0

我正在使用两个过滤器,但未应用第二个过滤器,

这是 InvokeServlet.do 的代码

request.getRequestDispatcher("/secured/securedResult.jsp").forward(request, response);

和 web.xml 代码是: -

<servlet-mapping>
        <servlet-name>InvokeServlet</servlet-name>
        <url-pattern>/InvokeServlet.do</url-pattern>
    </servlet-mapping>

<filter>
        <filter-name>SecurityFilter</filter-name>
        <filter-class>filter.SecurityFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>SecurityFilter</filter-name>
        <url-pattern>*.do</url-pattern>
    </filter-mapping>
<filter>
        <filter-name>SecurityFilter2</filter-name>
        <filter-class>filter.SecurityFilter2</filter-class>
    </filter>
    <filter-mapping>            
        <filter-name>SecurityFilter2</filter-name>
        <url-pattern>/secured/*</url-pattern>
    </filter-mapping>

在地址栏http://localhost:8080/OnlineBankingWS/InvokeServlet.do

但是当我点击 urlhttp://localhost:8080/OnlineBankingWS/secured/securedResult.jsp过滤器时(控制台上打印了一些 sysout 语句)。

安全过滤器.java

package filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class SecurityFilter implements Filter {

    public void destroy() {
        // TODO Auto-generated method stub

    }

    public void doFilter(ServletRequest arg0, ServletResponse arg1,
            FilterChain arg2) throws IOException, ServletException {
        // TODO Auto-generated method stub

        HttpServletRequest request = (HttpServletRequest) arg0;
        HttpServletResponse response = (HttpServletResponse) arg1;
        HttpSession session = request.getSession();

        if (session.getAttribute("userSession") == null) {
            String msg = "oops! Your Session Has Been Expired";
            request.setAttribute("msg", msg);
            request.getRequestDispatcher("loginForm.jsp")
                    .forward(request, response);
        }
        arg2.doFilter(arg0, arg1);

    }

    public void init(FilterConfig arg0) throws ServletException {
        // TODO Auto-generated method stub

    }

}

SecurityFilter2.java

package filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class SecurityFilter2 implements Filter {

    public void destroy() {
        // TODO Auto-generated method stub

    }

    public void doFilter(ServletRequest arg0, ServletResponse arg1,
            FilterChain arg2) throws IOException, ServletException {
        // TODO Auto-generated method stub

        String pathInfo=request.getPathInfo();
        String contextPath=request.getContextPath();
        System.out.println(" pathINfo--> " + pathInfo + " contextPath--> " + contextPath );

        arg2.doFilter(arg0, arg1);

    }

    public void init(FilterConfig arg0) throws ServletException {
        // TODO Auto-generated method stub
            System.out.println("in init method of security filter 2");
    }

}

上述过滤器逻辑尚未实现,但应打印语句。

4

1 回答 1

3

尝试使用

<filter-mapping>            
    <filter-name>SecurityFilter2</filter-name>
    <url-pattern>/secured/*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>   


http://www.javaworld.com/javaworld/jw-01-2006/jw-0102-servlet.html?page=3

于 2013-03-30T15:22:25.673 回答