package com.erichfund.cljjfof.server.util; import java.io.IOException; /** * @author 作者 zhuzhengquan: * @version 创建时间:2016年11月21日 下午6:49:26 * 类说明 */ public class WebAuthFilter implements Filter { private String errorPage; private Configuration cfg = null; @Override public void init(FilterConfig filterConfig) throws ServletException { errorPage = filterConfig.getInitParameter("errorPage"); } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse)response; if(WebUserSession.getUserSession()== null ){ if(req.getRequestURI().startsWith("/ajax1....") || req.getRequestURI().startsWith("/ajax2...")){ // 弹框登录 }else{ // URL跳转 String method = req.getMethod(); String returnUrl ; if(method.equals("GET")){ returnUrl = "/webfof_login/login?service=" + URLEncoder.encode("get " + req.getRequestURI() + (StringUtils.hasText(req.getQueryString())?"?"+req.getQueryString():""),"utf-8"); }else if(method.equals("POST")){ String host=""; String path = req.getRequestURI() + (StringUtils.hasText(req.getQueryString())?"?"+req.getQueryString():""); MultivaluedMap<String,String> formParams = FormUrlEncodedProvider.parseForm(req.getInputStream()); Map<String,Object> data = new HashMap<String,Object>(); data.put("host", host); data.put("path", path); data.put("formParams", formParams); String url = JsonUtil.serializeToJson(data); returnUrl = "/webfof_login/login?service=" + URLEncoder.encode("post " + url,"utf-8"); }else{ throw new RuntimeException("not support "+method); } res.sendRedirect(returnUrl);//LCK login.jsp } return; }else{ String uri = ((HttpServletRequest)request).getRequestURI(); IAuthService authService = EnviromentUtil.getWebApplicationContext().getBean(IAuthService.class); boolean hasOperatePrivilege = authService.hasOperatePrivilege(UserSession.getUserSession().getOpid(), uri); if(!hasOperatePrivilege){ cfg = new Configuration(); cfg.setServletContextForTemplateLoading(request.getServletContext(), null); // 创建数据模型 Map<String,String> dataMap = new HashMap<String,String>(); dataMap.put("msg", "您无权访问此链接"); Template template = cfg.getTemplate(errorPage); PrintWriter out = res.getWriter(); try { template.process(dataMap, out); } catch (TemplateException e) { e.printStackTrace(); } out.flush(); // request.setAttribute("msg", "您无权访问此链接");//存储业务异常信息类 // request.getRequestDispatcher(errorPage).forward(request, response);//跳转到信息提示页面!! return; } } chain.doFilter(request, response); } @Override public void destroy() { // TODO Auto-generated method stub } }