JavaWeb-10-Filter(过滤器)
1.概述
Filter:用来过滤网站的数据
- 处理中文乱码
- 登录验证
- …
2.编写过滤器
-
创建Filter(javax.servlet下的接口)的实现类
JavaWeb-10-Filter(过滤器)JavaWeb-10-Filter(过滤器) -
过滤器用法(以解决页面乱码为例)
public class CharacterEncodingFilter implements Filter { //初始化,在web服务器启动就已经初始化了 随时等待监听 public void init(FilterConfig filterConfig) throws ServletException { System.out.println("进入CharacterEncodingFilter init 方法"); } /* filterChain 过滤链 (不止一个过滤器) 1.过滤器中的所有代码,再过滤特定请求时都会执行 2.必须要让过滤器继续转接, */ public void doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain) throws IOException, ServletException { req.setCharacterEncoding("utf-8"); resp.setCharacterEncoding("utf-8"); resp.setContentType("text/html;charset=utf-8"); System.out.println("CharacterEncodingFilter执行前"); filterChain.doFilter(req,resp);//将请求继续转接,不写,程序将被拦截停止 System.out.println("CharacterEncodingFilter执行后"); } //销毁 web服务器关闭时销毁 public void destroy() { System.out.println("CharacterEncodingFilter 销毁"); } } -
web.xml的配置
//模拟乱码的servlet 的注册信息,注意给了两条映射 // /show 没有过滤器的路径 // /servlet/show 经过过滤器的路径 <servlet> <servlet-name>show</servlet-name> <servlet-class>com.cmy.servlet.ShowServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>show</servlet-name> <url-pattern>/show</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>show</servlet-name> <url-pattern>/servlet/show</url-pattern> </servlet-mapping> //设置指定路径/servlet/所有路径 通过过滤器 <filter> <filter-name>CharacterEncodingFilter</filter-name> <filter-class>com.cmy.filter.CharacterEncodingFilter</filter-class> </filter> <filter-mapping> <filter-name>CharacterEncodingFilter</filter-name> <url-pattern>/servlet/*</url-pattern> </filter-mapping> -
效果演示
JavaWeb-10-Filter(过滤器)JavaWeb-10-Filter(过滤器)
3.过滤器的应用
在web应用的文件夹下,只要知道路径大多可以直接访问
但是,现在只想让登录了的用户才能访问/sys/content.jsp,其他直接输入该地址的游客都重定向到/error/error.jsp界面,就需要过滤器
实现
- 在登录时,为该登录用户将信息保存至session,这里模拟admin,123456为数据库中的存在用户
//Constant.USER_SESSION 为常量类的USER_SESSION属性 "USER_SESSION" 为了修改方便 public class LoginServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String username = req.getParameter("username"); String password = req.getParameter("password"); if (username.equals("admin")&&password.equals("123456")){ req.getSession().setAttribute(Constant.USER_SESSION,req.getSession().getId()); resp.sendRedirect("/sys/content.jsp"); }else { resp.sendRedirect("/error/error.jsp"); } } @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { doGet(req, resp); } } - 为/sys/*的访问设置过滤器,保证用户必须要有Constant.USER_SESSION属性(登录过才有),否则重定向到错误界面
public class SysFilter implements Filter { public void init(FilterConfig filterConfig) throws ServletException { } public void doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) resp; if (request.getSession().getAttribute(Constant.USER_SESSION)==null){ response.sendRedirect("/error/error.jsp"); } filterChain.doFilter(request,response); } public void destroy() { } } - 在web.xml注册过滤器,所有访问/sys/*的请求,都将进入SysFilter.java,精选过滤判断,游客将被重定向,登录过拥有session属性的可以直接访问
<filter> <filter-name>SysFilter</filter-name> <filter-class>com.cmy.filter.SysFilter</filter-class> </filter> <filter-mapping> <filter-name>SysFilter</filter-name> <url-pattern>/sys/*</url-pattern> </filter-mapping>