The usage of adding filter in web login

I won't explain the filter more. You can read what you want to know Bowen , it's very detailed.

First of all, I want to talk about the functions I want to achieve. When the user logs off, although the interface jumps to the login interface, when we enter the main interface address in the address bar, it still jumps to the main interface. I think you want to use session.invalidate(), In this way, it will not jump to the main interface, but the intercepted page is only for the interface that calls the session value. For the page that does not use the session value, it is not intercepted. Entering the address in the address bar can still be a normal page. If you want to avoid this problem, it is a good choice to use the filter.


package com.filter;

import java.util.Enumeration;
import java.util.Vector;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.student.vo.User;
	public class FilterCon implements Filter {
	public void init(FilterConfig config) throws ServletException {
		//String initParam=config.getInitParameter("ref"); / / get the initialization parameter
		//System.out.println("filter initialization" + initParam);
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		HttpServletRequest req=(HttpServletRequest)request;
		HttpServletResponse res=(HttpServletResponse)response;
		String uri=req.getRequestURI();
		if(uri.startsWith("/studentManageSystem/LoginServlet")||uri.startsWith("/studentManageSystem/login.jsp")||uri.startsWith("/studentManageSystem/image")||uri.startsWith("/studentManageSystem/js")){//Release the login page
			chain.doFilter(request, response);
			HttpSession ses=req.getSession();				
			User user=(User)ses.getAttribute("myself");

			chain.doFilter(request, response);
				req.getRequestDispatcher("login.jsp").forward(req, res);
	public void destroy() {
		System.out.println("Filter destruction");


Tags: Session Java JSP

Posted on Sun, 03 May 2020 13:32:39 -0700 by deadoralive