怎么防止java流程防绕过

1、可以在项目的web.xml中配置过滤器，对请求进行过滤，在过滤器判断请求是否是越过登录直接输入恶意url地址进行访问的，如果是的话进行处理，不是则放行。

2、************web.xml配置************<filter> <filter-name>validateLogin</filter-name> <filter-class>com.test.action.LoginedCheckInterceptorAction</filter-class> </filter>

3、<filter-mapping> <filter-name>validateLogin</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>*********过滤器类*******************package com.test.action;import java.io.IOException;

4、import javax.servlet.Filter;import javax.servlet.F足毂忍珩ilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;/*** filter过滤访问路径* @author *****/

5、public class Logi艘绒庳焰nedCheckInterceptorAction implements Filter {/忮氽阝另*** filter过滤非法访问*/@SuppressWarnings("unused")private static final long serialVersionUID = 1L;public void destroy() {}public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {