当前页面: 开发资料首页 → JSP 专题 → 使用过滤器过滤非法用户时出现的问题,请牛人帮忙
使用过滤器过滤非法用户时出现的问题,请牛人帮忙
摘要: 使用过滤器过滤非法用户时出现的问题,请牛人帮忙
在网上看到一篇使用过滤器过滤非法用户访问系统网页的方法后,加入到自己的代码中,
出现了其他页面不能访问的问题,并且Index.jsp(首页)中的图片也显示不了,请高人指点,
以下为有关的代码:
Web.xml:
加入
LoginFilter.java的源码:
package com.tdsj.filter;
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
public class LoginFilter extends HttpServlet implements Filter {
private FilterConfig filterConfig;
public LoginFilter() {
}
public void init(FilterConfig arg0) throws ServletException {
this.filterConfig = arg0;
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest sr = (HttpServletRequest) request;
HttpSession session = sr.getSession(); // 获得session
String user = (String) session.getAttribute("user");
// 判断用户是否登录,如果没有,
if (user == null || user.trim().equals("")) {
// 获锝当前的URL
String strURL = sr.getRequestURL().toString();
System.out.println(strURL);
// 判断是否为index.jsp
if (strURL.indexOf("/Index.jsp") == -1) {
ServletContext sc = filterConfig.getServletContext();
RequestDispatcher rd = sc
.getRequestDispatcher("/Index.jsp");
try {
rd.forward(request, response); // 转发到index.jsp让用户登录
filterChain.doFilter(request, response);
return;
} catch (ServletException sx) {
filterConfig.getServletContext().log(sx.getMessage());
} catch (IOException iox) {
filterConfig.getServletContext().log(iox.getMessage());
}
}
}
filterChain.doFilter(request, response);
}
public void destroy() {
this.filterConfig = null;
}
}
运行后,出现以下错误:
type Exception report
message
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
java.lang.IllegalStateException: Cannot forward after response has been committed
org.apache.struts.action.RequestProcessor.doForward(RequestProcessor.java:1063)
org.apache.struts.action.RequestProcessor.processForwardConfig(RequestProcessor.java:386)
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:229)
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1194)
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
com.tdsj.filter.LoginFilter.doFilter(LoginFilter.java:42)
note The full stack trace of the root cause is available in the Apache Tomcat/5.5.17 logs.
请大家帮帮忙
Cannot forward after response has been committed
RequestDispatcher rd = sc.getRequestDispatcher("/Index.jsp");
不能用这种方式跳转,换成javascript 来跳转就可以了
楼上说的方法可以试下,二次重复提交请求有时候会阻塞的,还有可以用其它方法!
Struts里面有个过滤非法用户登录的例子,不如下载Struts源码看看吧!
djpsunday能不能具体指点一下
靠。
doFilter方法写错!
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest sr = (HttpServletRequest) request;
HttpSession session = sr.getSession(); // 获得session
String user = (String) session.getAttribute("user");
// 判断用户是否登录,如果没有,
if (user == null || user.trim().equals("")) {
String url = sr.getRequestURL().toString();
if (url.indexOf("/index.jsp") == -1) {
RequestDispatcher rd = request
.getRequestDispatcher("/index.jsp");
rd.forward(request, response);
}
} else {
filterChain.doFilter(request, response);
}
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest sr = (HttpServletRequest) request;
HttpSession session = sr.getSession(); // 获得session
String user = (String) session.getAttribute("user");
// 判断用户是否登录,如果没有,
if (user == null || user.trim().equals("")) {
String url = sr.getRequestURL().toString();
if (url.indexOf("/index.jsp") == -1) {
RequestDispatcher rd = request
.getRequestDispatcher("/index.jsp");
rd.forward(request, response);
return ;
}
} else {
filterChain.doFilter(request, response);
}
}
加一个return;语句!
以上代码全经过测试!
还是没有用啊
和上面是一个情况
你是不是提交form后的问题啊?
这是对整个web应用的一个过滤!你必须排除form中的action所指向的网页!
可以对程序这样改一下!例如action="do.jsp"
if(url.indexOf("/do.jsp")){
filterChain.doFilter(request,response);
}
谢谢genzhongzhang
↑返回目录
前一篇: 请问Lucene的Highlighter是不是不支持多个关键词啊?
后一篇: 点击email中链接验证用户是否存在