Java Filter 不攔截某些請求,Java Filter支援Ajax請求
阿新 • • 發佈:2018-11-10
Java 過濾器Filter,Java Filter 不攔截某些請求
Java 過濾器支援Ajax請求
================================
©Copyright 蕃薯耀 2018年10月19日
http://fanshuyao.iteye.com/
一、Java許可權過濾器,如登入過濾
增加了配置檔案,配置不攔截的請求,可以自定義不攔截的規則,有三種:
1、不攔截包含/service/的請求(*/service/*)
2、不攔截以aaa/bbb/開頭的請求(aaa/bbb/*)
3、不攔截以/ccc/aa.action結尾的請求(*/ccc/aa.action)
過濾器程式碼如下:
import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.util.HashSet; import java.util.Set; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; public class SessionFilter implements Filter { protected final Log logger = LogFactory.getLog(SessionFilter.class); private Set<String> unFilterSet = new HashSet<String>(); @Override public void init(FilterConfig config) throws ServletException { InputStream in = null; BufferedReader reader = null; try { in = SessionFilter.class.getClassLoader().getResourceAsStream("sessionUnFilter.properties"); if(in != null){ reader = new BufferedReader(new InputStreamReader(in)); String lineText = null; logger.info("=====不攔截的匹配規則有:"); while((lineText = reader.readLine()) != null){ if(!StringUtils.isBlank(lineText) && (!lineText.trim().startsWith("#"))){//過濾掉空行和註釋行 logger.info("=====" + lineText); unFilterSet.add(lineText); } } } } catch (Exception e) { e.printStackTrace(); } finally{ if(reader != null){ try { reader.close(); } catch (IOException e) { e.printStackTrace(); } } if(in != null){ try { in.close(); } catch (IOException e) { e.printStackTrace(); } } } logger.info("SessionFilter init()"); } @Override public void destroy() { logger.info("SessionFilter destroy()"); } /** * 如果請求連結符合不攔截的匹配,返回true * @param unFilterSet * @param requestURI * @return */ public boolean isPass(Set<String> unFilterSet, String requestURI){ logger.info("=====requestURI = "+requestURI); if(unFilterSet != null && unFilterSet.size() > 0){ for (String unFilterUri : unFilterSet) { if(!StringUtils.isBlank(unFilterUri)){ unFilterUri = unFilterUri.trim(); if(unFilterUri.equals(requestURI)){ return true; }else if(unFilterUri.startsWith("*") && unFilterUri.length() > 1 && unFilterUri.endsWith("*")){ String text = unFilterUri.substring(1, (unFilterUri.length() - 1)); //logger.info("=====contains text = " + text); if(requestURI.contains(text)){ return true; } }else if(unFilterUri.startsWith("*") && !unFilterUri.endsWith("*")){ String text = unFilterUri.substring(1, (unFilterUri.length())); //logger.info("=====endsWith text = " + text); if(requestURI.endsWith(text)){ return true; } }else if(!unFilterUri.startsWith("*") && unFilterUri.endsWith("*")){ String text = unFilterUri.substring(0, (unFilterUri.length() - 1)); //logger.info("=====startsWith text = " + text); if(requestURI.startsWith(text)){ return true; } } } } } return false; } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) servletRequest; HttpServletResponse res = (HttpServletResponse) servletResponse; boolean isAjaxRequest = false;//判斷是否Ajax請求 if(!StringUtils.isBlank(req.getHeader("x-requested-with")) && req.getHeader("x-requested-with").equalsIgnoreCase("XMLHttpRequest")){ isAjaxRequest = true; } UserInfo userInfo = null; try { userInfo = SecurityExtApi.getUserInfo(req); } catch (GeneralFailureException e) { e.printStackTrace(); } if(userInfo != null && !StringUtils.isBlank(userInfo.getUserID())){ chain.doFilter(req, res); }else{ String requestURI = req.getRequestURI(); //logger.info("=====requestURI = "+requestURI); if(requestURI.endsWith(".js") || requestURI.endsWith(".css") || requestURI.endsWith(".png") || requestURI.endsWith(".jpg") || requestURI.endsWith(".jpeg") || requestURI.endsWith(".gif") || requestURI.endsWith(".ico")){ chain.doFilter(req, res); return; }else if(isPass(unFilterSet, requestURI)){ chain.doFilter(req, res); return; }else{ String msg = "登入已失效,請重新整理頁面或重新登入"; logger.info("=====" + msg); if(isAjaxRequest){//Ajax請求結果處理 res.setContentType("application/json;charset=GBK"); res.setCharacterEncoding("GBK"); res.setHeader("error_code", "-999"); res.setHeader("error_msg", "The login is timeout, please login again!"); throw new RuntimeException(msg);//需要增加Ajax異常處理js全域性配置檔案ajax.config.js }else{ res.sendRedirect("/"); } } } } }
不攔截請求配置檔案(sessionUnFilter.properties)如下:
#配置說明: #*/services/* :不攔截包含/services/路徑的 #/aa/startwith/* :不攔截以/aa/startwith/開頭的 #*/endwith/end.jsp :不攔截以/endwith/end.jsp結尾的 /pro_name/aaa/login_local.jsp /pro_name/bbb/ccc.action */services/*
Ajax請求處理需要增加一個js的全域性處理配置檔案(全部內容見附件):
$(document).ajaxError(function(event,XHR){ var error_code = XHR.getResponseHeader("error_code"); var error_msg = XHR.getResponseHeader("error_msg"); if(error_code != null && error_code != undefined){ if("-999" == error_code){ error_msg = "異常資訊:登入已失效,請重新登入或重新整理頁面"; }else{ error_msg = "異常資訊:"+ error_msg; } error_code = "異常程式碼:"+error_code; var error_tip = error_code +"<p>" + error_msg; top.$.messager.alert('異常提示:',error_tip,'error'); } });
================================
©Copyright 蕃薯耀 2018年10月19日
http://fanshuyao.iteye.com/