Spring MVC filter code implementation of login filtering

  • 2020-05-27 05:30:02
  • OfStack

A very simple login rights interceptor, the specific code is as follows:

The following code is the code that inherits OncePerRequestFilter to implement login filtering:


/** 
 * 
 * @author geloin 
 * @date 2012-4-10  In the afternoon 2:37:38 
 */ 
package com.test.spring.filter; 
 
import java.io.IOException; 
import java.io.PrintWriter; 
 
import javax.servlet.FilterChain; 
import javax.servlet.ServletException; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 
 
import org.springframework.web.filter.OncePerRequestFilter; 
 
/** 
 *  Login to filter  
 * 
 * @author geloin 
 * @date 2012-4-10  In the afternoon 2:37:38 
 */ 
public class SessionFilter extends OncePerRequestFilter { 
 
  /* 
   * (non-Javadoc) 
   * 
   * @see 
   * org.springframework.web.filter.OncePerRequestFilter#doFilterInternal( 
   * javax.servlet.http.HttpServletRequest, 
   * javax.servlet.http.HttpServletResponse, javax.servlet.FilterChain) 
   */ 
  @Override 
  protected void doFilterInternal(HttpServletRequest request, 
      HttpServletResponse response, FilterChain filterChain) 
      throws ServletException, IOException { 
 
    //  Do not filter uri 
    String[] notFilter = new String[] { "login.html", "index.html" }; 
 
    //  The request of uri 
    String uri = request.getRequestURI(); 
 
    // uri Contained in the background Filter only when  
    if (uri.indexOf("background") != -1) { 
      //  Whether the filter  
      boolean doFilter = true; 
      for (String s : notFilter) { 
        if (uri.indexOf(s) != -1) { 
          //  if uri Contains unfiltered uri Is not filtered  
          doFilter = false; 
          break; 
        } 
      } 
      if (doFilter) { 
        //  filtering  
        //  from session Gets the logon entity in  
        Object obj = request.getSession().getAttribute("loginedUser"); 
        if (null == obj) { 
          //  if session If there is no entity of the logon, the pop-up box will prompt you to log in again  
          //  Set up the request and response The character set to prevent scrambled codes  
          request.setCharacterEncoding("UTF-8"); 
          response.setCharacterEncoding("UTF-8"); 
          PrintWriter out = response.getWriter(); 
          String loginPage = "...."; 
          StringBuilder builder = new StringBuilder(); 
          builder.append("<script type=\"text/javascript\">"); 
          builder.append("alert(' Page expired, please login again! ');"); 
          builder.append("window.top.location.href='"); 
          builder.append(loginPage); 
          builder.append("';"); 
          builder.append("</script>"); 
          out.print(builder.toString()); 
        } else { 
          //  if session If a logon entity exists in, continue  
          filterChain.doFilter(request, response); 
        } 
      } else { 
        //  If filtering is not performed, continue  
        filterChain.doFilter(request, response); 
      } 
    } else { 
      //  if uri Contains no background , then continue  
      filterChain.doFilter(request, response); 
    } 
  } 
 
} 

After writing the filter, it needs to be configured in web.xml:


<filter> 
  <filter-name>sessionFilter</filter-name> 
  <filter-class>com.test.spring.filter.SessionFilter</filter-class> 
</filter> 
<filter-mapping> 
  <filter-name>sessionFilter</filter-name> 
  <url-pattern>/*</url-pattern> 
</filter-mapping> 

Related articles: