2

我已经访问了Java FilterImplementation 以获取会话检查链接,其中提到了 Spring 安全性。我没有得到我需要的帮助。

应用过滤器 login.jsp 后无法加载 CSS 和图像。

我正在尝试在 web.xml 中提供过滤器并将过滤器应用于 login.jsp 以外的页面的简单示例。Web.xml 文件是:

<filter>
    <filter-name>struts2</filter-name>
    <filter-class>
         org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter
    </filter-class>
</filter>
<filter-mapping>
    <filter-name>struts2</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
 <filter>
 <filter-name>AuthenticationFilter2</filter-name>
 <filter-class>filter.AuthorizationFilter2</filter-class>
 <init-param>
    <param-name>avoid-urls</param-name>
    <param-value>login.jsp</param-value>
 </init-param>`
 <filter>

过滤器类是:

    private ArrayList<String> urlList;

public void destroy() {
    // TODO Auto-generated method stub
    System.out.println("authorization filter2 destroy method....");
}




public void doFilter(ServletRequest req, ServletResponse res,
        FilterChain chain) throws IOException, ServletException {

    System.out.println("authorization filter2 doFilter method....");

    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) res;
    String url = request.getServletPath();

    System.out.println("ppp:"+request.getRequestURL());

    System.out.println("url is :"+url);

    boolean allowedRequest = false;

    System.out.println("url list is :"+urlList);

    if(urlList.contains(url.substring(1))) {
        allowedRequest = true;
    }
    System.out.println("request allowed....."+allowedRequest);     
    if (!allowedRequest) {

        Map session = ActionContext.getContext().getSession();

        /*HttpSession session = request.getSession(false);*/
       /* if (null == session) {
            response.sendRedirect("login.jsp");
        }*/

        System.out.println("session contains login :"+session.containsKey("login"));



        if(!session.containsKey("login")){
            response.sendRedirect("login.jsp");
        }

    }

    chain.doFilter(req, res);
}

public void init(FilterConfig config) throws ServletException {
    System.out.println("authorization filter2 init method....");
    String urls = config.getInitParameter("avoid-urls");
    StringTokenizer token = new StringTokenizer(urls, ",");

    urlList = new ArrayList<String>();

    while (token.hasMoreTokens()) {
        urlList.add(token.nextToken());

    }
}

登录页面包含cssimages根据要求。

请帮帮我。谢谢你。

4

2 回答 2

5 
@Override
public void doFilter(ServletRequest request, ServletResponse response,
        FilterChain chain) throws IOException, ServletException {


    String uri = ((HttpServletRequest)request).getRequestURI();

    @SuppressWarnings("rawtypes")
    Map session = ActionContext.getContext().getSession();

    if ( uri.indexOf("/css") > 0){
        chain.doFilter(request, response);
    }
    else if( uri.indexOf("/images") > 0){
        chain.doFilter(request, response);
    }
    else if( uri.indexOf("/js") > 0){
        chain.doFilter(request, response);
    }
    else if (session.containsKey("login")) {
        chain.doFilter(request, response);
    }
    else {
        ((HttpServletResponse)response).sendRedirect(((HttpServletRequest)request).getContextPath() + "/login?authentication=failed");
    }
}

将此代码块放入您的操作类中,它可以工作。谢谢你们。

于 2012-10-18T07:07:44.973 回答
2

您在 logjn.jsp 页面上使用的 CSS 文件和图像必须从您的过滤器中排除

于 2012-10-11T07:14:42.667 回答