对与url匹配的所有的请求进行拦截
拦截所有的请求,比如:http://localhost:8080/bb/fds、http://localhost:8080/b、http://localhost:8080/a.jsp……
@WebFilter(urlPatterns = "/*")
public class AuthFilter implements Filter {
public void destroy() {
System.out.println("destroy");
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
System.out.println("do11");
chain.doFilter(req, resp);
System.out.println("do22");
}
public void init(FilterConfig config) throws ServletException {
System.out.println("init");
}
}
拦截以aa开始的所有的请求,比如:http://localhost:8080/aa/fds、http://localhost:8080/aa/b.jsp,但不能拦截http://localhost:8080/bb/aa
@WebFilter(urlPatterns = "/aa/*")
public class AuthFilter implements Filter {
public void destroy() {
System.out.println("destroy");
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
System.out.println("do11");
chain.doFilter(req, resp);
System.out.println("do22");
}
public void init(FilterConfig config) throws ServletException {
System.out.println("init");
}
}
拦截以aa或bb开始的所有的请求,比如:http://localhost:8080/aa/fds、http://localhost:8080/bb/b.jsp
@WebFilter(urlPatterns = {"/aa/*","/bb/*"})
public class AuthFilter implements Filter {
public void destroy() {
System.out.println("destroy");
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
System.out.println("do11");
chain.doFilter(req, resp);
System.out.println("do22");
}
public void init(FilterConfig config) throws ServletException {
System.out.println("init");
}
}
aa.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>机密文件</title>
</head>
<body>
登录之后才能访问的页面
</body>
</html>
bb.png
一张普通的图片
login.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>logintitle>
head>
<body>
<form action="/loginServlet" method="post">
用户名:<input type="text" name="uname"><br>
密码:<input type="password" name="upwd"><br>
<input type="submit">
form>
body>
html>
LoginServlet.java
@WebServlet(urlPatterns = "/loginServlet")
public class LoginServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String uname = request.getParameter("uname");
String upwd = request.getParameter("upwd");
if ("zhangsan".equals(uname) && "1234".equals(upwd)) {//如果登录成功
HttpSession session = request.getSession(); //获取Session
session.setMaxInactiveInterval(30*60); //设置session的有效时间为60s
session.setAttribute("user",uname);//将用户信息放到Session中
Object aim = request.getSession().getAttribute("aim");//Filter拦截的url
System.out.println("*** "+aim);
request.getRequestDispatcher(aim.toString()).forward(request, response);
}
}
}
AuthFilter.java
@WebFilter(urlPatterns = "/sec/*")
public class AuthFilter implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
String aim = request.getRequestURI();
String queryString = request.getQueryString();
if (queryString != null) {
aim += "?" + queryString;
}
HttpSession session = request.getSession();
session.setAttribute("aim", aim);
Object user = session.getAttribute("user");
if (user == null) { //如果用户没有登录,跳转到登录页面
request.getRequestDispatcher("/login.jsp").forward(request, response);
return; //如果有过滤器链,不再执行后面的过滤器
}
chain.doFilter(req, resp);
System.out.println("haha");
}
public void init(FilterConfig config) throws ServletException {
}
}
DemoServlet.java
@WebServlet(urlPatterns = "/sec/demoServlet")
public class DemoServlet extends HttpServlet {
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req,resp);
}
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
request.getRequestDispatcher("/WEB-INF/sec/aa.html").forward(request,response);
}
}
DemoServlet2.java
@WebServlet(urlPatterns = "/sec/demoServlet2")
public class DemoServlet2 extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
request.getRequestDispatcher("/WEB-INF/sec/bb.png").forward(request,response);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req,resp);
}
}
运行
EmojiFilter
@WebFilter(urlPatterns = "/*")
public class EmojiFilter implements Filter {
public void destroy() {
System.out.println("EmojiFilter destroy");
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
System.out.println("EmojiFilter doFilter before");
chain.doFilter(req, resp);
System.out.println("EmojiFilter doFilter after");
}
public void init(FilterConfig config) throws ServletException {
System.out.println("EmojiFilter init");
}
}
HtmlFilter
@WebFilter(urlPatterns = "/*")
public class HtmlFilter implements Filter {
public void destroy() {
System.out.println("HtmlFilter destroy");
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
System.out.println("HtmlFilter doFilter before");
chain.doFilter(req, resp);
System.out.println("HtmlFilter doFilter after");
}
public void init(FilterConfig config) throws ServletException {
System.out.println("HtmlFilter init");
}
}
SensitiveFilter
@WebFilter(urlPatterns = "/*")
public class SensitiveFilter implements Filter {
public void destroy() {
System.out.println("SensitiveFilter destroy");
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
System.out.println("SensitiveFilter doFilter before");
chain.doFilter(req, resp);
System.out.println("SensitiveFilter doFilter after");
}
public void init(FilterConfig config) throws ServletException {
System.out.println("SensitiveFilter init");
}
}
DemoServlet
@WebServlet(urlPatterns = "/demoServlet")
public class DemoServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
System.out.println("hahaha......");
}
}