我们如何使用Servlet过滤器进行会话检查?

时间:2015-07-14 10:03:47

标签: java servlets

我是java的新手。我尝试使用Servlet过滤器进行会话检查。我的代码如下。但是我跑步时遇到了错误。请帮助纠正错误。错误代码是

 HTTP Status 500 - Cannot forward after response has been committed
type Exception report

message Cannot forward after response has been committed

description The server encountered an internal error that prevented it from fulfilling this request.

我的代码是

我的web.xml 

    <servlet>
            <servlet-name>login</servlet-name>
            <servlet-class>com.sample.wordnik.servlet.LoginServlet</servlet-class>
        </servlet>
        <welcome-file-list>
            <welcome-file>index.html</welcome-file>
        </welcome-file-list>
        <servlet-mapping>
        <servlet-name>login</servlet-name>
        <url-pattern>/login</url-pattern>
    </servlet-mapping>
<filter>
        <filter-name>SessionFilter</filter-name>
        <filter-class>
            com.sample.wordnik.filter.SessionFilter
        </filter-class>
        <init-param>
            <param-name>avoid-urls</param-name>
            <param-value>login.jsp,signup.jsp</param-value>

        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>SessionFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
</web-app>

我的Filter类是

import java.io.IOException;
import java.util.ArrayList;
import java.util.StringTokenizer;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class SessionFilter implements Filter {

    private ArrayList<String> urlList;

    @Override
    public void destroy() {
    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse res,
            FilterChain chain) throws IOException, ServletException {

        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;
        String url = request.getServletPath();
        boolean allowedRequest = false;

        if(urlList.contains(url)) {
            allowedRequest = true;
        }

        if (!allowedRequest) {
            HttpSession session = request.getSession(false);
            if (null == session) {
                response.sendRedirect("login");
            }
        }

        chain.doFilter(req, res);
    }

    @Override
    public void init(FilterConfig config) throws ServletException {
        String urls = config.getInitParameter("avoid-urls");
        StringTokenizer token = new StringTokenizer(urls, ",");

               urlList = new ArrayList<String>();


        while (token.hasMoreTokens()) {
            urlList.add(token.nextToken());

        }
    }
}

我的LoginServlet是

public class LoginServlet extends HttpServlet {

    @Override
    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response);
}
}

1 个答案:

答案 0 :(得分:1)

问题是您已使用login page将用户重定向到response.sendRedirect("login")以获取无效会话。但是,在重定向chain.doFilter(req, res)后,您还尝试继续使用请求链。

尝试在此处使用return关键字:

if (null == session) {
    response.sendRedirect("login");
    return; // added
}
相关问题
最新问题