1、可以在项目的web.xml中配置过滤器,对请求进行过滤,在过滤器判断请求是否是越过登录直接输入恶意url地址进行访问的,如果是的话进行处理,不是则放行。
3、<filter-mapping> <filter-name>validateLogin</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>*********过滤器类*******************package com.test.action;import java.io.IOException;
5、public class LoginedCheckInterceptorAction implements Filter {/*** filter过滤非法访问*/@SuppressWarnings("unused")private static final long serialVersionUID = 1L;public void destroy() {}public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
