Can you help me implement a filter access control in java?
This was the implementation I tried to do so far, but I could not get it to work.
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
String uri = req.getRequestURI();
String usuario = getUsuario(req);
if((usuario != null)
||(req.getRequestURI().endsWith("/WEB-INF/adm.jsp"))
||(req.getRequestURI().endsWith("/WEB-INF/alterar.jsp"))){
}else{
req.getRequestDispatcher("index.html").forward(request, response);
}
chain.doFilter(request, response);
}
private String getUsuario(HttpServletRequest req) {
Usuario usuario = (Usuario) req.getSession().getAttribute("usuarioLogado");
if(usuario==null)
return "<deslogado>";
return usuario.getUsuario();
}
My filter is configured as follows:
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
String uri = req.getRequestURI();
String usuario = getUsuario(req);
if((usuario != null)||(req.getRequestURI().endsWith("/adm.jsp"))){
}else{
req.getRequestDispatcher("index.jsp").forward(request, response);
}
System.out.println("Usuario " + usuario + " acessando a URI " + uri);
/**eliminando o cache dos formularios*/
HttpServletResponse httpResponse = (HttpServletResponse)response;
httpResponse.setHeader("Cache-Control","no-cache, no-store, must-revalidate");
httpResponse.setHeader("Pragma","no-cache");
httpResponse.setDateHeader("Expires", 0);
request.setCharacterEncoding("UTF-8");
chain.doFilter(request, response);
}
private String getUsuario(HttpServletRequest req) {
Usuario usuario = (Usuario) req.getSession().getAttribute("usuarioLogado");
if(usuario==null)
return "<deslogado>";
return usuario.getUsuario();
}
}