新建类接入filter接口
package com.bss.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class LoginFliter implements Filter { public void destroy() { // TODO Auto-generated method stub } public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) throws IOException, ServletException { // TODO Auto-generated method stub HttpServletRequest req = (HttpServletRequest)arg0; HttpServletResponse resp =(HttpServletResponse) arg1; HttpSession session = req.getSession(); // 获得用户请求的URI String path = req.getRequestURI(); // 从request取得已经登录验证的凭证 我这里的demo用的是password来作为登录凭证 String password = (String) req.getAttribute("password"); // login.html页面无需过滤(根据自己项目的要求来) if(path.indexOf("/login.html") > -1) {//注意:登录页面千万不能过滤 不然过滤器就。。。。。自行调试不要偷懒!这样记忆深刻 arg2.doFilter(req, resp); return; } else {//如果不是login.jsp进行过滤 if (password == null || "".equals(password)) { // (将需要过滤的页面放在webroot下的admin文件夹内) 返回到webroot目录下 跳转回登陆页面 resp.sendRedirect("../login.html"); } else { // 已经登陆,继续此次请求 arg2.doFilter(req, resp); } } } public void init(FilterConfig arg0) throws ServletException { // TODO Auto-generated method stub } }web.xml <filter> <filter-name>LoginFilter</filter-name> <filter-class>com.bss.filter.LoginFliter</filter-class> </filter> <filter-mapping> <filter-name>LoginFilter</filter-name> <url-pattern>/admin/*</url-pattern> </filter-mapping>