JavaWeb-10-Filter(過濾器)
1.概述
Filter:用來過濾網站的資料
- 進行中文亂碼
- 登入驗證
- …
2.編寫過濾器
-
建立Filter(javax.servlet下的接口)的實作類
JavaWeb-10-Filter(過濾器)JavaWeb-10-Filter(過濾器) -
過濾器用法(以解決頁面亂碼為例)
public class CharacterEncodingFilter implements Filter { //初始化,在web伺服器啟動就已經初始化了 随時等待監聽 public void init(FilterConfig filterConfig) throws ServletException { System.out.println("進入CharacterEncodingFilter init 方法"); } /* filterChain 過濾鍊 (不止一個過濾器) 1.過濾器中的所有代碼,再過濾特定請求時都會執行 2.必須要讓過濾器繼續轉接, */ public void doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain) throws IOException, ServletException { req.setCharacterEncoding("utf-8"); resp.setCharacterEncoding("utf-8"); resp.setContentType("text/html;charset=utf-8"); System.out.println("CharacterEncodingFilter執行前"); filterChain.doFilter(req,resp);//将請求繼續轉接,不寫,程式将被攔截停止 System.out.println("CharacterEncodingFilter執行後"); } //銷毀 web伺服器關閉時銷毀 public void destroy() { System.out.println("CharacterEncodingFilter 銷毀"); } } -
web.xml的配置
//模拟亂碼的servlet 的注冊資訊,注意給了兩條映射 // /show 沒有過濾器的路徑 // /servlet/show 經過過濾器的路徑 <servlet> <servlet-name>show</servlet-name> <servlet-class>com.cmy.servlet.ShowServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>show</servlet-name> <url-pattern>/show</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>show</servlet-name> <url-pattern>/servlet/show</url-pattern> </servlet-mapping> //設定指定路徑/servlet/所有路徑 通過過濾器 <filter> <filter-name>CharacterEncodingFilter</filter-name> <filter-class>com.cmy.filter.CharacterEncodingFilter</filter-class> </filter> <filter-mapping> <filter-name>CharacterEncodingFilter</filter-name> <url-pattern>/servlet/*</url-pattern> </filter-mapping> -
效果示範
JavaWeb-10-Filter(過濾器)JavaWeb-10-Filter(過濾器)
3.過濾器的應用
在web應用的檔案夾下,隻要知道路徑大多可以直接通路
但是,現在隻想讓登入了的使用者才能通路/sys/content.jsp,其他直接輸入該位址的遊客都重定向到/error/error.jsp界面,就需要過濾器
實作
- 在登入時,為該登入使用者将資訊儲存至session,這裡模拟admin,123456為資料庫中的存在使用者
//Constant.USER_SESSION 為常量類的USER_SESSION屬性 "USER_SESSION" 為了修改友善 public class LoginServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String username = req.getParameter("username"); String password = req.getParameter("password"); if (username.equals("admin")&&password.equals("123456")){ req.getSession().setAttribute(Constant.USER_SESSION,req.getSession().getId()); resp.sendRedirect("/sys/content.jsp"); }else { resp.sendRedirect("/error/error.jsp"); } } @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { doGet(req, resp); } } - 為/sys/*的通路設定過濾器,保證使用者必須要有Constant.USER_SESSION屬性(登入過才有),否則重定向到錯誤界面
public class SysFilter implements Filter { public void init(FilterConfig filterConfig) throws ServletException { } public void doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) resp; if (request.getSession().getAttribute(Constant.USER_SESSION)==null){ response.sendRedirect("/error/error.jsp"); } filterChain.doFilter(request,response); } public void destroy() { } } - 在web.xml注冊過濾器,所有通路/sys/*的請求,都将進入SysFilter.java,精選過濾判斷,遊客将被重定向,登入過擁有session屬性的可以直接通路
<filter> <filter-name>SysFilter</filter-name> <filter-class>com.cmy.filter.SysFilter</filter-class> </filter> <filter-mapping> <filter-name>SysFilter</filter-name> <url-pattern>/sys/*</url-pattern> </filter-mapping>