public class Basicloginfilter implements Filter {
@Override
public void Dofilter (ServletRequest arg0, Servletresponse arg1,
Filterchain Filterchain) throws IOException, Servletexception {
HttpServletRequest request = (httpservletrequest) arg0;
HttpServletResponse response = (httpservletresponse) arg1;
HttpSession session = Request.getsession ();
String eadloginuserid= (String) session.getattribute ("Acl_login_userid");
if (eadloginuserid!=null) {
Filterchain.dofilter (request, response);
}
if (Eadloginuserid = = null) {
try {
Response.setcontenttype ("Text/html;charset=utf-8");
PrintWriter ut = Response.getwriter ();
String authorization = Request.getheader ("Authorization");
if (authorization = NULL | | authorization.equals ("")) {
Response.setstatus (401);
Response.setheader ("Www-authenticate", "Basic realm=\", please enter the administrator password \ "");
Response.getwriter (). Print ("Sorry you do not have permission.") ");
Response.getwriter (). Close ();
Return
}
String userandpass = new String (new Base64decoder (). Decodebuffer (Authorization.split ("") [1]));
if (Userandpass.split (":"). Length < 2) {
Response.setstatus (401);
Response.setheader ("Www-authenticate", "Basic realm=\", please enter the administrator password \ "");
Response.getwriter (). Print ("Sorry you do not have permission.") ");
Response.getwriter (). Close ();
Return
}
String users=springproperty.get ("/system.properties", "users");
String[] Permitusersarray=users.split (",");
if (Arrayutils.contains (Permitusersarray, Userandpass)) {
String loguserid=userandpass.split (":") [0];
Session.setattribute ("Acl_login_userid", Loguserid);
Filterchain.dofilter (request, response);
} else {
Response.setstatus (401);
Response.setheader ("Www-authenticate", "Basic realm=\", please enter the administrator password \ "");
Response.getwriter (). Print ("Sorry you do not have permission.") ");
Response.getwriter (). Close ();
Return
}
catch (Exception ex) {
Response.setstatus (401);
Response.setheader ("Www-authenticate", "Basic realm=\", please enter the administrator password \ "");
Response.getwriter (). Print ("Sorry you do not have permission.") ");
Response.getwriter (). Close ();
Return
}
}
}
}
Web.xml configuration:
<filter>
<filter-name>authFilter</filter-name>
<filter-class>com ..... Basicloginfilter</filter-class>
</filter>
<filter-mapping>
<filter-name>authFilter</filter-name>
<url-pattern>/webapp/index.do</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>