javaweb实现拦截器,拦截所有路径,获取token并验证token是否有效(同一认证接口),返回token解析数据。
在web.xml文件里加入监听类
<filter>
<filter-name>tokenFilter</filter-name>
<filter-class>com.xxx.xxx.xxx.xxx.common.intercept._setAuth</filter-class>
</filter>
<filter-mapping>
<filter-name>tokenFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
监听方法:
public class _setAuth implements Filter
{
@Override
public void init(FilterConfig filterConfig) throws ServletException
{
System.out.println(" init {"+getClass().getName()+"} but actually do nothing.");
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
{
System.out.println("doFilter start ...");
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
String token = httpServletRequest.getHeader("token");
System.out.println("token is : "+token);
System.out.println("session is :::" + JSONObject.fromObject(httpServletRequest.getSession()));
if (StringUtils.isBlank(token))
{
System.out.println("访问失败:token参数错误!");
httpServletResponse.sendRedirect("err.jsp");
}
else
{
String url = "http://xxx/xxx/xxxx/xxxxx";
String requestStr = "{\"token\":\""+token+"\"}";
String responseStr = sendPost(url,requestStr);
httpServletRequest.getSession().setAttribute("tokenResponse", responseStr);
if(org.apache.commons.lang3.StringUtils.isNotBlank(responseStr)&&responseStr.contains("\"success\": true")){
System.out.println("token验证成功:请求跳转!");
chain.doFilter(httpServletRequest, response);
}else{
System.out.println("访问失败:token验证失败!");
httpServletResponse.sendRedirect("err.jsp");
}
}
}
@Override
public void destroy()
{
System.out.println(" destroy "+ getClass().getName() +" but actually do nothing.");
}
/**
* 发送请求方法
* */
public static String sendPost(String url,String request){
String responseStr = "";
URL postURL = null;
HttpURLConnection httpUrl = null;
try {
postURL = new URL(url);
httpUrl = (HttpURLConnection) postURL.openConnection();
httpUrl.setDoInput(true);
httpUrl.setDoOutput(true);
httpUrl.setUseCaches(false);
httpUrl.setRequestProperty("Content-Type", "application/json;chartset=UTF-8");
httpUrl.setRequestProperty("Cache-Control", "");
httpUrl.setRequestProperty("User-Agent", "");
httpUrl.setRequestProperty("Accept", "");
httpUrl.setRequestProperty("Pragma", "");
httpUrl.setRequestMethod("POST");
OutputStreamWriter owwriter = new OutputStreamWriter(httpUrl.getOutputStream(),"utf-8");
owwriter.append(request);
owwriter.flush();
owwriter.close();
if (httpUrl.getResponseCode() == 200) {
//访问成功,这里获取返回的json串并且转为实体类。具体实体类看返回什么自己去定义
InputStream inputStr = httpUrl.getInputStream();
byte[] b = new byte[inputStr.available()];
inputStr.read(b);
responseStr = new String(b);
// JSONObject jsonObject=JSONObject.fromObject(responseStr.replaceAll("\\\\",""));
//(实体类名) bean = (efftiveBean)JSONObject.toBean(jsonObject, 实体类名.class);
inputStr.close();
} else {
System.out.println("调用服务返回码为"+httpUrl.getResponseCode());
}
} catch (Exception e) {
e.printStackTrace();
System.out.println(e);
}
return responseStr;
}
}
网友评论