服务器之家:专注于服务器技术及软件下载分享
分类导航

PHP教程|ASP.NET教程|Java教程|ASP教程|编程技术|正则表达式|C/C++|IOS|C#|Swift|Android|VB|R语言|JavaScript|易语言|vb.net|

服务器之家 - 编程语言 - Java教程 - javaweb设计中filter粗粒度权限控制代码示例

javaweb设计中filter粗粒度权限控制代码示例

2021-01-18 09:55bluzelee2011 Java教程

这篇文章主要介绍了javaweb设计中filter粗粒度权限控制代码示例,小编觉得还是挺不错的,需要的朋友可以参考。

1 说明

我们给出三个页面:index.jsp、user.jsp、admin.jsp。

index.jsp:谁都可以访问,没有限制;

user.jsp:只有登录用户才能访问;

admin.jsp:只有管理员才能访问。

2 分析

设计User类:username、password、grade,其中grade表示用户等级,1表示普通用户,2表示管理员用户。

当用户登录成功后,把user保存到session中。

创建LoginFilter,它有两种过滤方式:

如果访问的是user.jsp,查看session中是否存在user;
如果访问的是admin.jsp,查看session中是否存在user,并且user的grade等于2。

3 代码

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5"
 xmlns="http://java.sun.com/xml/ns/javaee"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
 http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<servlet>
 <servlet-name>LoginServlet</servlet-name>
 <servlet-class>com.cug.web.servlet.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
 <servlet-name>LoginServlet</servlet-name>
 <url-pattern>/LoginServlet</url-pattern>
</servlet-mapping>
<welcome-file-list>
 <welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<filter>
 <filter-name>UserFilter</filter-name>
 <filter-class>com.cug.filter.UserFilter</filter-class>
</filter>
<filter-mapping>
 <filter-name>UserFilter</filter-name>
 <url-pattern>/user/*</url-pattern>
</filter-mapping>
<filter>
 <filter-name>AdminFilter</filter-name>
 <filter-class>com.cug.filter.AdminFilter</filter-class>
</filter>
<filter-mapping>
 <filter-name>AdminFilter</filter-name>
 <url-pattern>/admin/*</url-pattern>
</filter-mapping>
</web-app>

LoginServlet.java

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
package com.cug.web.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.cug.domain.User;
import com.cug.web.service.UserService;
public class LoginServlet extends HttpServlet{
    @Override
     protected void doPost(HttpServletRequest req, HttpServletResponse resp)
       throws ServletException, IOException {
        req.setCharacterEncoding("utf-8");
        resp.setContentType("text/html;charset=utf-8");
        String username = req.getParameter("username");
        String password = req.getParameter("password");
        User user = UserService.login(username, password);
        if(user == null){
            req.setAttribute("msg", "用户名或者密码错误");
            req.getRequestDispatcher("/login.jsp").forward(req, resp);
        } else{
            req.getSession().setAttribute("user", user);
            req.getRequestDispatcher("index.jsp").forward(req,resp);
        }
    }
}

UserService

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
package com.cug.web.service;
import java.util.HashMap;
import java.util.Map;
import com.cug.domain.User;
public class UserService {
    private static Map<String, User> users = new HashMap<String, User>();
    static{
        users.put("zhu", new User("zhu", "123", 2));
        users.put("xiao", new User("xiao", "123", 1));
    }
    public static User login(String username, String password){
        User user = users.get(username);
        if(user == null)
           return null;
        if(!user.getPassword().equals(password))
           return null;
        return user;
    }
}

AdminFilter

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
package com.cug.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import com.cug.domain.User;
public class AdminFilter implements Filter{
    @Override
     public void destroy() {
    }
    @Override
     public void doFilter(ServletRequest req, ServletResponse resp,
       FilterChain chain) throws IOException, ServletException {
        req.setCharacterEncoding("utf-8");
        resp.setContentType("text/html;charset=utf-8");
        HttpServletRequest request = (HttpServletRequest)req;
        User user = (User)request.getSession().getAttribute("user");
        if(user == null){
            resp.getWriter().print("用户还没有登陆");
            request.getRequestDispatcher("/login.jsp").forward(req, resp);
        }
        if(user.getGrade() < 2){
            resp.getWriter().print("您的等级不够");
            return;
        }
        chain.doFilter(req, resp);
    }
    @Override
     public void init(FilterConfig arg0) throws ServletException {
    }
}

UserFilter

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
package com.cug.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import com.cug.domain.User;
public class UserFilter implements Filter{
    @Override
     public void destroy() {
    }
    @Override
     public void doFilter(ServletRequest request, ServletResponse response,
       FilterChain chain) throws IOException, ServletException {
        request.setCharacterEncoding("utf-8");
        response.setContentType("text/html;charset=utf-8");
        HttpServletRequest httpReq = (HttpServletRequest)request;
        User user = (User)httpReq.getSession().getAttribute("user");
        if(user == null){
            request.getRequestDispatcher("/login.jsp").forward(request, response);
        }
        chain.doFilter(request, response);
    }
    @Override
     public void init(FilterConfig filterConfig) throws ServletException {
    }
}

User

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
package com.cug.domain;
public class User {
    private String username;
    private String password;
    private int grade;
    public User() {
        super();
    }
    public User(String username, String password, int grade) {
        super();
        this.username = username;
        this.password = password;
        this.grade = grade;
    }
    public String getUsername() {
        return username;
    }
    public void setUsername(String username) {
        this.username = username;
    }
    public String getPassword() {
        return password;
    }
    public void setPassword(String password) {
        this.password = password;
    }
    public int getGrade() {
        return grade;
    }
    public void setGrade(int grade) {
        this.grade = grade;
    }
    @Override
     public String toString() {
        return "User [username=" + username + ", password=" + password
            + ", grade=" + grade + "]";
    }
}

html

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
 <head>
 <base href="<%=basePath%>" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" >
 <title>My JSP 'admin.jsp' starting page</title>
 <meta http-equiv="pragma" content="no-cache">
 <meta http-equiv="cache-control" content="no-cache">
 <meta http-equiv="expires" content="0"
 <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
 <meta http-equiv="description" content="This is my page">
 <!--
 <link rel="stylesheet" type="text/css" href="styles.css" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" >
 -->
 </head>
 <body>
 <h1>admin.jsp</h1>
 <h3>${user.username }</h3>
 <a href="<c:url value='/index.jsp'/>" rel="external nofollow" rel="external nofollow" rel="external nofollow" >首页</a><br/>
 <a href="<c:url value='/user/user.jsp'/>" rel="external nofollow" rel="external nofollow" rel="external nofollow" >用户页</a><br/>
 <a href="<c:url value='/admin/admin.jsp'/>" rel="external nofollow" rel="external nofollow" rel="external nofollow" >系统管理员</a><br/>
 </body>
</html>

 

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
 <head>
 <base href="<%=basePath%>" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" >
 <title>My JSP 'user.jsp' starting page</title>
 <meta http-equiv="pragma" content="no-cache">
 <meta http-equiv="cache-control" content="no-cache">
 <meta http-equiv="expires" content="0"
 <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
 <meta http-equiv="description" content="This is my page">
 <!--
 <link rel="stylesheet" type="text/css" href="styles.css" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" >
 -->
 </head>
 <body>
 <h1>user.jsp</h1>
 <h3>${user.username }</h3>
 <a href="<c:url value='/index.jsp'/>" rel="external nofollow" rel="external nofollow" rel="external nofollow" >首页</a><br>
 <a href="<c:url value='/user/user.jsp'/>" rel="external nofollow" rel="external nofollow" rel="external nofollow" >用户登陆界面</a><br>
 <a href="<c:url value='/admin/admin.jsp'/>" rel="external nofollow" rel="external nofollow" rel="external nofollow" >管理员登陆界面</a><br>
 </body>
</html>

用户登录

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
 <head>
 <base href="<%=basePath%>" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" >
 <title>My JSP 'login.jsp' starting page</title>
 <meta http-equiv="pragma" content="no-cache">
 <meta http-equiv="cache-control" content="no-cache">
 <meta http-equiv="expires" content="0"
 <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
 <meta http-equiv="description" content="This is my page">
 <!--
 <link rel="stylesheet" type="text/css" href="styles.css" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" >
 -->
 </head>
 <body>
 ${msg }
 <form action="<c:url value='/LoginServlet'/>" method="post">
  用户名:<input type="text" name="username"/><br/>
  密码:<input type="password" name="password"/><br/>
  <input type="submit" value="登陆"/>
 </form>
 </body>
</html>

 

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
 <head>
 <base href="<%=basePath%>" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" >
 <title>My JSP 'index.jsp' starting page</title>
 <meta http-equiv="pragma" content="no-cache">
 <meta http-equiv="cache-control" content="no-cache">
 <meta http-equiv="expires" content="0"
 <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
 <meta http-equiv="description" content="This is my page">
 <!--
 <link rel="stylesheet" type="text/css" href="styles.css" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" >
 -->
 </head>
 <body>
 <h1>index.jsp</h1>
 <h3>${user.username }</h3>
 <a href="<c:url value='/index.jsp'/>" rel="external nofollow" rel="external nofollow" rel="external nofollow" >首页</a><br>
 <a href="<c:url value='/user/user.jsp'/>" rel="external nofollow" rel="external nofollow" rel="external nofollow" >用户登陆界面</a><br>
 <a href="<c:url value='/admin/admin.jsp'/>" rel="external nofollow" rel="external nofollow" rel="external nofollow" >管理员登陆界面</a><br>
 </body>
</html>

 

总结

以上就是本文关于javaweb设计中filter粗粒度权限控制代码示例的全部内容,希望对大家有所帮助,如有不足之处,欢迎留言指正。感谢大家对本站的支持!

原文链接:http://blog.csdn.net/bluzelee2011/article/details/42784479

  • JavaWeb
  • Filter
  • 权限控制

    • 延伸 · 阅读

    精彩推荐
    最近更新
    编辑推荐
    阅读排行
    热门标签
    501   406   415   1433   2000   401   330   GOF23   new   newInstance   Hibernate   volatile   集合   spring   consul   critical   嵌套循环   注册服务   堆栈类   supplyAsync   遍历   设计模式   观察者模式   小数   JAVA8   写入文件   回车   制表符   排列组合   Java  
    © 2019-2023 服务器之家(www.zzvips.com) 版权所有关于我们联系我们版权申明网站地图