用过滤器验证登陆框架，简单实例

http://www.javaeye.com/topic/375871
Java代码

1. public class SignOnFilter implements Filter{  
2.      FilterConfig fc;  
3.     public void destroy() {  
4.         // TODO Auto-generated method stub  
5.      }  
6.     public void doFilter(ServletRequest request, ServletResponse response,  
7.              FilterChain chain) throws IOException, ServletException {  
8.         // TODO Auto-generated method stub  
9.          HttpServletRequest hreq=(HttpServletRequest) request;  
10.          HttpServletResponse hres=(HttpServletResponse) response;  
11.          HttpSession session = hreq.getSession();  
12.         if(session!=null&&session.getAttribute("user")!=null)chain.doFilter(request, response);  
13.         else if(hreq.getRequestURI().equals(hreq.getContextPath()+"/login.jsp")){  
14.             if(valid(hreq,hres)) hres.sendRedirect(hreq.getContextPath()+"/index.jsp");  
15.             else chain.doFilter(request, response);  
16.          }  
17.         else hres.sendRedirect(hreq.getContextPath()+"/login.jsp");  
18.      }  
19.     public Boolean valid(HttpServletRequest hreq, ServletResponse hres){  
20.          String uName=hreq.getParameter("uName");  
21.          String uPassword=hreq.getParameter("uPasswd");  
22.         if(uName!=null&&uName.equals("admin")&&uPassword!=null&&uPassword.equals("admin")){  
23.              HttpSession session=hreq.getSession();  
24.              session.setAttribute("user", "admin");  
25.             return true;  
26.          }else return false;  
27.           
28.      }  
29.   
30.     public void init(FilterConfig fc) throws ServletException {  
31.         // TODO Auto-generated method stub  
32.         this.fc=fc;  
33.      }  
34.       
35.   
36. }  

public class SignOnFilter implements Filter{ FilterConfig fc; public void destroy() { // TODO Auto-generated method stub } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { // TODO Auto-generated method stub HttpServletRequest hreq=(HttpServletRequest) request; HttpServletResponse hres=(HttpServletResponse) response; HttpSession session = hreq.getSession(); if(session!=null&&session.getAttribute("user")!=null)chain.doFilter(request, response); else if(hreq.getRequestURI().equals(hreq.getContextPath()+"/login.jsp")){ if(valid(hreq,hres)) hres.sendRedirect(hreq.getContextPath()+"/index.jsp"); else chain.doFilter(request, response); } else hres.sendRedirect(hreq.getContextPath()+"/login.jsp"); } public Boolean valid(HttpServletRequest hreq, ServletResponse hres){ String uName=hreq.getParameter("uName"); String uPassword=hreq.getParameter("uPasswd"); if(uName!=null&&uName.equals("admin")&&uPassword!=null&&uPassword.equals("admin")){ HttpSession session=hreq.getSession(); session.setAttribute("user", "admin"); return true; }else return false; } public void init(FilterConfig fc) throws ServletException { // TODO Auto-generated method stub this.fc=fc; } }

Java代码

1. <?xml version="1.0" encoding="UTF-8"?>  
2. <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">  
3.    <display-name>filter</display-name>  
4.    <filter>  
5.      <filter-name>signOnFilter</filter-name>  
6.      <filter-class>lib.SignOnFilter   
7.          </filter-class>  
8.    </filter>  
9.    <filter-mapping>  
10.      <filter-name>signOnFilter</filter-name>  
11.      <url-pattern>/*</url-pattern>  
12.    </filter-mapping>  
13.    <welcome-file-list>  
14.      <welcome-file>index.html</welcome-file>  
15.      <welcome-file>index.htm</welcome-file>  
16.      <welcome-file>index.jsp</welcome-file>  
17.      <welcome-file>default.html</welcome-file>  
18.      <welcome-file>default.htm</welcome-file>  
19.      <welcome-file>default.jsp</welcome-file>  
20.    </welcome-file-list>  
21. </web-app>  

<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5"> <display-name>filter</display-name> <filter> <filter-name>signOnFilter</filter-name> <filter-class>lib.SignOnFilter </filter-class> </filter> <filter-mapping> <filter-name>signOnFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <welcome-file-list> <welcome-file>index.html</welcome-file> <welcome-file>index.htm</welcome-file> <welcome-file>index.jsp</welcome-file> <welcome-file>default.html</welcome-file> <welcome-file>default.htm</welcome-file> <welcome-file>default.jsp</welcome-file> </welcome-file-list> </web-app>

用户只要更改valid函数，就能对用户名和密码进行验证。比如到数据库中取用户数据核对等等。

以这个登录验证类为例，我们可以书写其他过滤器来对表单输入做更加多的判断，增添更多的流程。如实现权限控制等等。

过滤器在web中设置，filterMapping键可以控制你的过滤器作用到那些uri。

由于过滤器有能力访问HttpServletRequest，HttpServletResponse, 因此有了他，你可以对用户的操作response.sendRedirect或者
hreq.getRequestDispatcher(url).forward(request, respoonse)，以此来达到改变用户操作的目的。

当然你也可以在request中加入新的属性，以便被链上的jsp使用。

要注意的是每个过滤器在Web Server中只加载一次，所以不要在他的属性里面存储request，或
session域的东西。

整个源代码8.6k，用eclipse导入，就可以运行了。
这个实例的功能就是当访问网站的任何页面时(除login.jsp本身)，如果用户没有登陆，就转登陆页面

源代码下载