Filter（过滤器）

Filter 是servlet 2.3 新增加的功能。

A filter is an object that performs filtering tasks on either the request to a resource (a servlet or static content), or on the response from a resource, or both.
Filters are configured in the deployment descriptor of a web application（在web.xml中配置）






Filter执行流程




web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" 
	xmlns="http://java.sun.com/xml/ns/javaee" 
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
	http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
  <servlet>
    <servlet-name>LoginServlet</servlet-name>
    <servlet-class>cn.nevo.servlet.LoginServlet</servlet-class>
  </servlet>

  <servlet-mapping>
    <servlet-name>LoginServlet</servlet-name>
    <url-pattern>/LoginServlet</url-pattern>
  </servlet-mapping>
  
  <!-- 配置编码过滤器,该过滤器针对所有请求起作用-->
	<filter>
		<filter-name>encoding-filter</filter-name>
		<filter-class>cn.nevo.filter.EncodingFilter</filter-class>
		<init-param>
			<param-name>encoding</param-name>
			<param-value>utf-8</param-value>
		</init-param>
	</filter>
	<filter-mapping>
		<filter-name>encoding-filter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>
	
	<!-- 配置权限过滤器 -->
	<filter>
		<filter-name>login-filter</filter-name>
		<filter-class>cn.nevo.filter.LoginFilter</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>login-filter</filter-name>
		<url-pattern>/admin/*</url-pattern>
	</filter-mapping>
</web-app>

EncodingFilter.java

public class EncodingFilter implements Filter{

	private String encoding = "";
	
	public void init(FilterConfig filterConfig) throws ServletException {
		this.encoding = filterConfig.getInitParameter("encoding");
	}
	
	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {
		request.setAttribute("encoding", encoding);
		request.setCharacterEncoding(encoding);
		
		System.out.println("before EncodingFilter......");
		chain.doFilter(request, response);
		System.out.println("after EncodingFilter......");
	}
	
	public void destroy() {
	}
}

LoginFilter.java对访问admin文件夹下的资源进行过滤，admin用户便运行访问

public class LoginFilter implements Filter{

	public void destroy() {
	}

	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {
		HttpServletResponse res = (HttpServletResponse)response;
		HttpSession session = ((HttpServletRequest)request).getSession();
		String username = (String)session.getAttribute("username");
		if("admin".equalsIgnoreCase(username)) {
			System.out.println("before LoginFilter......");
		}else {
			res.sendRedirect("../normal.jsp");
			System.out.println("before LoginFilter......");
			
		}
		
		chain.doFilter(request, response);
		System.out.println("after LoginFilter......");
	}

	public void init(FilterConfig filterConfig) throws ServletException {
	}

}

LoginServlet.java

@SuppressWarnings("serial")
public class LoginServlet extends HttpServlet {

	public void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		
		String username = request.getParameter("username");
		HttpSession session = request.getSession();
		session.setAttribute("username", username);
		System.out.println("LoginServlet......");
		
		response.sendRedirect("admin/admin.jsp");
	}
}

admin/admin.jsp

<body>
   管理员：${sessionScope.username }
</body>

normal.jsp

<body>
    普通用户：${sessionScope.username }
</body>

index.jsp

${requestScope.encoding }
  	<form action="LoginServlet" method="post">
  		username：<input type="text" name="username" id="user.name"><br/>
  		password：<input type="password" name="password" id="user.pwd"><br/>
  		<input type="submit" value="submit">
  	</form>