JAVA语言，JSP，JDBC笔记

/** * Title:业务认证过滤 * Description:业务认证过滤类 * Copyright: Copyright(c) 2005-2008 * Company: fmcc&newland * @author: zhangxw * @version: 1.0 Date: 2006-02-10 */ package com.newland.common.auth.filter; import java.io.IOException; import java.util.Collection; import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.ResourceBundle; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.RequestDispatcher; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import business.jsf.model.OperLoginBean; import business.sys.OperLoginEnv; import com.newland.common.auth.data.AuthInfoForm; import com.newland.common.auth.data.AuthTypeForm; import com.newland.common.auth.jsf.AuthMgr; import com.newland.common.data.CompositeVO; public class AuthFilter implements Filter { private static final String MENU_ID = "menuId"; private static final String OBJECT_TYPE = "object_type"; private static final String AUTH_FLAG = "authFlag"; private static final String USER_NO = "userNo"; private static final String HOME_CITY = "homeCity"; private static final String NOTE = "note"; private static final String H_CITY = "hCity"; private static final String SYS_FUNC_ID = "sysFuncId"; private static final String PASS_FLAG = "passFlag"; private static final String ACCOUNET_FLAG = "accounetFlag"; // 超级密码级别，不做认证类型叠加 private static final String SUPER_PASSWORD_LEVEL = "60"; private static final String AUTH_TYPE_OPTION_SET = "authTypeOptionSet"; private static final String AUTH_TYPE_HIDDEN_SET = "authTypeHiddenSet"; private static final String MSG = "msg"; //提示信息 private static final String memoMsg="memoMsg"; private static final String COMMON_AUTH_PAGE = "/common/authentication/common_auth.jsf"; private static final String TELEPHONE_AUTH_PAGE = "/common/authentication/telephone_auth.jsf"; private static final String SECOND_AUTH_PAGE = "bm_changeSimCard_authentication.jsf";//需二次话单验证 的补换卡页面 private static final String TELEPHONE_AUTH_FLAG = "telephone_auth_flag";//需二次话单验证 的补换卡页面 private static final String AUTH_METHOD = "authMethod"; private static final String CERT_TYPE = "certType";//证件类型 private static final String GROUP_ID = "groupId"; //查询返回的集团编码 private static final String CUSMGR_NAME = "cusMgrName"; //客户经理名字 private static final String CUSMGR_ID = "cusMgrId"; //客户经理工号 private static final String AGENT = "agent"; //代办人名字 private static final String AGENT_CertNo = "agentCertNo"; //代办人证件号码 private static final String NAME = "name"; //客户二代身份证姓名 private static final String BIRTHDAY = "birthday"; //客户二代身份证出生日期 private static final String IC_ADDR = "ic_addr"; //客户二代身份证储存的住址 private static final String NATION = "nation"; //客户二代身份证民族 private static final String VISA_ORG = "visa_org"; //客户二代身份证签发机关 private static final String IC_STARTDATE = "ic_startdate"; //客户二代身份证有效期起始时间 private static final String IC_ENDDATE = "ic_enddate"; //客户二代身份证有效期失效时间 private static final String PICTURE = "picture"; //客户二代身份证照片数据流 // session里面的标志，表示是话单认证的信息--档案修改页面来的 private static final String TELEPHONE_INFO_BRAND = "TELEPHONE_INFO_BRAND"; // session里面的标志，表示是话单认证的信息--补换卡页面来的 private static final String TELEPHONE_INFO_SIM = "TELEPHONE_INFO_SIM"; //"认证方式"，放在request里面供打印使用 private static final String AUTH_TYPE_PRINT = "AUTH_TYPE_PRINT"; private FilterConfig filterConfig; public void init(FilterConfig fconfig) throws ServletException { this.filterConfig = fconfig; } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httprequest = (HttpServletRequest) request; ServletContext servletContext = this.filterConfig.getServletContext(); // 设置uri，每次提交都是同一个uri，当认证成功时，forward到这个uri String uri = httprequest.getRequestURI(); httprequest.setAttribute("uri", uri); // 取得session HttpSession session = httprequest.getSession(true); // 根据请求uri判断是否进行认证 if (uri != null && uri.indexOf("authentication.js") > 0) { // homeCity标志 String homeCityFlag = httprequest.getParameter(H_CITY); httprequest.setAttribute(H_CITY, homeCityFlag); // 跳转页面，默认为用户号码页面 RequestDispatcher requestDispatcher = servletContext .getRequestDispatcher(COMMON_AUTH_PAGE); // 认证标志 String authFlag = null; // 认证方法标志：1、query 2、auth String authMethod = null; // 用户号码 String userNo = null; // 归属地市 String homeCity = null; // 号码类型 String objType = null; // 机构名称 String organName = ""; // 功能号 String sysFuncId = httprequest.getParameter(SYS_FUNC_ID); //话单认证标志 String telephone_auth_flag = httprequest.getParameter(TELEPHONE_AUTH_FLAG); // 用户号码页面和业务认证页面的标志 authMethod = httprequest.getParameter(AUTH_METHOD); // 用户归属地市 OperLoginBean operBean = (OperLoginBean) session .getAttribute("OperLoginBean"); OperLoginEnv operLoginEnv = (OperLoginEnv) session .getAttribute("OperLoginEnv"); // 菜单id，先从页面取，没有的话从session中取。唯一从session中取的机会是点击菜单 String menuId = sysFuncId; if (operBean != null && menuId == null) { menuId = operBean.getCurSysfuncID(); } if (operLoginEnv != null) { organName = operLoginEnv.getOrganName(); } httprequest.setAttribute(MENU_ID, menuId); // 该模块是否有帐户认证的权限标志 boolean accountFlag = canSelectAccount(menuId); httprequest.setAttribute(ACCOUNET_FLAG, "" + accountFlag); // 非跨省认证 if (!"1".equals(homeCityFlag)) { // 由用户号码页面提交的，所有该页面提交的都forward到隐式提交页面(集成了发送短信功能，如果有必要，进行分离) if ("query".equalsIgnoreCase(authMethod) || "note".equalsIgnoreCase(authMethod)) { String hiddenForward = "/common/authentication/common_auth_hidden_submit.jsp"; try { userNo = httprequest.getParameter(USER_NO); homeCity = httprequest.getParameter(HOME_CITY); objType = httprequest.getParameter(OBJECT_TYPE); if (userNo == null || "".equals(userNo)) { // 设置提示信息 httprequest.setAttribute(MSG, "用户号码不能为空！"); } else if ("query".equalsIgnoreCase(authMethod)) { // 根据userNo查询认证类型 AuthMgr authMgr = new AuthMgr();