暑期项目经验(八)--过滤器和拦截器

　　　　　　　　　　　　　过滤器和拦截器

一、基础知识

http://www.cnblogs.com/wangyuyu/archive/2013/07/02/3167354.html       该博客讲得比较好。

二、过滤器实例  （实现，不是管理员登录，后台地址不可访问）

1.编写登录过滤器LoginFilter.java

package cn.edu.cqu.cqzy.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import cn.edu.cqu.cqzy.entity.User;

public class LoginFilter extends HttpServlet implements Filter{
    private static final long serialVersionUID = 136364L;

    public void doFilter(ServletRequest req, ServletResponse resp,
            FilterChain chain) throws IOException, ServletException {
             HttpServletRequest request = (HttpServletRequest) req;  
             HttpServletResponse response = (HttpServletResponse) resp;
             HttpSession session = request.getSession(true);
             User user = (User) session.getAttribute("loginUser");
             if(user==null||user.getAuthority()!=4){
                 String location = "/jsp/invade.jsp";
                 request.getRequestDispatcher(location).forward(request, response);
                   response.setHeader("Cache-Control", "no-store");  
                response.setDateHeader("Expires", 0);  
                response.setHeader("Pragma", "no-cache");  
         }else{
                chain.doFilter(request, response);
         }
        
    }

    public void init(FilterConfig arg0) throws ServletException {
        
    }

}

2.在web.xml配置该过滤器

<filter>
        <filter-name>accessFilter</filter-name>
        <filter-class>cn.edu.cqu.cqzy.filter.LoginFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>accessFilter</filter-name>
        <url-pattern>/adminJsp/*</url-pattern>
    </filter-mapping>

tips:该配置要放到struts拦截器前面,将所有后台界面放入adminJsp文件夹，即可实现过滤。

执行顺序 ： 先过滤－－》拦截－－》执行Action－－》拦截后 －－》过滤后

三、拦截器实例 (实现在不同界面登录后，返回原界面；思想：登录前，记录下登录前的请求地址及参数，登录后，转发回去)

1.编写登录拦截器  LoginInterceptor.java

package cn.edu.cqu.cqzy.interceptor;

import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.apache.struts2.ServletActionContext;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.Interceptor;

public class LoginIntercepter implements Interceptor{

    /**
     * 
     */
    private static final long serialVersionUID = 1346436L;

    public void destroy() {
        // TODO Auto-generated method stub
        
    }

    public void init() {
        // TODO Auto-generated method stub
        
    }

    public String intercept(ActionInvocation invocation) throws Exception {
        ActionContext context = invocation.getInvocationContext();
        // 获取session
        Map<String, Object> session = context.getSession();
        Object user = session.get("loginUser");
        // 用户还未登陆
        if (user == null) {
            // 获取HttpServletRequest对象
            HttpServletRequest req = ServletActionContext.getRequest();
            // 获取此请求的地址，请求地址包含application name，进行subString操作，去除application name
            String path = req.getRequestURI().substring(14);
            // 获得请求中的参数
            String queryString = req.getQueryString();
            // 预防空指针
            if (queryString == null) {
                queryString = "";
            }
            // 拼凑得到登陆之前的地址
            String realPath = path + "?" + queryString;
            // 存入session，方便调用
            session.put("prePage", realPath);
            return invocation.invoke();
        }
        // 用户已经登陆，放行
        return invocation.invoke();
    }
    
}

 2.在struts.xml中配置拦截器

2.1 定义拦截栈

<interceptors>
            <interceptor name="loginInterceptor" class="cn.edu.cqu.cqzy.interceptor.LoginIntercepter"/>
            <interceptor-stack name="JumpTo">
                <interceptor-ref name="loginInterceptor"/>
                <interceptor-ref name="defaultStack"/>
            </interceptor-stack>
        </interceptors>

 2.2 在需要action中，加入拦截栈名   eg:

<action name="list" class="cn.edu.cqu.cqzy.action.ListCategoryAction">
            <param name="p.pageSize">10</param>
            <result>/jsp/yxk.jsp</result>
            <result name="fail" type="redirect">/jsp/error.jsp</result>
            <interceptor-ref name="JumpTo"/>
        </action>

......

<action name="listSongByCId" class="cn.edu.cqu.cqzy.action.ListSongsByCategoryId">
            <param name="p.pageSize">38</param>
            <result >/jsp/yxk3.jsp</result>
            <result name="fail" type="redirect">/jsp/error.jsp</result>
            <interceptor-ref name="JumpTo"/>
        </action>

3 在登录控制程序中，加入相应代码  LoginAction.java

......

//获取跳转到登陆界面之前的页面地址，由拦截器提供
                prePage = (String) session.getAttribute("prePage");
 try {
                    //重定向到原界面                
　　　　　　　　　　　　ServletActionContext.getResponse().sendRedirect(prePage);
                    return null;
                } catch (IOException e) {
                    e.printStackTrace();
                }