1단계 - 로그인 검사 및 유도를 수행하는 필터를 만든다.
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.bitcamp.board.domain.Member;
@WebFilter("*")
public class LoginCheckFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("LoginCheckFilter.init() 실행!");
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
System.out.println("LoginCheckFilter.doFilter() 실행!");
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
String servletPath = httpRequest.getServletPath();
if (servletPath.endsWith("add") ||
servletPath.endsWith("update") ||
servletPath.endsWith("delete")) {
Member loginMember = (Member) httpRequest.getSession().getAttribute("loginMember");
if (loginMember == null) {
httpResponse.sendRedirect(httpRequest.getContextPath() + "/auth/form.jsp");
return;
}
}
chain.doFilter(request, response);
}
}
.endsWith("");
String타입으로 인자를 받으며 해당 Srting 객체가
인자로 전달된 String으로 끝난다면 true를 리턴하고 그렇지 않으면 false 리턴
2단계 - 관리자 여부를 검사하는 필터를 만든다.
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.bitcamp.board.domain.Member;
@WebFilter("/member/*")
public class AdminCheckFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("AdminCheckFilter.init() 실행!");
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
System.out.println("AdminCheckFilter.doFilter() 실행!");
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
Member loginMember = (Member) httpRequest.getSession().getAttribute("loginMember");
if (loginMember == null ||
!loginMember.getEmail().equals("admin@test.com")) { // 관리자가 아니라면
httpResponse.sendRedirect(httpRequest.getContextPath() + "/");
return;
}
chain.doFilter(request, response);
}
}