public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse)res;
//得到所登录的用户并判断是否已经登录
HttpSession session = request.getSession();
UsersInfo user = (UsersInfo)session.getAttribute("user");
if(user == null){
request.setAttribute(MyFinal.REQUEST_JUAGE_MESSAGE, "您还没登陆呢?");
request.getRequestDispatcher("../../showMessage.jsp").forward(request, response);
}else{
//请求地址
String uri = request.getRequestURI();
if(uri.indexOf("/loft/pages/common/") >=0 || !request.getMethod().equalsIgnoreCase("GET")) { //判断该请求路径是否是特殊路径
chain.doFilter(request, response);
} else{
List<String> list = (List<String>)session.getAttribute("test"); //取出登录用户所有的权限菜单(List里面存的是菜单路径)
if(list.contains(uri)) { //在用户权限菜单里找是否有该跳转路径
chain.doFilter(request, response);
}
else
{
request.setAttribute(MyFinal.REQUEST_JUAGE_MESSAGE, "您没有该菜单的权限!!");
request.getRequestDispatcher("../../showMessage.jsp").forward(request, response);
}
}
}
}