我已经访问了JavaFilterImplementation进行会话检查链接,该链接介绍了有关Spring安全性的信息。我没有得到我需要的帮助。
应用过滤器后,login.jsp无法加载CSS和图像。
我正在尝试一个简单的示例,该示例在web.xml中提供过滤器,并将该过滤器应用于login.jsp以外的页面。Web.xml文件是:
<filter> <filter-name>struts2</filter-name> <filter-class> org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter </filter-class> </filter> <filter-mapping> <filter-name>struts2</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter> <filter-name>AuthenticationFilter2</filter-name> <filter-class>filter.AuthorizationFilter2</filter-class> <init-param> <param-name>avoid-urls</param-name> <param-value>login.jsp</param-value> </init-param>` <filter>
过滤器类是:
private ArrayList<String> urlList; public void destroy() { // TODO Auto-generated method stub System.out.println("authorization filter2 destroy method...."); } public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { System.out.println("authorization filter2 doFilter method...."); HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) res; String url = request.getServletPath(); System.out.println("ppp:"+request.getRequestURL()); System.out.println("url is :"+url); boolean allowedRequest = false; System.out.println("url list is :"+urlList); if(urlList.contains(url.substring(1))) { allowedRequest = true; } System.out.println("request allowed....."+allowedRequest); if (!allowedRequest) { Map session = ActionContext.getContext().getSession(); /*HttpSession session = request.getSession(false);*/ /* if (null == session) { response.sendRedirect("login.jsp"); }*/ System.out.println("session contains login :"+session.containsKey("login")); if(!session.containsKey("login")){ response.sendRedirect("login.jsp"); } } chain.doFilter(req, res); } public void init(FilterConfig config) throws ServletException { System.out.println("authorization filter2 init method...."); String urls = config.getInitParameter("avoid-urls"); StringTokenizer token = new StringTokenizer(urls, ","); urlList = new ArrayList<String>(); while (token.hasMoreTokens()) { urlList.add(token.nextToken()); } }
登录页面包含css并images根据要求。
css
images
请帮帮我。谢谢。
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
String uri = ((HttpServletRequest)request).getRequestURI(); @SuppressWarnings("rawtypes") Map session = ActionContext.getContext().getSession(); if ( uri.indexOf("/css") > 0){ chain.doFilter(request, response); } else if( uri.indexOf("/images") > 0){ chain.doFilter(request, response); } else if( uri.indexOf("/js") > 0){ chain.doFilter(request, response); } else if (session.containsKey("login")) { chain.doFilter(request, response); } else { ((HttpServletResponse)response).sendRedirect(((HttpServletRequest)request).getContextPath() + "/login?authentication=failed"); } }
将此代码块放入您的动作类中,它可以工作。谢谢你们。
