项目总结plc_过滤器规则(filter)_忽略过滤的js和css文件

为了保证项目安全,加入了过滤器。开始想的很简单就是为了让用户先登录再进行操作。然而碰到了很多问题。

过滤器配置用的  /*   意思所有页面都过滤; 那么 以前做好的css,js文件都会过滤,这显然是不对的.  开始第一步想法是 把css和js的文件夹加入 filter 初始值

    <init-param>
      <description></description>
      <param-name>nologinfilter</param-name>
      <param-value>login.jsp;LoginServlet;js/;css/;</param-value>
    
</init-param>

后来发现这种 做法不妥;

之后就开始百度. 只想说百度的东西真的很多都是没用的, 资源很多. 但是要找到可用的...... ╮(╯▽╰)╭ 谁用谁知道.


  if(userName!=null&&!uri.endsWith(".js")&&!uri.endsWith(".css")){
    chain.doFilter(request, response);
  }else{
    String url=req.getContextPath()+"/"+"login.jsp";
    resp.sendRedirect(url);
  }


后来使用上面这种做法.很好的解决;endwith这个方法.我也是第一次遇到;嘿嘿;

下面把写好的filter和web.xml插入

package com.csust.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
* Servlet Filter implementation class LoginFilter
*/
public class LoginFilter implements Filter {

private FilterConfig config;

/**
* Default constructor.
*/
public LoginFilter() {
// TODO Auto-generated constructor stub
}

/**
* @see Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
}

/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
String noFilter = config.getInitParameter("nologinfilter");
System.out.println();
System.out.println("得到nofilter配置的初值:"+noFilter);
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
String uri=req.getRequestURI();
System.out.println("得到uri "+uri);
if(noFilter!=null){
String[] pass=noFilter.split(";");
System.out.print("过滤的url: ");
for(int i=0;i<pass.length;i++){
if(pass[i]==null||"".equals(pass[i])) continue;
System.out.print(pass[i]+" ");
if(uri.indexOf(pass[i])!=-1){
chain.doFilter(request, response);
return;
}
}
}
/* if(uri.endsWith(".js")||uri.endsWith(".css")){
chain.doFilter(request, response);
//return;
* &&!uri.endsWith(".js")&&!uri.endsWith(".css")
}
*/

String userName = (String) req.getSession().getAttribute("userName");
System.out.print("userName: "+userName + " req.getContexPath(): "+req.getContextPath());
if(userName!=null&&!uri.endsWith(".js")&&!uri.endsWith(".css")){
chain.doFilter(request, response);
}else{
String url=req.getContextPath()+"/"+"login.jsp";
resp.sendRedirect(url);
}


}

/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
config = fConfig;
}

}

chain.doFilter(request, response);的意思就是跳转到下个页面

下面是web.xml中filter的配置

  <filter>
    <display-name>LoginFilter</display-name>
    <filter-name>LoginFilter</filter-name>
    <filter-class>com.csust.filter.LoginFilter</filter-class>
    <init-param>
      <description></description>
      <param-name>nologinfilter</param-name>
      <param-value>login.jsp;LoginServlet;</param-value>
    </init-param>
  </filter>
  <filter-mapping>
    <filter-name>LoginFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

 

 

 

 

 

 

 

 

 

 

 



 

posted @ 2015-06-08 10:21  牛肉饺子  阅读(1110)  评论(0编辑  收藏  举报