2 yc1183759107 yc1183759107 于 2015.07.16 16:17 提问

过滤器验证死循环,非常感谢

public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
System.out.println("Demo1 过滤前;");
System.out.println("====================================");
System.out.println("获取初始化参数后值");

         System.out.println(filterConfig.getInitParameter("testparam"));

         HttpServletRequest hreq = (HttpServletRequest) request;
          HttpServletResponse hres = (HttpServletResponse) response;
          HttpSession session = hreq.getSession();
          if (session.getAttribute("user") != null){
           chain.doFilter(request, response);
          }
          if (hreq.getRequestURI().equals(hreq.getContextPath() + "/login.jsp")) {
            chain.doFilter(request, response);

          } 
          else{
           hres.sendRedirect("/essa/test/login.jsp");
           return;
          }

          chain.doFilter(request, response);
         }
        public void init(FilterConfig filterConfig) throws ServletException {
    System.out.println("初始化了");
    this.filterConfig = filterConfig;    

}
public void destroy() {
     System.out.println("销毁了");
}

}

Web.xml

index.jsp


com.essa.config.InitSys


struts2
com.essa.filter.SecurityFilter


testparam

============================ 进行顶层的过滤器应用测试========================================



<filter-mapping>
    <filter-name>struts2</filter-name>
    <url-pattern>*.jsp</url-pattern>
</filter-mapping>


想做几个判断
1.if url 登陆页,获取Json的List中UID/PASS值
remove session所在的值
写入Session,进入Action
else 获取Session.Attribute(UID/PASS)
如果为空到标志页(变换验证),OK返回登录
2.Action中应用:进行UID/Pass进行反复验证
代码实在写不明白了...非常感谢

1个回答

lingfeiwen
lingfeiwen   2015.07.16 17:08

doFilter 方法里面,各种if都调了chain.doFilter,方法的最后就一行不要再调了。

Csdn user default icon
上传中...
上传图片
插入图片