세션 유무를 확인하는 필터이다.

web.xml 에 필터 설정하면 되고 avoidUrls 는 , (comma) 를 구분자로 복수개 기술하면 된다. 

package filter;
 
import java.io.IOException;
import java.util.ArrayList;
import java.util.StringTokenizer;
 
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
 
public class SessionFilter implements Filter
{
  private ArrayList urlList;
 
  public void destroy()
  {
  }
 
  public void doFilter(ServletRequest req, ServletResponse res,
      FilterChain chain) throws IOException, ServletException
  {
 
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) res;
    String url = request.getServletPath();
 
    if ( urlList.contains(url) )
    {
      chain.doFilter(req, res);
    }
    else
    {
      HttpSession session = request.getSession(false);
 
      if ( session == null || session.getAttribute("userId") == null )
      {
        //System.out.println("## Filter Session Null - " + url);
        response.sendRedirect("/index.jsp");
      }
      else
      {
        chain.doFilter(req, res);
      }
    }
  }
 
  public void init(FilterConfig config) throws ServletException
  {
    String urls = config.getInitParameter("avoidUrls");
    StringTokenizer token = new StringTokenizer(urls, ",");
 
    urlList = new ArrayList();
 
    while ( token.hasMoreTokens() )
    {
      urlList.add(token.nextToken());
    }
  }
}