URL access restrictions are completed through filter filter

1. New Filter Class:

Package com.xiami.manager.filter;

Import java.io.IOException; Import Javax.servlet.Filter; Import Javax.servlet.FilterChain; Import Javax.servlet.FilterConfig; Import javax.servlet.ServletException; Import Javax.servlet.ServletRequest; Import Javax.servlet.ServletResponse; Import Javax.servlet.http.HttpServletRequest; Import Javax.servlet.http.HttpServletResponse; Import javax.servlet.http.HttpSession;

public class AuthFilter implements Filter {public void init (Filterconfig filterconfig) throws Servletexception {} public void Destroy () {}

 public void Dofilter (ServletRequest servletrequest,    servletresponse ServletResponse,     filterchain filterchain)    throws IOException, servletexception {   System.out.println ("This URL is filtering ...) "); The first parameter of the   /**    * 1,dofilter is the ServletRequest object. This object provides the filter with full access to incoming information, including    * form data, cookies, and HTTP request headers. The second parameter is Servletresponse, which is usually omitted in a simple over    * filter. The last parameter is Filterchain, which is used to invoke a servlet or JSP page.    *   httpservletrequest request = (httpservletrequest) servletrequest;   /**    * If HTTP requests are processed and you need access to methods such as GetHeader or getcookies that are not available in ServletRequest    *, It is necessary to construct this request object into HttpServletRequest    * *   httpservletresponse response = (httpservletresponse) Servletresponse;      string Currenturl = Request.getrequesturi (); Gets the absolute path of the root directory:   string targeturl = currenturl.substring (Currenturl.indexof ("/", 1),  &nbsP;  currenturl.length ()); Intercepts to the current filename for comparison      httpsession session = Request.getsession (false);   if (!) /login.jsp ". Equals (TargetUrl)) {   if (!) /userlogin.action ". Equals (TargetUrl)) {//Do not filter login action     //to determine whether the current page is a redirected login Page page, If it is not a session of the judge, to prevent the death loop     if (session = NULL | | Session.getattribute ("competence") = = null) {& nbsp;    //* User must manually add session      system.out.println after login (" Request.getcontextpath () = "       + Request.getcontextpath ());      response.sendredirect (Request.getcontextpath () + "/login.jsp");      //Redirect to login.jsp page if the session is null to indicate that the user is not logged in      return;    &NBSP}    }          //add filter chain continue down    filterchain.dofilter (request, response);   /**   * Invokes the Dofilter method of the Filterchain object. The Dofilter method of the filter interface takes a Filterchain object as a parameter of its    *. Activates the next associated filter when calling the Dofilter method of this object. If no other    * A filter is associated with a servlet or JSP page, the servlet or JSP page is activated.    *  }

2. Configure in Web.xml:

<filter>
  		<filter-name>AuthFilter</filter-name>
  		<filter-class> com.xiami.manager.filter.authfilter</filter-class>
  </filter>
  <filter-mapping>
  		<filter-name>AuthFilter</filter-name>
  		<url-pattern>*.jsp</url-pattern>
  </ filter-mapping>
  <filter-mapping>
  		<filter-name>AuthFilter</filter-name>
  		< url-pattern>*.html</url-pattern>
  </filter-mapping>
  <filter-mapping>
  		< filter-name>authfilter</filter-name>
  		<url-pattern>*.htm</url-pattern>
  </ filter-mapping>
  <filter-mapping>
  		<filter-name>AuthFilter</filter-name>
  		<url-pattern>*.action</url-pattern>
  </filter-mapping>

3. When login is successful, the user data is written to the session in the action.

Servletactioncontext.getrequest (). GetSession (). setattribute ("competence", "s");

4. When exiting the account, in the action bar session to NULL

Servletactioncontext.getrequest (). GetSession (). setattribute ("competence", null);

Note:

Follow the above method to solve the problem of URL permissions.