Web应用开发: JSP语法编程实践(六)：Filter和Listener编程实践

一、实验内容

1、Filter的理解和应用
实现一个禁止缓存的过滤器。
要求和提示：
（1）禁止浏览器缓存所有动态页面；
（2）有3个http响应头字段可以禁止浏览器缓存当前页面，它们在Servlet中的示例代码如下。
response.setDateHeader("Expires",-1);
response.setHeader("Cache-Control","no-cache");
response.setHeader("Pragma","no-cache");
（3）并不是所有的浏览器都能完全支持上面的3个响应头，因此最好是同时使用上面的3个响应头。
2、Filter的理解和应用
设计一个简单的IP地址过滤器，根据用户的IP地址进行网站的访问控制。例如：禁止IP地址处在192.168.2网段的用户对网站的访问。
3、Listener的理解和应用
通过监听器记录在线用户的姓名，在页面进行用户姓名的显示，同时实现对某个用户的强制下线功能。

二、实验要求

源代码和测试截图（均直接输入到答题框中）

三、实验原理

过滤器原理

直白的说，就是这幅图
对应的是以下代码里面的三个方法

屏幕快照 2018-11-22 上午10.32.16.png

注意web.xml格式



         此处给过滤器起一个名字

         此处写过滤器实现类的全类名

         

            此处填写该过滤器初始化参数的名称

            此处填写该过滤器初始化参数的值

         

      

   

       此处用上边起过的名字

       此处写我们需要过滤哪些URL请求

       REQUEST,FORWORDMINCLUDE.ERROE

四、实验代码

实验1️⃣：

分为三个文件FirstFilter.java(用于执行过滤器的业务逻辑)、web.xml（用于配置过滤器的映射）、index.jsp（用作展示的页面）

//FirstFilter.java
package topus;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
//import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Servlet Filter implementation class FirstFilter
 */
@WebFilter("/FirstFilter")
public class FirstFilter implements Filter {

    /**
     * Default constructor. 
     */
    public FirstFilter() {
        // TODO Auto-generated constructor stub
    }

    /**
     * @see Filter#destroy()
     */
    public void destroy() {
        System.out.println("First Filter------Destory");
    }

    /**
     * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
     */
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        
        System.out.println("First Filter------doFilter start");     
        
        //HttpServletRequest req=(HttpServletRequest) request;  
        HttpServletResponse res=(HttpServletResponse) response;  
   
        res.setDateHeader("Expires",-1);// //指定网页在缓存中的过期时间
        res.setHeader("Cache-Control","no-cache");// //HTTP消息头，控制网页的缓存
        res.setHeader("Pragma","no-cache");// //禁止浏览器从缓存中调阅页面内容

        // pass the request along the filter chain
        chain.doFilter(request, response);
        
        System.out.println("First Filter------doFilter end");
    }

    /**
     * @see Filter#init(FilterConfig)
     */
    public void init(FilterConfig fConfig) throws ServletException {
        System.out.println("First Filter------Init");
    }

}

//web.xml


  shiyan10-1
  
  
    firstFilter
    topus.FirstFilter
  
  
  
    firstFilter
    
    /*

//index.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>




Insert title here


Hello World!
  
<%
    System.out.println("index.jsp------");
%>

实验结果

no-cache

注意在此，检测办法是在Chrome-右键-检查-network-选择对应文件-header，如果出现no-cache则证明过滤成功

实验2️⃣：

思路：访问index.jxp，触发过滤器，筛选IP，若不满足则跳转到error.jsp
index.jxp

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>




Insert title here


index!
  
<%
    System.out.println("index.jsp------");
%>

error.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>




Insert title here


error!
  
<%
    System.out.println("error.jsp------");
%>

IPFilter.jsp

package topus;

import java.io.IOException;
//import java.net.InetAddress;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

//import org.apache.tomcat.util.codec.binary.StringUtils;


/**
 * Servlet Filter implementation class IPFilter
 */
@WebFilter("/IPFilter")
public class IPFilter implements Filter {


    
    /**
     * Default constructor. 
     */
    public IPFilter() {
        // TODO Auto-generated constructor stub
    }

    /**
     * @see Filter#destroy()
     */
    public void destroy() {
        // TODO Auto-generated method stub
    }

    /**
     * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
     */
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request1  = (HttpServletRequest)request;
        HttpServletResponse response1 = (HttpServletResponse)response;
        
        
        //四种痛苦的尝试
        //1.这里tomcat只能获取IPV6的地址0:0:0:0:0:0:0:1不好判断
        //String ip= request.getRemoteAddr();
        
        //2.如此之判断还是得不到
        /*
        String ip = request1.getHeader("x-forwarded-for");
        if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
            ip = request1.getHeader("Proxy-Client-IP");
        }
        if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
            ip = request1.getHeader("WL-Proxy-Client-IP");
        }
        if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
            ip = request1.getRemoteAddr();
        }
        */
        
        //3.这里用getLocalHost()模拟
        //getLocalHost()仅返回象征本地主机的InetAddress对象
        //InetAddress inet = InetAddress.getLocalHost();
        //String ip= inet.getHostAddress();
        
        //4.这里用字符模拟假的ip实例（前面实力劝退）
        String ip =  "192.165.2.47" ;
        System.out.println("the ip is"+ip);
        
         //拆分字符
         int ad = Integer.parseInt(ip.substring(ip.lastIndexOf(".") + 1));
         
        if(ad >= 1 && ad <= 50){
            response.setContentType("text/html;charset=utf-8");
            //跳转到error.jsp
            request1.getRequestDispatcher("error.jsp").forward(request1, response1);
        }
        else{
            chain.doFilter(request, response);
        }
    }
    
    /**
     * @see Filter#init(FilterConfig)
     */
    public void init(FilterConfig fConfig) throws ServletException {
        // TODO Auto-generated method stub
    }

}

IP不符合要求不允许访问

实验3️⃣：

实验三比较复杂，思路正确实现起来还是很简单的，项目结构：

项目结构

流程图

实验10-3.gif

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>




登录界面



    用户名：

loginPro.jsp (用于对登录界面的值进行处理，以及触发监听器)

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>





登录界面解析



<%      
        String username =  request.getParameter("username");
        session.setAttribute("username",username);
        //直接跳转
        /* response.sendRedirect("users.jsp"); */
    
        if(!username.isEmpty()){
            out.println(username+"登陆成功");
        }else out.println("登陆失败");
%>
    跳转到用户中心

logout.jsp(退出按钮所跳转的界面，用于对退出进行处理)

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8" import="java.util.Map" import="topus.UserSessionInfo" import="topus.MySessionContext"%>




用户退出


    该用户已经退出本系统！
    跳转到用户中心
    
    <%
    
    String sessionID = request.getParameter("sessionID");
    //out.println(sessionID);
        
    MySessionContext myc= MySessionContext.getInstance();  
    HttpSession sess = myc.getSession(sessionID);  
        
    //HttpSession sess = session.getSessionContext().getSession(sessionID) ;
    sess.invalidate(); // 本次会话对象失效
        //session.removeAttribute("username");
        //response.sendRedirect("users.jsp");
        
        
        
        
        //Map onlineRegister=(Map) application.getAttribute("onlineRegister");
        //onlineRegister.remove(sess.getId());
        //application.setAttribute("onlineRegister",onlineRegister); 
        
        //Map onlineRegister = (Map) session.getServletContext().getAttribute("onlineRegister");
        //onlineRegister.remove(session.getId());
        //session.getServletContext().setAttribute("onlineRegister",onlineRegister);
    %>

users.jsp(用户管理中心，用于显示在线用户的信息，以及对在线用户进行强制下线操作)

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
   <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>




用户管理中心


<%-- ${applicationScope.onlineRegister} --%>

        
            用户名：${mapRegister.value.username}，会话创建时间：
            
                <%-- sessionID：${mapRegister.value.sessionID} --%>
                
                退出

MySessionAttributeListener.java(SessionAttributeListener监听器，用于监听session的参数，如在logPro.jsp内的session.setAttribute有用到)

package topus;

import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.annotation.WebListener;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionAttributeListener;
import javax.servlet.http.HttpSessionBindingEvent;




/**
 * Application Lifecycle Listener implementation class MySessionAttributeListener
 *
 */
@WebListener
public class MySessionAttributeListener implements HttpSessionAttributeListener {

    /**
     * Default constructor. 
     */
    public MySessionAttributeListener() {
        // TODO Auto-generated constructor stub
    }

    /**
     * @see HttpSessionAttributeListener#attributeAdded(HttpSessionBindingEvent)
     */
    @SuppressWarnings("unchecked")
    public void attributeAdded(HttpSessionBindingEvent arg0)  { 
        HttpSession session = arg0.getSession();
        
        String username = (String) session.getAttribute("username");
        if (username != null) {
            
            //给用户模型赋值
            UserSessionInfo userSessionBean = new UserSessionInfo(username,session.getId(), new Date(session.getCreationTime()));
            
            //建一个map表
            Map onlineRegister = (Map) session.getServletContext().getAttribute("onlineRegister");
            if (onlineRegister == null) {
                
                onlineRegister = new HashMap();
            }
            
            //将sessionId和用户模型一一对应构成一个单独的个体
            onlineRegister.put(session.getId(), userSessionBean);
            
            //set回去
            session.getServletContext().setAttribute("onlineRegister",onlineRegister);
        }
    }

    /**
     * @see HttpSessionAttributeListener#attributeRemoved(HttpSessionBindingEvent)
     */
    @SuppressWarnings("unchecked")
    public void attributeRemoved(HttpSessionBindingEvent arg0)  { 
         // TODO Auto-generated method stub
        if ("username".equals(arg0.getName())) {
            HttpSession session = arg0.getSession();
            
            Map onlineRegister = (Map) session
                    .getServletContext().getAttribute("onlineRegister");
            
            onlineRegister.remove(session.getId());
            
            session.getServletContext().setAttribute("onlineRegister",
                    onlineRegister);
        }
    }

    /**
     * @see HttpSessionAttributeListener#attributeReplaced(HttpSessionBindingEvent)
     */
    public void attributeReplaced(HttpSessionBindingEvent arg0)  { 
         // TODO Auto-generated method stub
    }
    
}

MySessionContext.java和SessionListener.java 用于完成通过seesionID来获取到session的事件，魔改过来使用
作者csdn链接：https://blog.csdn.net/sihai12345/article/details/81098765


package topus;

import java.util.HashMap;

import javax.servlet.http.HttpSession;

public class MySessionContext {
    private static MySessionContext instance;  
    private HashMap sessionMap;  

    private MySessionContext() {  
        sessionMap = new HashMap();  
    }  

    public static MySessionContext getInstance() {  
        if (instance == null) {  
            instance = new MySessionContext();  
        }  
        return instance;  
    }  

    public synchronized void addSession(HttpSession session) {  
        if (session != null) {  
            sessionMap.put(session.getId(), session);  
        }  
    }  

    public synchronized void delSession(HttpSession session) {  
        if (session != null) {  
            sessionMap.remove(session.getId());  
        }  
    }  

    public synchronized HttpSession getSession(String sessionID) {  
        if (sessionID == null) {  
            return null;  
        }  
        return sessionMap.get(sessionID);  
    }  

}

package topus;

import javax.servlet.annotation.WebListener;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;

/**
 * Application Lifecycle Listener implementation class SessionListener
 *
 */
@WebListener
public class SessionListener implements HttpSessionListener {

    
    private MySessionContext myc = MySessionContext.getInstance();  
    /**
     * Default constructor. 
     */
    public SessionListener() {
        // TODO Auto-generated constructor stub
    }

    /**
     * @see HttpSessionListener#sessionCreated(HttpSessionEvent)
     */
    public void sessionCreated(HttpSessionEvent se)  { 
         // TODO Auto-generated method stub
        HttpSession session = se.getSession();  
        myc.addSession(session);  
        
    }

    /**
     * @see HttpSessionListener#sessionDestroyed(HttpSessionEvent)
     */
    public void sessionDestroyed(HttpSessionEvent se)  { 
         // TODO Auto-generated method stub
        HttpSession session = se.getSession();  
        myc.delSession(session); 
        
    }
    
}

UserSessionInfo.jsp(用于构建用户数据模型的Javabean)

package topus;

import java.util.Date;

public class UserSessionInfo {

    private String username;
    
    private String sessionID;
    
    private Date creationDate;
    
    public UserSessionInfo(){
        
    }

    public UserSessionInfo(String username, String sessionID, Date creationDate) {
        super();
        this.username = username;
        this.sessionID = sessionID;
        this.creationDate = creationDate;
    }

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getSessionID() {
        return sessionID;
    }

    public void setSessionID(String sessionID) {
        this.sessionID = sessionID;
    }

    public Date getCreationDate() {
        return creationDate;
    }

    public void setCreationDate(Date creationDate) {
        this.creationDate = creationDate;
    }

}

项目截图：

5.png

6.png

7.png

1.png

2.png

3.png

4.png

8.png

Web应用开发: JSP语法编程实践(六)：Filter和Listener编程实践

一、实验内容

二、实验要求

三、实验原理

四、实验代码

实验1️⃣：

Hello World!

实验2️⃣：

index!

error!

实验3️⃣：

你可能感兴趣的:(Web应用开发: JSP语法编程实践(六)：Filter和Listener编程实践)