May 27, 2020

Spring MVC filter code implementation of login filtering

A very simple login rights interceptor, the specific code is as follows:

The following code is the code that inherits OncePerRequestFilter to implement login filtering:

/**
 *
 * @author geloin
 * @date 2012-4-10  In the afternoon 2:37:38
 */
package com.test.spring.filter;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.web.filter.OncePerRequestFilter;

/**
 *  Login to filter
 *
 * @author geloin
 * @date 2012-4-10  In the afternoon 2:37:38
 */
public class SessionFilter extends OncePerRequestFilter {

  /*
   * (non-Javadoc)
   *
   * @see
   * org.springframework.web.filter.OncePerRequestFilter#doFilterInternal(
   * javax.servlet.http.HttpServletRequest,
   * javax.servlet.http.HttpServletResponse, javax.servlet.FilterChain)
   */
  @Override
  protected void doFilterInternal(HttpServletRequest request,
      HttpServletResponse response, FilterChain filterChain)
      throws ServletException, IOException {

    //  Do not filter uri
    String[] notFilter = new String[] { "login.html", "index.html" };

    //  The request of uri
    String uri = request.getRequestURI();

    // uri Contained in the background Filter only when
    if (uri.indexOf("background") != -1) {
      //  Whether the filter
      boolean doFilter = true;
      for (String s : notFilter) {
        if (uri.indexOf(s) != -1) {
          //  if uri Contains unfiltered uri Is not filtered
          doFilter = false;
          break;
        }
      }
      if (doFilter) {
        //  filtering
        //  from session Gets the logon entity in
        Object obj = request.getSession().getAttribute("loginedUser");
        if (null == obj) {
          //  if session If there is no entity of the logon, the pop-up box will prompt you to log in again
          //  Set up the request and response The character set to prevent scrambled codes
          request.setCharacterEncoding("UTF-8");
          response.setCharacterEncoding("UTF-8");
          PrintWriter out = response.getWriter();
          String loginPage = "....";
          StringBuilder builder = new StringBuilder();
          builder.append("<script type=\"text/javascript\">");
          builder.append("alert(' Page expired, please login again! ');");
          builder.append("window.top.location.href='");
          builder.append(loginPage);
          builder.append("';");
          builder.append("</script>");
          out.print(builder.toString());
        } else {
          //  if session If a logon entity exists in, continue
          filterChain.doFilter(request, response);
        }
      } else {
        //  If filtering is not performed, continue
        filterChain.doFilter(request, response);
      }
    } else {
      //  if uri Contains no background , then continue
      filterChain.doFilter(request, response);
    }
  }

}

After writing the filter, it needs to be configured in web.xml:

<filter>
  <filter-name>sessionFilter</filter-name>
  <filter-class>com.test.spring.filter.SessionFilter</filter-class>
</filter>
<filter-mapping>
  <filter-name>sessionFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>