JAVA用过滤器验证登陆框架，简单实例

Java代码

1. public class SignOnFilter implements Filter{  
2.      FilterConfig fc;  
3.     public void destroy() {  
4.         // TODO Auto-generated method stub  
5.      }  
6.     public void doFilter(ServletRequest request, ServletResponse response,  
7.              FilterChain chain) throws IOException, ServletException {  
8.         // TODO Auto-generated method stub  
9.          HttpServletRequest hreq=(HttpServletRequest) request;  
10.          HttpServletResponse hres=(HttpServletResponse) response;  
11.          HttpSession session = hreq.getSession();  
12.         if(session!=null&&session.getAttribute("user")!=null)chain.doFilter(request, response);  
13.         else if(hreq.getRequestURI().equals(hreq.getContextPath()+"/login.jsp")){  
14.             if(valid(hreq,hres)) hres.sendRedirect(hreq.getContextPath()+"/index.jsp");  
15.             else chain.doFilter(request, response);  
16.          }  
17.         else hres.sendRedirect(hreq.getContextPath()+"/login.jsp");  
18.      }  
19.     public Boolean valid(HttpServletRequest hreq, ServletResponse hres){  
20.          String uName=hreq.getParameter("uName");  
21.          String uPassword=hreq.getParameter("uPasswd");  
22.         if(uName!=null&&uName.equals("admin")&&uPassword!=null&&uPassword.equals("admin")){  
23.              HttpSession session=hreq.getSession();  
24.              session.setAttribute("user", "admin");  
25.             return true;  
26.          }else return false;  
27.           
28.      }  
29.   
30.     public void init(FilterConfig fc) throws ServletException {  
31.         // TODO Auto-generated method stub  
32.         this.fc=fc;  
33.      }  
34.       
35.   
36. }  

public class SignOnFilter implements Filter{  FilterConfig fc;  public void destroy() {   // TODO Auto-generated method stub  }  public void doFilter(ServletRequest request, ServletResponse response,    FilterChain chain) throws IOException, ServletException {   // TODO Auto-generated method stub   HttpServletRequest hreq=(HttpServletRequest) request;   HttpServletResponse hres=(HttpServletResponse) response;   HttpSession session = hreq.getSession();   if(session!=null&&session.getAttribute("user")!=null)chain.doFilter(request, response);   else if(hreq.getRequestURI().equals(hreq.getContextPath()+"/login.jsp")){    if(valid(hreq,hres)) hres.sendRedirect(hreq.getContextPath()+"/index.jsp");    else chain.doFilter(request, response);   }   else hres.sendRedirect(hreq.getContextPath()+"/login.jsp");  }  public Boolean valid(HttpServletRequest hreq, ServletResponse hres){   String uName=hreq.getParameter("uName");   String uPassword=hreq.getParameter("uPasswd");   if(uName!=null&&uName.equals("admin")&&uPassword!=null&&uPassword.equals("admin")){    HttpSession session=hreq.getSession();    session.setAttribute("user", "admin");    return true;   }else return false;     }   public void init(FilterConfig fc) throws ServletException {   // TODO Auto-generated method stub   this.fc=fc;  }    }

 

Java代码

1. <?xml version="1.0" encoding="UTF-8"?>  
2. <web-app xmlns:xsi="http://www./2001/XMLSchema-instance" xmlns="http://java./xml/ns/javaee" xmlns:web="http://java./xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java./xml/ns/javaee http://java./xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">  
3.    <display-name>filter</display-name>  
4.    <filter>  
5.      <filter-name>signOnFilter</filter-name>  
6.      <filter-class>lib.SignOnFilter   
7.          </filter-class>  
8.    </filter>  
9.    <filter-mapping>  
10.      <filter-name>signOnFilter</filter-name>  
11.      <url-pattern>/*</url-pattern>  
12.    </filter-mapping>  
13.    <welcome-file-list>  
14.      <welcome-file>index.html</welcome-file>  
15.      <welcome-file>index.htm</welcome-file>  
16.      <welcome-file>index.jsp</welcome-file>  
17.      <welcome-file>default.html</welcome-file>  
18.      <welcome-file>default.htm</welcome-file>  
19.      <welcome-file>default.jsp</welcome-file>  
20.    </welcome-file-list>  
21. </web-app>  

<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www./2001/XMLSchema-instance" xmlns="http://java./xml/ns/javaee" xmlns:web="http://java./xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java./xml/ns/javaee http://java./xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">   <display-name>filter</display-name>   <filter>     <filter-name>signOnFilter</filter-name>     <filter-class>lib.SignOnFilter    </filter-class>   </filter>   <filter-mapping>     <filter-name>signOnFilter</filter-name>     <url-pattern>/*</url-pattern>   </filter-mapping>   <welcome-file-list>     <welcome-file>index.html</welcome-file>     <welcome-file>index.htm</welcome-file>     <welcome-file>index.jsp</welcome-file>     <welcome-file>default.html</welcome-file>     <welcome-file>default.htm</welcome-file>     <welcome-file>default.jsp</welcome-file>   </welcome-file-list> </web-app>

用户只要更改valid函数，就能对用户名和密码进行验证。比如到数据库中取用户数据核对等等。

以这个登录验证类为例，我们可以书写其他过滤器来对表单输入做更加多的判断，增添更多的流程。如实现权限控制等等。

过滤器在web中设置，filterMapping键可以控制你的过滤器作用到那些uri。

由于过滤器有能力访问HttpServletRequest，HttpServletResponse, 因此有了他，你可以对用户的操作response.sendRedirect或者
hreq.getRequestDispatcher(url).forward(request, respoonse)，以此来达到改变用户操作的目的。

当然你也可以在request中加入新的属性，以便被链上的jsp使用。

要注意的是每个过滤器在Web Server中只加载一次，所以不要在他的属性里面存储request，或
session域的东西。

整个源代码8.6k，用eclipse导入，就可以运行了。
这个实例的功能就是当访问网站的任何页面时(除login.jsp本身)，如果用户没有登陆，就转登陆页面