filter用法。

首先：配置文件，声明一个拦截器，两个servlet，一个登录一个退出

web.xml

   filter:过滤器

   <filter>  
        <fiasfdlter-name>LogFilter</filter-name>  //过滤器名字
        <filter-class>com.ee.filter.LogFilter</filter-class>  //所在包
    </filter>  
    <filter-mapping>  
        <filter-name>LogFilter</filter-name>  //过滤器名字 和上面的一致
        <url-pattern>/</url-pattern>        //拦截 / 例如/aa  如果/* 则会拦截所有（因为做的登录所以不能拦截所有）
    </filter-mapping>   
    <servlet>  
        <servlet-name>LoginServlet</servlet-name>  //servlet名字
        <servlet-class>com.ee.filter.LoginServlet</servlet-class>  //servlet所在包
    </servlet>  
  <servlet>  
    <servlet-name>InvalidateServlet</servlet-name>  //servlet名字
    <servlet-class>com.ee.filter.InvalidateServlet</servlet-class>  //servlet所在包
  </servlet>  
  
    <servlet-mapping>  
        <servlet-name>LoginServlet</servlet-name>   //servlet所在包
        <url-pattern>/loginServlet</url-pattern>  //路径
    </servlet-mapping>  
  <servlet-mapping>  
    <servlet-name>InvalidateServlet</servlet-name>  //servlet所在包
    <url-pattern>/jsp/aa</url-pattern>  //路径
  </servlet-mapping>  

LogFilter：过滤器类 实现Filter接口

package com.ee.filter;  
  
import java.io.IOException;


import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
  
/** 
 * @author Administrator 
 * 
 */  
public class LogFilter implements Filter {  
public void destroy() {  
   }  
 
   public void doFilter(ServletRequest servletRequest,  
           ServletResponse servletResponse, FilterChain filterChain)  
           throws IOException, ServletException {  
 
       HttpServletRequest req = (HttpServletRequest) servletRequest;  
       HttpSession session = req.getSession();  
       System.out.println("lanjie");
       String username = (String)session.getAttribute("username");  
         
       if (username != null&&username!="") {  
           // 如果现在存在了session，则请求向下继续传递  
           filterChain.doFilter(servletRequest, servletResponse);  
       } else {  
           // 跳转到提示登陆页面  
        System.out.println("login");
           servletRequest.getRequestDispatcher("/login.jsp").forward(servletRequest, servletResponse);  
       }  
   }  
 
   public void init(FilterConfig filterConfig) throws ServletException {  
   }  
} 

LoginServlet:继承HttpServlet 

package com.ee.filter;


import java.io.IOException;  
import java.io.PrintWriter;  
  
import javax.servlet.ServletException;  
import javax.servlet.http.HttpServlet;  
import javax.servlet.http.HttpServletRequest;  
import javax.servlet.http.HttpServletResponse;  
import javax.servlet.http.HttpSession;  
  
public class LoginServlet extends HttpServlet {  
  
      
    /**
* 
*/
private static final long serialVersionUID = -1193203808034931858L;


public void doGet(HttpServletRequest request, HttpServletResponse response)  
            throws ServletException, IOException {  
  
        response.setContentType("text/html;charset=UTF-8");  
        request.setCharacterEncoding("UTF-8");  
        PrintWriter out = response.getWriter();  
          
        String username = request.getParameter("username");  
        HttpSession session = request.getSession();  
        session.setAttribute("username", username);  //用户登录加入到session中  
          
        response.sendRedirect("jsp/success.jsp");    //登录成功 跳入success.jsp  
          
        //测试   
        System.out.println("username: "+username);  
          
        out.flush();  
        out.close();  
    }  
  
    public void doPost(HttpServletRequest request, HttpServletResponse response)  
            throws ServletException, IOException {  
  
        this.doGet(request, response);  
    }  
  
}  

InvalidateServlet:

package com.ee.filter;


import java.io.IOException;  
import java.io.PrintWriter;  
  
import javax.servlet.ServletException;  
import javax.servlet.http.HttpServlet;  
import javax.servlet.http.HttpServletRequest;  
import javax.servlet.http.HttpServletResponse;  
import javax.servlet.http.HttpSession;  
  
public class InvalidateServlet extends HttpServlet {  
  
      
    /**
* 
*/
private static final long serialVersionUID = 3701729463942281614L;


public void doGet(HttpServletRequest request, HttpServletResponse response)  
            throws ServletException, IOException {  
  
        response.setContentType("text/html;charset=gbk");  
        request.setCharacterEncoding("gbk");  
        PrintWriter out = response.getWriter();  
        System.out.println("tuichu");
        String aa=request.getContextPath();
        HttpSession session =request.getSession(); //得到session对象  
        session.invalidate();                      //注销session  使其失效  
        //然后跳转到登录页面  
        System.out.println(aa);
        response.sendRedirect(aa+"/login.jsp");
       // request.getRequestDispatcher("/login.jsp").forward(request, response);  
        out.flush();  
        out.close();  
    }  
  
    public void doPost(HttpServletRequest request, HttpServletResponse response)  
            throws ServletException, IOException {  
    System.out.println("tuichu");
    doGet(request, response); 
          
    }  
  
}  

login.jsp:登录界面

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<script type="text/javascript">  
   //检查是否输入用户名  否则不予提交    
   function check(){  
       var username = document.getElementById("username").value;  
       if(username==null||""==username){  
           alert("请输入用户名");  
           return false;  
       }  
       return true;  
   }  
   </script>  
<body>


<body>  
     <center>  
        <form action="loginServlet" method="post" onsubmit="return check()">  
           <table>  
               <caption>用户登录</caption>  
               <tr>  
                  <td>用户名</td><td><input type="text" id="username" name="username" /></td>  
               </tr>  
               <tr>  
                  <td>密码</td><td><input type="text" name="password"/></td>  
               </tr>  
               <tr>  
                  <td align="right" colspan="2"><input type="submit" value="登录"></td>  
               </tr>  
           </table>  
        </form>  
     </center>  
</body>  
</body>
</html>

success.jsp:成功界面

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<body>  
        <center>  
            欢迎<%=session.getAttribute("username")%>光临  
            <br>  
      <a href="aa">退出</a>  
        </center>  
    </body> 
</body>
</html>

/ ，/* 区别

• <url-pattern>/</url-pattern> 
  会匹配到/springmvc这样的路径型url，不会匹配到模式为*.jsp这样的后缀型url。

• <url-pattern>/*</url-pattern> 
  会匹配所有的url：路径型的和后缀型的url(包括/springmvc，.jsp，.js和*.html等)

我觉得可能有点乱，个人理解吧，主要是给自己留个印象。

sission：：同一个回话不同界面可以传值

filter：根据你的请求判断是否拦截，主要是dofilter方法，判断sission里是否有东西，有则放行登陆成功，没有东西拦截