path.indexOf(Constants.NoFilter_Pages[i]) > -1) { chain.doFilter(req, res); return; } } if (username == null || "".equals(username)) { // 跳转到登陆页面 res.sendRedirect("http://"+req.getHeader("Host")+"/task/login.jsp");; } else { // 已经登陆,继续此次请求 chain.doFilter(request, response); } } public void destroy() { } } public class Constants { public Constants() { } public static String[] NoFilter_Pages = { "/index.jsp", "/login.jsp", }; } 2.然后在web.xml里配置需要登陆权限验证的JSP文件: a.如果是某个具体的JSP文件(如a.jsp)需要登陆验证 <web-app> ... <filter> <filter-name>right</filter-name> <filter-class>com.dayou.util.RightFilter</filter-class> </filter> <filter-mapping> <filter-name>right</filter-name> <url-pattern>/a.jsp</url-pattern> </filter-mapping> ... </web-app> b.如果是某一个目录(如pages/目录)整个目录下的文件都需要登陆验证: <web-app> ... <filter> <filter-name>right</filter-name> <filter-class>com.dayou.util.RightFilter</filter-class> </filter> <filter-mapping> <filter-name>right</filter-name> <url-pattern>/pages/*</url-pattern> </filter-mapping> ... </web-app> ----------------------------------------------- 最简单判断用户是否登陆验证: public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) arg0; HttpServletResponse response = (HttpServletResponse) arg1; String uri = request.getRequestURI(); if(uri.indexOf( "/assessTeamE/login.jsp ") != -1 || uri.equals( "/assessTeamE/login.do ")){ arg2.doFilter(arg0, arg1); }else if(request.getSession().getAttribute( "uid ") != null){ arg2.doFilter(arg0, arg1); }else{ response.sendRedirect(login); } }
