Filter
session超时&超过试用期禁用
新建一个过滤器
过滤器拦截所有请求,所以要在xml中配置拦截器作用某些url。
Filter拦截所有请求,interceptor只拦截action请求。
package com.autumn.filter; import com.autumn.pojo.Users; import javax.servlet.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.Calendar; import java.util.Date; /** * 是否登录判断 */ public class CheckLoginFilter implements Filter { private String USER =""; private String ROOTPATH; @Override public void init(FilterConfig filterConfig) throws ServletException { this.USER = filterConfig.getInitParameter("user").trim(); this.ROOTPATH = filterConfig.getInitParameter("rootPath"); } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException { Object userid = null; HttpServletResponse res=(HttpServletResponse)response; HttpServletRequest req=(HttpServletRequest)request; Users users = (Users)req.getSession().getAttribute(USER); if (users!=null){ userid =users.getId(); } System.out.println("req.getRequestURI():"+req.getRequestURI()); if(isShakedown(3018,3,16)) { System.out.println("系统试用期已到,请联系商务!"); res.sendRedirect(ROOTPATH+"?rtnCode=200"); }else if(req.getRequestURI().contains("/loginController/login")){ //当是登录请求时,继续往下执行 filterChain.doFilter(req, res); }else if(userid==null||userid.toString().trim().isEmpty()) //当没有session时,即未登录,跳到登录页 { //System.out.println("CheckLoginFilter userid:"+userid); System.out.println("CheckLoginFilter userId is null"); res.sendRedirect(ROOTPATH); }else{ //继续往下执行 //System.out.println("CheckLoginFilter chain.doFilter"); filterChain.doFilter(req, res); } } @Override public void destroy() { if(this.USER !=null&&this.USER.trim().isEmpty()) { this.USER =""; } if(this.ROOTPATH!=null&&this.ROOTPATH.trim().isEmpty()) { this.ROOTPATH=""; } } //试用期判断 public static boolean isShakedown(int year,int month,int day) { Date date = new Date(); SimpleDateFormat sf = new SimpleDateFormat("yyyy-MM-dd"); Calendar cal = Calendar.getInstance();// 获取一个Claender实例 cal.set(year, month-1, day); Date endDate; try { endDate = sf.parse(sf.format(cal.getTime())); if (date.getTime() > endDate.getTime()) { return true; } } catch (ParseException e) { // TODO Auto-generated catch block e.printStackTrace(); return true; } return false; } }
web.xml中加入过滤器配置
<filter> <filter-name>loginFilter</filter-name> <filter-class> com.autumn.filter.CheckLoginFilter </filter-class> <init-param> <param-name>excludedPages</param-name> <param-value>/login.jsp</param-value><!-- 登陆页不做拦截的请求声明,filter中登录的接口也被排除--> </init-param> <init-param> <param-name>user</param-name> <!--配置的session参数--> <param-value>user</param-value> </init-param> <init-param> <param-name>rootPath</param-name> <!-- 配置的登录页 --> <param-value>/Bookkeeping/login.jsp</param-value> </init-param> </filter> <filter-mapping> <!--拦截映射一 --> <filter-name>loginFilter</filter-name> <url-pattern>/manager/*</url-pattern> <!--拦截后台的请求接口--> </filter-mapping> <filter-mapping><!--拦截映射二 --> <filter-name>loginFilter</filter-name> <url-pattern>/jsp/*</url-pattern> <!--拦截直接访问前端页面--> </filter-mapping>
Interceptor
java代码
package com.gmtx.system.intercepts; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import com.gmtx.platform.model.Userinfo; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; public class MyInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object arg2) throws Exception { String uri = request.getRequestURI(); HttpSession session = request.getSession(); Userinfo sessionUserinfo = (Userinfo)session.getAttribute("CURR_USER"); /*不拦截静态资源spring mvc4.3以上可以用<mvc:exclude-mapping path=""/>代替*/ if (uri.endsWith(".js")||uri.endsWith(".css")||uri.endsWith(".css")||uri.indexOf(".")>0){ //System.out.println("不拦截资源文件"+uri); return true; } //System.out.println("拦截访问"+uri); //如果是登录页,不拦截 if (uri.indexOf("login")>0){ return true; } //如果已经登录,不拦截 if(sessionUserinfo!=null){ return true; }else { //如果未登录,跳转到登陆页 response.sendRedirect(request.getContextPath()+"/login.jsp"); return false; } } @Override public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3) throws Exception { } @Override public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3) throws Exception { } }
spring-web.xml
<mvc:interceptors> <mvc:interceptor> <mvc:mapping path="/*/**"/> <!-- /*只拦截根目录,/*/**拦截project/url --> <!--spring-mvc-4.3才能用以下标签 <mvc:exclude-mapping path="/**/fonts/*"/> <mvc:exclude-mapping path="/**/*.css"/> <mvc:exclude-mapping path="/**/*.js"/> <mvc:exclude-mapping path="/**/*.png"/> <mvc:exclude-mapping path="/**/*.gif"/> <mvc:exclude-mapping path="/**/*.jpg"/> <mvc:exclude-mapping path="/**/*.jpeg"/> <mvc:exclude-mapping path="/**/*login*"/> <mvc:exclude-mapping path="/**/*Login*"/>--> <bean class="com.gmtx.system.intercepts.MyInterceptor"/> </mvc:interceptor> </mvc:interceptors>