package org.my431.platform.filter; import java.io.IOException; import java.util.Enumeration; import java.util.LinkedHashMap; import java.util.List; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import net.xdevelop.ip.IPLocalizer; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.my431.base.model.BaseUrl; import org.my431.base.model.RedisUser; import org.my431.base.services.BaseUrlManager; import org.my431.base.services.CacheBasePropertiesManager; import org.my431.center.model.SdCenter; import org.my431.center.model.SdCenterComponent; import org.my431.center.model.SdCenterUserRole; import org.my431.center.services.CacheSdCenterComponentManager; import org.my431.center.services.CacheSdCenterTreeManager; import org.my431.plugin.redis.services.RedisManager; import org.my431.taglib.My431Function; import org.my431.util.HTTPXMLUtil; public class ManagerSessionCheckerFilter implements Filter { private Log log = LogFactory.getLog(ManagerSessionCheckerFilter.class); protected FilterConfig filterConfig = null; public void destroy() { this.filterConfig = null; } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpSession theSession = ((HttpServletRequest) request).getSession(true); HttpServletResponse theResponse=((HttpServletResponse) response); HttpServletRequest theRequest=((HttpServletRequest) request); String servletPath = theRequest.getServletPath(); Enumeration enumeration =theRequest.getParameterNames(); String value=""; String rUrl=""; int i=0; while(enumeration.hasMoreElements()){ String n=enumeration.nextElement().toString(); String v=theRequest.getParameter(n); // org.apache.log4j.Logger.getRootLogger().debug(n+":"+v); if(i==0){ value=value+n+"="+v; }else{ value=value+"&"+n+"="+v; } if(n.equals("rUrl")){ rUrl=v; } i++; } String serverName=request.getServerName()+":"+request.getServerPort(); //兼容前后台域名 String resourceUrl=CacheBasePropertiesManager.getValueByPropertyKey("resourceUrl"); StringBuffer sb=new StringBuffer(); String[] urls=resourceUrl.split("/"); int j=0; for(String ur:urls){ if(j==2){ sb.append(serverName); sb.append("/"); }else{ sb.append(ur); if((j+1)!=urls.length){ sb.append("/"); } } j=j+1; } resourceUrl=sb.toString(); String baseLoginUrl=CacheBasePropertiesManager.getValueByPropertyKey("baseLoginUrl"); sb=new StringBuffer(); urls=baseLoginUrl.split("/"); j=0; for(String ur:urls){ if(j==2){ sb.append(serverName); sb.append("/"); }else{ sb.append(ur); if((j+1)!=urls.length){ sb.append("/"); } } j=j+1; } baseLoginUrl=sb.toString(); String path=resourceUrl+servletPath+"?"+value; String key=request.getParameter("key"); String sessionKey=request.getParameter("sessionKey"); if(rUrl==null||rUrl.equals("")){ rUrl=path; } if (theSession.getAttribute("wsLoginName") == null) { // sesson过期 if(key!=null){ try { RedisManager redisManager=(RedisManager)org.my431.platform.utils.ContextUtils.getBean("redisManager"); Object userXml=redisManager.getValue("global.base.BaseUser.tempkey.loginName."+key); if(userXml!=null){ HTTPXMLUtil util=new HTTPXMLUtil(userXml.toString(),"xml"); String roleCode=util.getElement("user").getAttribute("defaultRoleCode").getValue(); String userId=util.getElement("user").getAttribute("id").getValue(); theSession.setAttribute("wsLoginName", util.getElement("user").getAttribute("loginName").getValue()); theSession.setAttribute("wsRealname", util.getElement("user").getAttribute("realName").getValue()); theSession.setAttribute("wsNickname", util.getElement("user").getAttribute("nickname").getValue()); theSession.setAttribute("wsUserId", userId); theSession.setAttribute("wsDefaultRoleCode",roleCode); theSession.setAttribute("schoolId", util.getElement("user").getAttribute("schoolId").getValue()); java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat( "yyyy-MM-dd HH:mm:ss"); String time = sdf.format(System.currentTimeMillis()); String[] address = IPLocalizer.search(request.getRemoteAddr()); redisManager.removeValue("global.base.BaseUser.tempkey.loginName."+key); }else{ // if(theRequest.getParameter("isSessionPass")!=null&&request.getParameter("isSessionPass").equals("1")){ // chain.doFilter(request, response); // return; // }else{ String paths=theRequest.getServletPath(); theResponse.sendRedirect(baseLoginUrl+"/nsLoginServlet?url="+java.net.URLEncoder.encode(rUrl, "utf-8")+"&paths="+java.net.URLEncoder.encode(paths, "utf-8")); return; // } } } catch (Exception e) { e.printStackTrace(); } }else{ if(sessionKey!=null){ if(RedisManager.objectHasKey(sessionKey)){ RedisManager.removeOValue(sessionKey); chain.doFilter(request, response); return; }else{ String paths=theRequest.getServletPath(); theResponse.sendRedirect(baseLoginUrl+"/nsLoginServlet?url="+java.net.URLEncoder.encode(rUrl, "utf-8")+"&paths="+java.net.URLEncoder.encode(paths, "utf-8")); return; } }else{ String paths=theRequest.getServletPath(); //这里加一个判断 String ext=""; if(paths.indexOf(".")!=-1){ ext=paths.substring(paths.lastIndexOf("."), paths.length()); } if(ext.equals(".jspx")||ext.equals(".jsp")){ BaseUrl url=BaseUrlManager.getObjByUrl(paths); if(url!=null&&url.getIsSession()!=null&&url.getIsSession()==0){ chain.doFilter(request, response); return; }else{ theResponse.sendRedirect(baseLoginUrl+"/nsLoginServlet?url="+java.net.URLEncoder.encode(rUrl, "utf-8")+"&paths="+java.net.URLEncoder.encode(paths, "utf-8")); return; } }else{ theResponse.sendRedirect(baseLoginUrl+"/nsLoginServlet?url="+java.net.URLEncoder.encode(rUrl, "utf-8")+"&paths="+java.net.URLEncoder.encode(paths, "utf-8")); return; } } } } String isAuthenticatedUrl=My431Function.getValueByCode("isAuthenticatedUrl"); String paths=theRequest.getServletPath(); BaseUrl url=BaseUrlManager.getObjByUrl(paths); if(isAuthenticatedUrl!=null&&isAuthenticatedUrl.equals("1")){ String wsDefaultRoleCode=theSession.getAttribute("wsDefaultRoleCode").toString(); if(wsDefaultRoleCode!=null){ String ext=""; if(paths.indexOf(".")!=-1){ ext=paths.substring(paths.lastIndexOf("."), paths.length()); } if(ext.equals(".jspx")||ext.equals(".jsp")){ if(url==null){ org.apache.log4j.Logger.getRootLogger().debug("没有url:"+paths); theResponse.sendRedirect(resourceUrl+"/url_error.jsp"); return; }else{ if(url.getIsSession()!=null&&url.getIsSession().equals(0)){ chain.doFilter(request, response); return; }else{ boolean ispass=true; if(!My431Function.isPass(wsDefaultRoleCode, url)){ ispass=false; org.apache.log4j.Logger.getRootLogger().debug("该角色无访问url:"+paths+"权限"); } if(ispass){ if(url.getUrlDesc()!=null&&url.getUrlDesc().equals("1")){ RedisUser ru=RedisManager.getRedisUser(theSession.getAttribute("wsUserId").toString()); org.apache.log4j.Logger.getRootLogger().debug("必须报名后访问:"+paths); if(!ru.getBaseUser().getIsIni().equals("1")){ // String root =baseLoginUrl; // String bmUrl=root+"/application_activity.jsp"; // theResponse.sendRedirect(bmUrl); theResponse.sendRedirect(resourceUrl+"/url_baoming.jsp"); return; }else{ chain.doFilter(request, response); return; } }else{ chain.doFilter(request, response); return; } }else{ theResponse.sendRedirect(resourceUrl+"/url_error.jsp"); return; } } } }else{ if(url!=null&&url.getUrlDesc()!=null&&url.getUrlDesc().equals("1")){ RedisUser ru=RedisManager.getRedisUser(theSession.getAttribute("wsUserId").toString()); org.apache.log4j.Logger.getRootLogger().debug("必须报名后访问:"+paths); if(!ru.getBaseUser().getIsIni().equals("1")){ // String root =baseLoginUrl; // String bmUrl=root+"/application_activity.jsp"; // theResponse.sendRedirect(bmUrl); theResponse.sendRedirect(resourceUrl+"/url_baoming.jsp"); return; }else{ chain.doFilter(request, response); return; } }else{ chain.doFilter(request, response); return; } } }else{ theResponse.sendRedirect(resourceUrl+"/url_error.jsp"); return; } }else{ if(url!=null&&url.getUrlDesc()!=null&&url.getUrlDesc().equals("1")){ RedisUser ru=RedisManager.getRedisUser(theSession.getAttribute("wsUserId").toString()); org.apache.log4j.Logger.getRootLogger().debug("必须报名后访问:"+paths); if(!ru.getBaseUser().getIsIni().equals("1")){ // String root =baseLoginUrl; // String bmUrl=root+"/application_activity.jsp"; // theResponse.sendRedirect(bmUrl); theResponse.sendRedirect(resourceUrl+"/url_baoming.jsp"); return; }else{ chain.doFilter(request, response); return; } }else{ chain.doFilter(request, response); return; } } } public void init(FilterConfig filterConfig) throws ServletException { this.filterConfig = filterConfig; } public FilterConfig getFilterConfig() { return filterConfig; } public void setFilterConfig(FilterConfig filterConfig) { this.filterConfig = filterConfig; } } |
|
来自: 走墨 > 《过滤器,以及单点登录》