权限管理

简单的权限管理。

<%-- 
    Document   : succes
    Created on : 2011-5-4, 19:16:10
    Author     : Administrator
--%>

<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>JSP Page</title>
    </head>
    <body>
        <h1>欢迎你的光临!</h1>
        <%=session.getAttribute("user")%>
        <a href="cc/adminsucess.jsp"> 管理员入口</a>
    </body>
</html>

这是登陆成功的页面,sessio里面的user保存着登陆的用户名,当用户名为admin时可以访问/cc文件夹的所有页面。当不是的话,就直接跳转至另一个错误页面。

值得注意的是,如果直接在地址栏中写入受限制的网页的话就直接跳转至登陆页面。也就是必须要登录不登陆不能进入其他页面

下面是过滤器的内容

    package quanxian;  
    import java.io.IOException;  
    import javax.servlet.Filter;  
    import javax.servlet.FilterChain;  
    import javax.servlet.FilterConfig;  
    import javax.servlet.ServletContext;  
    import javax.servlet.ServletException;  
    import javax.servlet.ServletRequest;  
    import javax.servlet.ServletResponse;  
    import javax.servlet.http.*;  
    import javax.servlet.*;       
    /**  
    * Title:        LOGIN FILTER.  
    * 
    * Description: System user login servlet filter.  
    * 
    * Copyright:    Copyright (c) 2007/10/05 
    * 
    * Company:      JaMing SoftRoom 
    * 
    * @author: Jamee 
    * 
    * @version 1.0  
    */  
    public class NewClass implements Filter{  
      
        FilterConfig config;  
      
        public void init(FilterConfig config)throws ServletException  
      
        {  
      
        this.config=config;  
      
        }  
        public void doFilter(ServletRequest request,ServletResponse response,  
      
                           FilterChain chain)throws IOException,ServletException  
        {  
      
            HttpServletRequest hreq=(HttpServletRequest)request;  
      
            HttpServletResponse hrep=(HttpServletResponse)response;  
      
            request.setCharacterEncoding("GBK");  
      
            HttpSession session=hreq.getSession();  
      
            String back="default.jsp";  
      
            RequestDispatcher dispatcher=hreq.getRequestDispatcher(back);  
            if(session.getAttribute("user") ==null)
                hreq.getRequestDispatcher("../index.jsp").forward(request, response);
            try{  
      
                String user=(String)session.getAttribute("user");  
      
                boolean login=user.equals("admin"); 
      
                if(login)  
                {  
      
                    chain.doFilter(request,response);     
      
                }else{  
      
                    dispatcher.forward(request,response);  
      
                }  
      
            }catch(Exception e){  
      
                dispatcher.forward(request,response);  
      
            }  
              
        }  
      
        public void destroy()
        {
        }  
      
    }

下面是配置文件的内容

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<filter>
<filter-name>quanxian</filter-name>
<filter-class>quanxian.NewClass</filter-class>
</filter>
<filter-mapping>
<filter-name>quanxian</filter-name>
<url-pattern>/cc/*</url-pattern>
</filter-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
</web-app>
首次写这些 很多地方有不足之处,多谢指教。

posted @ 2011-05-04 21:06  Acmen  阅读(480)  评论(1编辑  收藏  举报