过滤器做单点登录（包括后登录用户将之前用户挤出，防止url键入操作，已登录用户重操作其他不用再次输入用户名和密码）

package com.jcrb.util;

import javax.servlet.FilterChain;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;

import com.jcrb.dao.CommonDAO;
import com.jcrb.pojo.SysUser;

//马上就要离职了，最后时刻必须完成自己以前所有的任务，不然走都不会安心

//电脑上面的时间已经显示22:04分，呵呵，说实话在公司基本没加过班啊

//太轻松反而更累（对未来的……），

public class FilterDispatcher extends StrutsPrepareAndExecuteFilter {
 private static CommonDAO commonDAO;
 private static ApplicationContext app;
 public FilterDispatcher(){//初始化一次加快速度(若在isSsolhf方法里面用时初始化将是非常非常的慢)
  if(app==null)app=new ClassPathXmlApplicationContext("applicationContext.xml");
 }
 public void doFilter(ServletRequest req, ServletResponse res,
   FilterChain chain) {
  HttpServletRequest request = (HttpServletRequest) req;
  HttpServletResponse response = (HttpServletResponse) res;
  String uri = request.getRequestURI();
  String root = request.getContextPath();
  String[] extension={"js","css","png","jpg","gif","img.jsp"};
  for (int i = 0; i < extension.length; i++) {
   if(uri.endsWith(extension[i])){
    try {
     chain.doFilter(req, res);
     return;
    } catch (Exception e) {
     e.printStackTrace();
    }
   }
  }
   
   if (isCanAccess(request, uri, root)) {
   boolean b=isSsolhf(request);//若和数据库中的Sessionid相等着验证通过
   if(b==false){
    System.out.println("已登录");
    try {
     response.sendRedirect("http://localhost/yqjc/login.html");
     return;//sendRedirect()后面的代码会执行完才跳转，故要加上return
    } catch (Exception e) {
     e.printStackTrace();
    }
   }
   System.out.println("ok");
   try {
    super.doFilter(req, res,chain);
   } catch (Exception e) {
    e.printStackTrace();
   }
   
   
  } else {
    try {
     response.sendRedirect("login.html");
    
    } catch (Exception e) {
    
     e.printStackTrace();
    }
   }
  
 }

 
 private boolean isCanAccess(HttpServletRequest request, String uri,
   String root) {
  SysUser user =  (SysUser) request.getSession().getAttribute("user");
  
  if (user == null) {
   if(uri.endsWith("/login")|| uri.endsWith("login.html")) return true;
   return false;
  }
  return true;

 }
 //单点登录(天啊，弄了一整天的东西，只要改一点儿就Ok了（构造方法里面初始化、加快速度），呜呜呜……)
 private boolean isSsolhf(HttpServletRequest request){
  boolean b=true;
  System.out.println("ss0");
  String uri=request.getRequestURI();
  System.out.println(!uri.endsWith("/login")&&!uri.endsWith("login.html"));
  if(!uri.endsWith("/login")&&!uri.endsWith("login.html")){//用户进行其他操作的话
    HttpSession session=request.getSession();
    //当前用户的sessionid
    String sid1=session.getId();System.out.println("sid1:"+sid1);
    if(session.getAttribute("user")!=null){
     SysUser user=(SysUser)session.getAttribute("user");
     //此时查询数据库获取实时的sessionId
     if(commonDAO==null)commonDAO=CommonDAO.getFromApplicationContext(app);
    user=(SysUser)commonDAO.findById(SysUser.class,user.getUserid());
     String sid2=user.getSessionid();//数据库中的sessionid
     System.out.println("sid2:"+sid2);
    //比较该用户的SessionId和数据库里是否一致
     if(!sid1.equals(sid2))b=false;
    }
   }
  return b;
 }
}