Java过滤器验证登录用户
/*首先写一个权限过滤filter*/import javax.servlet.Filter;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.FilterChain;import java.io.IOException;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpSession;import javax.servlet.http.HttpServletResponse;public class RightFilter implements Filter {public void init(FilterConfig filterConfig) throws ServletException {}public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse) response; HttpSession session = req.getSession(true); //从session里取的用户名信息 String username = (String) session.getAttribute("username");? //判断如果没有取到用户信息,就跳转到登陆页面 if (username == null || "".equals(username)) { //跳转到登陆页面 res.sendRedirect(req.getContextPath()+"/login.jsp "); } else { //已经登陆,继续此次请求 chain.doFilter(request,response); }}public void destroy() {}}?

2.然后在web.xml里配置需要登陆权限验证的JSP文件:
???? a.如果是某个具体的JSP文件(如a.jsp)需要登陆验证

<web-app>...<filter>    <filter-name>right</filter-name>    <filter-class>com.taihuatalk.taihua.common.RightFilter</filter-class></filter><filter-mapping>    <filter-name>right</filter-name>    <url-pattern>/a.jsp</url-pattern></filter-mapping>...</web-app>    b.如果是某一个目录(如a/目录)整个目录下的文件都需要登陆验证:<web-app>...<filter>    <filter-name>right</filter-name>    <filter-class>com.taihuatalk.taihua.common.RightFilter</filter-class></filter><filter-mapping>    <filter-name>right</filter-name>    <url-pattern>/a/*</url-pattern></filter-mapping>...</web-app>

?