Filer

Filter

对与url匹配的所有的请求进行拦截

单个过滤器

示例1:

拦截所有的请求,比如:http://localhost:8080/bb/fds、http://localhost:8080/b、http://localhost:8080/a.jsp……

@WebFilter(urlPatterns = "/*")
public class AuthFilter implements Filter {
    public void destroy() {
        System.out.println("destroy");
    }

    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
        System.out.println("do11");
        chain.doFilter(req, resp);
        System.out.println("do22");
    }

    public void init(FilterConfig config) throws ServletException {
        System.out.println("init");
    }

}

示例2:

拦截以aa开始的所有的请求,比如:http://localhost:8080/aa/fds、http://localhost:8080/aa/b.jsp,但不能拦截http://localhost:8080/bb/aa

@WebFilter(urlPatterns = "/aa/*")
public class AuthFilter implements Filter {
    public void destroy() {
        System.out.println("destroy");
    }

    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
        System.out.println("do11");
        chain.doFilter(req, resp);
        System.out.println("do22");
    }

    public void init(FilterConfig config) throws ServletException {
        System.out.println("init");
    }

}

示例2:

拦截以aa或bb开始的所有的请求,比如:http://localhost:8080/aa/fds、http://localhost:8080/bb/b.jsp

@WebFilter(urlPatterns = {"/aa/*","/bb/*"})
public class AuthFilter implements Filter {
    public void destroy() {
        System.out.println("destroy");
    }

    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
        System.out.println("do11");
        chain.doFilter(req, resp);
        System.out.println("do22");
    }

    public void init(FilterConfig config) throws ServletException {
        System.out.println("init");
    }

}

示例3:基于Filter与Session的用户登录判断

  • 项目目录结构
    Filer_第1张图片

  • aa.html

    <!DOCTYPE html>
    <html lang="en">
    <head>
        <meta charset="UTF-8">
        <title>机密文件</title>
    </head>
    <body>
        登录之后才能访问的页面
    </body>
    </html>
    
  • bb.png
    一张普通的图片

  • login.jsp

    <%@ page contentType="text/html;charset=UTF-8" language="java" %>
    <html>
    <head>
        <title>logintitle>
    head>
    <body>
        <form action="/loginServlet" method="post">
            用户名:<input type="text" name="uname"><br>
            密码:<input type="password" name="upwd"><br>
            <input type="submit">
        form>
    body>
    html>
    
  • LoginServlet.java

    @WebServlet(urlPatterns = "/loginServlet")
    public class LoginServlet extends HttpServlet {
        protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            String uname = request.getParameter("uname");
            String upwd = request.getParameter("upwd");
    
            if ("zhangsan".equals(uname) && "1234".equals(upwd)) {//如果登录成功
                HttpSession session = request.getSession(); //获取Session
                session.setMaxInactiveInterval(30*60); //设置session的有效时间为60s
                session.setAttribute("user",uname);//将用户信息放到Session中
    
                Object aim = request.getSession().getAttribute("aim");//Filter拦截的url
                System.out.println("*** "+aim);
    
                request.getRequestDispatcher(aim.toString()).forward(request, response);
            }
        }
    }
    
  • AuthFilter.java

    @WebFilter(urlPatterns = "/sec/*")
    public class AuthFilter implements Filter {
        public void destroy() {
        }
    
        public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
            HttpServletRequest request = (HttpServletRequest) req;
            HttpServletResponse response = (HttpServletResponse) resp;
    
            String aim = request.getRequestURI();
            String queryString = request.getQueryString();
            if (queryString != null) {
                aim += "?" + queryString;
            }
            HttpSession session = request.getSession();
    
            session.setAttribute("aim", aim);
    
            Object user = session.getAttribute("user");
            if (user == null) { //如果用户没有登录,跳转到登录页面
                request.getRequestDispatcher("/login.jsp").forward(request, response);
                return; //如果有过滤器链,不再执行后面的过滤器
            }
            chain.doFilter(req, resp);
            System.out.println("haha");
        }
    
        public void init(FilterConfig config) throws ServletException {
    
        }
    
    }
    
  • DemoServlet.java

    @WebServlet(urlPatterns = "/sec/demoServlet")
    public class DemoServlet extends HttpServlet {
        @Override
        protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
            doGet(req,resp);
        }
        @Override
        protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            request.getRequestDispatcher("/WEB-INF/sec/aa.html").forward(request,response);
        }
    }
    
  • DemoServlet2.java

    @WebServlet(urlPatterns = "/sec/demoServlet2")
    public class DemoServlet2 extends HttpServlet {
        @Override
        protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            request.getRequestDispatcher("/WEB-INF/sec/bb.png").forward(request,response);
        }
    
        @Override
        protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
            doGet(req,resp);
        }
    }
    
  • 运行

  1. 请求http://localhost:8080/sec/demoServlet2,进入用户登录页面
    Filer_第2张图片
  2. 输入用户名密码,单击按钮,结果:
    Filer_第3张图片

过滤器链

示例1:

  • EmojiFilter

    @WebFilter(urlPatterns = "/*")
    public class EmojiFilter implements Filter {
        public void destroy() {
            System.out.println("EmojiFilter destroy");
        }
    
        public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
            System.out.println("EmojiFilter doFilter before");
            chain.doFilter(req, resp);
            System.out.println("EmojiFilter doFilter after");
        }
    
        public void init(FilterConfig config) throws ServletException {
            System.out.println("EmojiFilter init");
        }
    
    }
    
  • HtmlFilter

    @WebFilter(urlPatterns = "/*")
    public class HtmlFilter implements Filter {
        public void destroy() {
            System.out.println("HtmlFilter destroy");
        }
    
        public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
            System.out.println("HtmlFilter doFilter before");
            chain.doFilter(req, resp);
            System.out.println("HtmlFilter doFilter after");
        }
    
        public void init(FilterConfig config) throws ServletException {
            System.out.println("HtmlFilter init");
        }
    
    }
    
  • SensitiveFilter

    @WebFilter(urlPatterns = "/*")
    public class SensitiveFilter implements Filter {
        public void destroy() {
            System.out.println("SensitiveFilter destroy");
        }
    
        public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
            System.out.println("SensitiveFilter doFilter before");
            chain.doFilter(req, resp);
            System.out.println("SensitiveFilter doFilter after");
        }
    
        public void init(FilterConfig config) throws ServletException {
            System.out.println("SensitiveFilter init");
        }
    
    }
    
  • DemoServlet

    @WebServlet(urlPatterns = "/demoServlet")
    public class DemoServlet extends HttpServlet {
        @Override
        protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            System.out.println("hahaha......");
        }
    }
    

运行:在浏览器中请求http://localhost:8080/demoServlet,控制台输出结果:
Filer_第4张图片

你可能感兴趣的:(JSP与Servlet)