@WebFilter排除url-pattern [英] @WebFilter exclude url-pattern

查看:1012
本文介绍了@WebFilter排除url-pattern的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我使用过滤器检查登录用户的网址格式。

I use a filter to check URL patterns for the logged in user.

但我需要过滤许多网址格式。

But I have many URL patterns I need to filter.

{ "/table/*", "/user/*", "/contact/*", "/run/*", "/conf/*", ..., ..., ...}

它变得无法维护。排除以下内容会更简单:

It's becoming unmaintainable. It will be simpler just to exclude:

{ "/", "/login", "/logout", "/register" }

我如何实现这一目标?

@WebFilter(urlPatterns = { "/table/*","/user/*", "/contact/*","/run/*","/conf/*"})
public class SessionTimeoutRedirect implements Filter {

    protected final Logger logger = LoggerFactory.getLogger("SessionFilter");

    @Override
    public void doFilter(ServletRequest req, ServletResponse res,
            FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;
        if (request.getSession().getAttribute("Id") != null) {
            chain.doFilter(req, res);
        } else {
            logger.debug("session is null:"+request.getRequestURL());                    
            response.sendRedirect(request.getContextPath()+"/login");
        }
    }

    @Override
    public void init(FilterConfig arg0) throws ServletException {

    }

    @Override
    public void destroy() {

    }

}


推荐答案

servlet API不支持排除URL模式。

The servlet API doesn't support an "exclude" URL pattern.

您最好的选择是在 / * 上映射并比较 HttpServletRequest#getRequestURI() 针对允许的路径集。

Your best bet is to just map on /* and compare the HttpServletRequest#getRequestURI() against the set of allowed paths.

@WebFilter("/*")
public class LoginFilter implements Filter {

    private static final Set<String> ALLOWED_PATHS = Collections.unmodifiableSet(new HashSet<>(
        Arrays.asList("", "/login", "/logout", "/register")));

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;
        HttpSession session = request.getSession(false);
        String path = request.getRequestURI().substring(request.getContextPath().length()).replaceAll("[/]+$", ""); 

        boolean loggedIn = (session != null && session.getAttribute("Id") != null);
        boolean allowedPath = ALLOWED_PATHS.contains(path);

        if (loggedIn || allowedPath) {
            chain.doFilter(req, res);
        }
        else {
            response.sendRedirect(request.getContextPath() + "/login");
        }
    }

    // ...
}

这篇关于@WebFilter排除url-pattern的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
Java开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆