Home Explore Help
Register Sign In
trick9191
/
wlyy2.0
forked from Amoy2/wlyy2.0
Watch 1
Star 0
Fork 0
Files
Tree: a45dfb4a33
Branches Tags
wlyy2.0
/
edu-article
/
JkEduWeb
/
.svn
/
pristine
/
1e
/
1ebac49092e3b1a425aa67e367afc623123d6be5.svn-base

1ebac49092e3b1a425aa67e367afc623123d6be5.svn-base 4.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135 
  1. package com.yihu.base.filters;
    2. 

  2. 

  3. import java.io.IOException;
    4. 

  4. import java.util.ArrayList;
    5. 

  5. import java.util.List;
    6. 

  6. 

  7. import javax.servlet.Filter;
    8. 

  8. import javax.servlet.FilterChain;
    9. 

  9. import javax.servlet.FilterConfig;
    10. 

  10. import javax.servlet.ServletException;
    11. 

  11. import javax.servlet.ServletRequest;
    12. 

  12. import javax.servlet.ServletResponse;
    13. 

  13. import javax.servlet.http.HttpServletRequest;
    14. 

  14. import javax.servlet.http.HttpServletResponse;
    15. 

  15. import javax.servlet.http.HttpSession;
    16. 

  16. 

  17. import org.apache.commons.lang3.StringUtils;
    18. 

  18. import com.yihu.base.SessionBean;
    19. 

  19. 

  20. /**
    21. 

  21.  * 权限过滤
    22. 

  22.  * 
    23. 

  23.  * @author Administrator
    24. 

  24.  * 
    25. 

  25.  */
    26. 

  26. public class SecurityFilter implements Filter {
    27. 

  27. 	private List<String> excludeList;//不做过滤的地址
    28. 

  28. 	public void destroy() {
    29. 

  29. 

  30. 	}
    31. 

  31. 

  32. 	/**
    33. 

  33. 	 * 过滤器
    34. 

  34. 	 */
    35. 

  35. 	public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
    36. 

  36. 		throws IOException, ServletException {
    37. 

  37. 		HttpServletRequest request = (HttpServletRequest) req;
    38. 

  38. 		HttpServletResponse response = (HttpServletResponse) res;
    39. 

  39. 		HttpSession session = request.getSession(true);
    40. 

  40. 		chain.doFilter(req, res);
    41. 

  41. //		String loginPath ="/ApmWeb/app/appLogin.html";
    42. 

  42. //		String path = request.getServletPath();
    43. 

  43. //		path = path.substring(1, path.length());
    44. 

  44. //		if(excludeList.contains(path)||( path.indexOf('?')<0&&(path.endsWith(".css")||path.endsWith(".js")||path.endsWith(".png")||path.endsWith(".jpg")||path.endsWith(".gif")))){
    45. 

  45. //			chain.doFilter(req, res);
    46. 

  46. //			return;
    47. 

  47. //		}
    48. 

  48. //		try {
    49. 

  49. //			
    50. 

  50. //			
    51. 

  51. //			if (request.getSession().getAttribute("apmUser") == null) {
    52. 

  52. //				String requestType = request.getHeader("X-Requested-With");  
    53. 

  53. //				//response.sendRedirect("login.html");
    54. 

  54. //				if (!StringUtils.isEmpty(requestType) && requestType.equalsIgnoreCase("XMLHttpRequest")) { 
    55. 

  55. //	                response.setStatus(911);  
    56. 

  56. //	                response.setHeader("sessionstatus", "timeout");  
    57. 

  57. //	                response.addHeader("loginPath", loginPath);  
    58. 

  58. //	                return;  
    59. 

  59. //	            } else {
    60. 

  60. //	            	response.sendRedirect(loginPath);
    61. 

  61. //	                return;  
    62. 

  62. //	            }
    63. 

  63. //			}else {
    64. 

  64. //				chain.doFilter(req, res);
    65. 

  65. //				
    66. 

  66. //			}
    67. 

  67. //		} catch (Exception e) {
    68. 

  68. //			e.printStackTrace();
    69. 

  69. //		}
    70. 

  70. 	}
    71. 

  71. 

  72. 	public void init(FilterConfig config) throws ServletException {
    73. 

  73. 		excludeList = new ArrayList<String>();
    74. 

  74. 		String excludeStr = config.getInitParameter("exclude");
    75. 

  75. 		String[] arr = excludeStr.split(",");
    76. 

  76. 		for(String str:arr){
    77. 

  77. 			excludeList.add(str.trim());
    78. 

  78. 		}
    79. 

  79. 		
    80. 

  80. 	}
    81. 

  81. 

  82. 	public static void main(String[] args) {
    83. 

  83. 		String str = "/abd/aa.jspss"; // /abc/abc2/abc.shtml
    84. 

  84. 		List<String> list = new ArrayList();
    85. 

  85. 		list.add("在在在");
    86. 

  86. 		list.add("/abc/*.shtml");
    87. 

  87. 		list.add("/*.jsp");
    88. 

  88. 		list.add("/ab/*");
    89. 

  89. 		list.add("/login.jsp");
    90. 

  90. 		list.add("/dd/*.jsp");
    91. 

  91. 		//System.out.println(isFilterUrl(str, list));
    92. 

  92. 	}
    93. 

  93. 

  94. 	/**
    95. 

  95. 	 * 过滤URL地址 支持: /* : 所有目录 /*.jsp,/*.do : 根目录,以指定后辍名结尾的 /ab/*.do , /ab/* : 某个目录下有所有指定后辍名结尾的 *.jsp,*.do : 过滤指定后辍名结尾的
    96. 

  96. 	 * 
    97. 

  97. 	 * @param servletPath
    98. 

  98. 	 *            URL地址
    99. 

  99. 	 * @return 返回是否过滤
    100. 

  100. 	 */
    101. 

  101. 	public static boolean isFilterUrl(String servletPath, List<String> list) {
    102. 

  102. 		servletPath = servletPath.toLowerCase().trim(); // 转成小写的
    103. 

  103. 		StringBuffer startStr; // * 号前面的字符串
    104. 

  104. 		StringBuffer endStr; // * 号后面的字符串
    105. 

  105. 		StringBuffer middleStr; // 对访问路径去除*号前后的字符串
    106. 

  106. 		for (String filterUrl : list) {
    107. 

  107. 			filterUrl = filterUrl.toLowerCase().trim();
    108. 

  108. 			if (filterUrl.equals("/*")) { // 如果是有 /* 则所有都通过
    109. 

  109. 				return true;
    110. 

  110. 			}
    111. 

  111. 			if (filterUrl.equalsIgnoreCase(servletPath)) { // 如果访问路径与列表中的一致,返回正确
    112. 

  112. 				return true;
    113. 

  113. 			}
    114. 

  114. 			if (filterUrl.indexOf("*.") == 0) { // 如果是 "*." 号在前面,后面是后辍名的 例如:
    115. 

  115. 												// *.js ,*.jsp,*.do
    116. 

  116. 				if (servletPath.endsWith(filterUrl.substring(1)))
    117. 

  117. 					return true;
    118. 

  118. 			}
    119. 

  119. 			if (filterUrl.indexOf("*") >= 1) { // 在有 "*" 号的情况下
    120. 

  120. 				startStr = new StringBuffer(filterUrl.substring(0, filterUrl.indexOf("*")));
    121. 

  121. 				endStr = new StringBuffer(filterUrl.substring(filterUrl.indexOf("*") + 1, filterUrl.length()));
    122. 

  122. 				if (servletPath.startsWith(startStr.toString()) && servletPath.endsWith(endStr.toString())) {
    123. 

  123. 					middleStr = new StringBuffer(servletPath.substring(startStr.length(),
    124. 

  124. 							servletPath.length() - endStr.length()));
    125. 

  125. 					if (middleStr.indexOf("/") == -1) {
    126. 

  126. 						return true;
    127. 

  127. 					}
    128. 

  128. 				}
    129. 

  129. 			}
    130. 

  130. 		}
    131. 

  131. 		return false;
    132. 

  132. 	}
    133. 

  133. 	
    134. 

  134. 		
    135. 

  135. }
    136.