JavaWeb 入門篇(6.1) 過濾器 實作字元過濾器 實作模拟權限攔截
Filter(過濾器) 概述
- 過濾器是一個對象,它對對資源(Servlet或靜态内容)的請求或對資源的響應或兩者都執行過濾任務。
-
過濾器在doFilter方法中執行過濾。 每個過濾器都可以通路一個FilterConfig對象,從中可以擷取其初始化參數,還可以通路ServletContext,例如,它可以用于加載過濾任務所需的資源。
在Web應用程式的部署描述符中配置過濾器。
- JavaWeb中的應用場景:
- 權限過濾
- 字元編碼設定
- 資料加密過濾器
- 過濾垃圾請求
- 等等 還有不少勒
- 過濾器可以寫多個,形成一個過濾器鍊。每個過濾器的作用都可以不一樣。一層一層判斷。
流程圖:
一、過濾器(Filter)實作字元編碼設定為UTF-8
使用過濾器設定字元編碼
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import java.io.IOException;
/**
* @author crush
*/
@WebFilter("/*")
public class CharacterEncodingTest implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
// filter的生命周期
System.out.println("Filter初始化");
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=utf-8");
System.out.println("過濾前");
chain.doFilter(request,response);
System.out.println("過濾後");
}
@Override
public void destroy() {
System.out.println("Filter銷毀");
}
}
測試:
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
/**
* @author Adimi
*/
@WebServlet("/filter")
public class FilterTest extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String username = req.getParameter("username");
PrintWriter writer = resp.getWriter();
writer.print(username);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
super.doPost(req, resp);
}
}
可以看到過濾器是生效的。
二、Filter 實作權限攔截
登入的表單頁面
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>login</title>
</head>
<body>
<c:if test="${cuowu!=null}">
${cuowu}
</c:if>
<form action="${pageContext.request.contextPath}/login" method="post">
使用者名:<input name="username" type="text">
密碼:<input name="password" type="password">
<input type="submit" value="Login">
</form>
</body>
</html>
User類(使用者類)
/**
* @author crush
*/
@Data /** get set 方法 */
@AllArgsConstructor /** 全參構造 */
@NoArgsConstructor /** 無參構造 */
@ToString /** toString方法 */
public class User {
private String username;
private String password;
}
此處使用了Lombok,類上面的幾個注解代替了原來的幾個方法。看起來比較簡潔。
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;
/**
* @author crush
*/
@WebServlet("/login")
public class Login extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req,resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// 開啟session
HttpSession session = req.getSession();
// 擷取登入的參數
String username = req.getParameter("username");
String password=req.getParameter("password");
PrintWriter writer = resp.getWriter();
// 判斷使用者名和密碼是否正确
if(username.equals("user")&&password.equals("123456")){
// 存session
session.setAttribute("user",new User(username,password));
// 設定session的時間
session.setMaxInactiveInterval(200);
writer.print(username+" 恭喜你登入成功!!!");
}
else{
System.out.println("賬号或密碼錯誤");
resp.sendRedirect("/login.jsp");
}
}
}
過濾器:
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* @author Adimi
* @WebFilter("/user/*")
* /user/* 的意思是過濾/user/下的所有請求
* 例如:/user/1 、/user/main2 .... /user/xxx 等等 都會經過這個過濾器
*/
@WebFilter("/user/*")
public class UserFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("初始化");
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest=(HttpServletRequest)request;
HttpSession session = ((HttpServletRequest) request).getSession();
User user =(User) session.getAttribute("user");
if(user!=null){
chain.doFilter(request,response);
}
else{
request.setAttribute("cuowu","檢測到您還沒有登入,無法通路,請登入後再通路!!!");
request.getRequestDispatcher("/login.jsp").forward(request,response);
}
}
@Override
public void destroy() {
System.out.println("銷毀");
}
}
測試的Servlet:
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
/**
* @author crush
*/
@WebServlet("/user/main")
public class Main extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
PrintWriter writer = resp.getWriter();
writer.print("恭喜你做出了登入過濾的小Demo!!!");
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
super.doPost(req, resp);
}
}
自言自語
簡單的一次記錄。
看完不給我點給贊,你還想逃嗎?不存在的。
留下你來過的足迹,一起學習。