1 在web.xml中配置filter(要放在字符集过滤器之后,否则字符过滤会失效)
LoginFilter LoginFilter com.xxx.common.LoginFilter LoginFilter /*
2.拦截器类(登录,注册,静态文件.js.css等不进行过滤,放过去)
package com.xxx.common;import java.io.IOException;import java.io.Writer;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletContext;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import net.sf.json.JSONObject;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.context.ApplicationContext;import org.springframework.stereotype.Component;import org.springframework.web.context.support.WebApplicationContextUtils;import com.xxx.entity.User;import com.xxx.service.LoginService;import com.xxx.util.CommonUtil;public class LoginFilter implements Filter { private LoginService loginService; public LoginService getLoginService() { return loginService; } public void setLoginService(LoginService loginService) { this.loginService = loginService; } public LoginFilter() { } /** * 初始化 */ public void init(FilterConfig config) throws ServletException { ServletContext context = config.getServletContext(); ApplicationContext ctx = WebApplicationContextUtils .getWebApplicationContext(context); loginService = (LoginService) ctx.getBean(LoginService.class); } public void destroy() { loginService = null; } /** * 登录拦截 */ public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) req; HttpServletResponse httpResponse = (HttpServletResponse) res; String path = CommonUtil.getRequestURL(httpRequest); if (path.indexOf("/tologin") != -1 || path.indexOf("/login") != -1 || path.indexOf("/include") != -1) { chain.doFilter(req, res); } else { User user = loginService.getCurrentUser(); if (user == null) { boolean isAjaxRequest = isAjaxRequest(httpRequest); if (isAjaxRequest) { httpResponse.setCharacterEncoding("UTF-8"); Writer out = httpResponse.getWriter(); JSONObject jsonObj = new JSONObject(); jsonObj.put("success", false); jsonObj.put("code", "noLogin"); jsonObj.put("message", "请您先登录系统!"); out.write(jsonObj.toString()); out.flush(); out.close(); } else { httpResponse.sendRedirect("/项目路径/Login/tologin"); } } else { chain.doFilter(req, res); } } } /** * 判断是否为Ajax请求 * * @param request * HttpServletRequest * @return 是true, 否false */ public static boolean isAjaxRequest(HttpServletRequest request) { String requestType = request.getHeader("X-Requested-With"); return requestType != null && "XMLHttpRequest".equals(requestType); }}