package org.fireflow.demo.security;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
* Servlet Filter implementation class SecurityFilter
*/
public class SecurityFilter implements Filter {
/**
* Default constructor.
*/
public SecurityFilter() {
// TODO Auto-generated constructor stub
}
/**
* @see Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
// place your code here
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
HttpSession session = request.getSession();
Object currentUser = session.getAttribute(LoginServlet.CURRENT_USER_SESSION_KEY);
//System.out.println("Inside SecurityFilter.doFilter()::用户访问的资源是:"+request.getRequestURI());
//如果没有登录,则导航到登录页面
if(currentUser==null){
response.sendRedirect(request.getContextPath()+"/login.jsp");
return;
}
// pass the request along the filter chain
chain.doFilter(req, res);
}
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
// TODO Auto-generated method stub
}
}