使用filter过滤器实现简单用户登录验证（不用配置web.xml文件）

一、filter过滤器的作用

• 如果想要获取中文字符，或者是显示提交的中文，就需要添加以下代码，来防止乱码的情况发生。

request.setCharacterEncoding("utf-8");
response.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=utf-8");

• 如果只是设置一个页面的情况，上述方法是可以实现的。但是，要是很多个页面要显示中文的话，上述方法就过于繁琐。这种情况下要实现显示中文的功能，就要用到filter过滤器。这样就实现了，一处编码，到处执行的用途。

二、实现简单用户登录验证

• （1）登录界面：login.jsp文件

<%@ page language="java" contentType="text/html; charset=utf-8"
    pageEncoding="utf-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Insert title here</title>
</head>
<body>
<form action="LoginServlet" method="post"> 
      用户名：<input type="text" name="username"/><br/>
      密码：<input type="password"  name="pwd"/><br/>
      <input type="submit" value="提交"/>
      
      
</form>

<a href="result1.jsp">验证登录</a>
</body>
</html>

• （2）servlet交互文件：LoginServlet.java

package com.filter.servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * Servlet implementation class LoginServlet
 */
@WebServlet("/LoginServlet")
public class LoginServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;
       
    /**
     * @see HttpServlet#HttpServlet()
     */
    public LoginServlet() {
        super();
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		
		System.out.println("进入servlet......");
		String username = request.getParameter("username");
		String pwd = request.getParameter("pwd");
		
		//获取Session
		HttpSession session = request.getSession();
		
		//验证用户名和密码是否有效
		
		//将用户名放入session    并且设置名称为uname(在过滤器中获取时，直接获取uname)
		session.setAttribute("uname",username);
		//设定session的有效期
		session.setMaxInactiveInterval(10);
		
		//将获取的用户名和密码打印在页面上
		response.getWriter().print("用户名："+username);
		response.getWriter().print("
");
		response.getWriter().print("密码："+pwd);
		
		System.out.println("退出servlet......");
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		doGet(request, response);
	}

}

• （3）filter过滤器文件：LoginFilter.java

package com.filter.servlet;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.annotation.WebInitParam;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * Servlet Filter implementation class LoginFilter
 */
//设置不被过滤的信息
@WebFilter(filterName="LoginFilter",
     urlPatterns = "/*",
     initParams = {
    	@WebInitParam(name="noFilterUrl",value
    			="login.jsp,LoginServlet")	 
     })
public class LoginFilter implements Filter {
	
	//定义一个字符串数组
	private String[] noFilter;
    /**
     * Default constructor. 
     */
    public LoginFilter() {
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see Filter#destroy()
	 */
	public void destroy() {
		// TODO Auto-generated method stub
	}

	/**
	 * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
	 */
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		// TODO Auto-generated method stub
		// place your code here
		
		HttpServletRequest req = (HttpServletRequest)request;
		HttpServletResponse resp = (HttpServletResponse) response;
		
		//获取用户的session
		HttpSession session = req.getSession();
		//session是用来保存服务端的用户信息
		String username =(String) session.getAttribute("uname");
	    if(username != null) {
	    	chain.doFilter(request, response);
	    }
	    else {
	    	//用户没有登录
	    	
	    	String url = req.getRequestURI();//获取用户请求地址
	    	for(String temp : noFilter) {
	    	if(url.indexOf(temp)!= -1){
	    		chain.doFilter(request, response);
	    		return ;
	    	}
	    	
	      }
	    resp.sendRedirect("login.jsp");
	    }
		
		
	}

	/**
	 * @see Filter#init(FilterConfig)
	 */
	public void init(FilterConfig fConfig) throws ServletException {
		// TODO Auto-generated method stub
		//使用字符分割函数，对noFilter进行赋值
		noFilter = fConfig.getInitParameter("noFilterUrl").split(",");
	}

}

• （4）验证结果文件：result.jsp文件

<%@ page language="java" contentType="text/html; charset=utf-8"
    pageEncoding="utf-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Insert title here</title>
</head>
<body>
       用户名：${uname}
</body>
</html>