权限管理
简单的权限管理。
<%-- Document : succes Created on : 2011-5-4, 19:16:10 Author : Administrator --%> <%@page contentType="text/html" pageEncoding="UTF-8"%> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>JSP Page</title> </head> <body> <h1>欢迎你的光临!</h1> <%=session.getAttribute("user")%> <a href="cc/adminsucess.jsp"> 管理员入口</a> </body> </html>
这是登陆成功的页面,sessio里面的user保存着登陆的用户名,当用户名为admin时可以访问/cc文件夹的所有页面。当不是的话,就直接跳转至另一个错误页面。
值得注意的是,如果直接在地址栏中写入受限制的网页的话就直接跳转至登陆页面。也就是必须要登录不登陆不能进入其他页面
下面是过滤器的内容
package quanxian; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.*; import javax.servlet.*; /** * Title: LOGIN FILTER. * * Description: System user login servlet filter. * * Copyright: Copyright (c) 2007/10/05 * * Company: JaMing SoftRoom * * @author: Jamee * * @version 1.0 */ public class NewClass implements Filter{ FilterConfig config; public void init(FilterConfig config)throws ServletException { this.config=config; } public void doFilter(ServletRequest request,ServletResponse response, FilterChain chain)throws IOException,ServletException { HttpServletRequest hreq=(HttpServletRequest)request; HttpServletResponse hrep=(HttpServletResponse)response; request.setCharacterEncoding("GBK"); HttpSession session=hreq.getSession(); String back="default.jsp"; RequestDispatcher dispatcher=hreq.getRequestDispatcher(back); if(session.getAttribute("user") ==null) hreq.getRequestDispatcher("../index.jsp").forward(request, response); try{ String user=(String)session.getAttribute("user"); boolean login=user.equals("admin"); if(login) { chain.doFilter(request,response); }else{ dispatcher.forward(request,response); } }catch(Exception e){ dispatcher.forward(request,response); } } public void destroy() { } }
下面是配置文件的内容
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<filter>
<filter-name>quanxian</filter-name>
<filter-class>quanxian.NewClass</filter-class>
</filter>
<filter-mapping>
<filter-name>quanxian</filter-name>
<url-pattern>/cc/*</url-pattern>
</filter-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
</web-app>