web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" id="WebApp_ID" version="3.1">
<display-name>scm</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<filter>
<filter-name>encode</filter-name>
<filter-class>com.scm.filter.EncodeFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>utf-8</param-value>
</init-param>
</filter>
<filter>
<filter-name>login</filter-name>
<filter-class>com.scm.filter.LoginFilter</filter-class>
</filter>
<filter>
<filter-name>auth</filter-name>
<filter-class>com.scm.filter.AuthFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>encode</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>login</filter-name>
<url-pattern>/system/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>login</filter-name>
<url-pattern>/purchase/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>login</filter-name>
<url-pattern>/warehouse/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>login</filter-name>
<url-pattern>/finance/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>login</filter-name>
<url-pattern>/sale/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>login</filter-name>
<url-pattern>/system/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>auth</filter-name>
<url-pattern>/system/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>auth</filter-name>
<url-pattern>/purchase/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>auth</filter-name>
<url-pattern>/warehouse/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>auth</filter-name>
<url-pattern>/finance/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>auth</filter-name>
<url-pattern>/sale/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>auth</filter-name>
<url-pattern>/system/*</url-pattern>
</filter-mapping>
</web-app>
EncodeFilter
package com.scm.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
@WebFilter("/EncodeFilter")
public class EncodeFilter implements Filter {
String encode;
public EncodeFilter() {
}
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
request.setCharacterEncoding(encode);
response.setCharacterEncoding(encode);
chain.doFilter(request, response);
}
public void init(FilterConfig fConfig) throws ServletException {
Filter.super.init(fConfig);
encode=fConfig.getInitParameter("encoding");
}
}
LoginFilter
package com.scm.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
@WebFilter("/LoginFilter")
public class LoginFilter implements Filter {
public LoginFilter() {
}
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req=(HttpServletRequest)request;
Object obj = req.getSession().getAttribute("user");
if(obj==null) {
response.setContentType("text/html;charset=utf-8");
response.getWriter().println("<script language=\"javascript\">alert(\"您还没有登录,请先登录!\");"
+ "if(window.opener==null){window.top.location.href=\"../login.jsp\";}"
+ "else{window.opener.top.location.href=\"../login.jsp\";window.close();}</script>");
response.getWriter().flush();
response.getWriter().close();
}else {
chain.doFilter(request, response);
}
}
public void init(FilterConfig fConfig) throws ServletException {
}
}
AuthFilter
package com.scm.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import com.scm.model.User;
import com.scm.service.AuthService;
@WebFilter("/AuthFilter")
public class AuthFilter implements Filter {
public AuthFilter() {
}
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req=(HttpServletRequest) request;
String path=req.getServletPath();
User user=(User) req.getSession().getAttribute("user");
boolean flag=new AuthService().authCheck(path, user.getModelUri());
if(flag) {
chain.doFilter(request, response);
}else {
response.getWriter().println("<script language=\"javascript\">alert(\"您还没有权限!\");</script>");
response.getWriter().flush();
response.getWriter().close();
}
}
public void init(FilterConfig fConfig) throws ServletException {
}
}
package com.scm.service;
import java.util.ArrayList;
public class AuthService {
public boolean authCheck(String path,ArrayList<String> modelUri) {
for(String s:modelUri) {
if(path.startsWith(s)) {
return true;
}
}
return false;
}
}