定义:
过滤器其实就是拦截器的一种,可以用于登录、加密和解密、会话检查、图片转换等等,比如:验证用户是否有权限访问哪个页面
过滤流程:
首先过滤器必须要实现javax.servlet.Filter接口,然后会实现这三个方法init、doFilter、destroy;还要在web.xml配置,因为过滤器属于servlet的一种。
Filter API:
三个接口:Filter、FilterConfig、FilterChain
三个方法:
init():void init(FilterConfig filterConfig)
doFilter():void doFilter(ServletRequest request,ServletResponse response,FilterChain chain)
destroy():void destroy()
过滤器的配置
web.xml的配置:
<filter>
<filter-name>DataCompressionFilter</filter-name>
<filter-class>com....filter..</filter-class>
</filter>
<filter-mapping>
<filter-name>DataCompressionFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
@WebFilter注解类型:
属性:
asyncSupported:指定过滤器是否支持异步操作模式
description:过滤器的描述
dispatherTypes:应用过滤器的dispatcher类型
displayName:过滤器的显示名称
filterName:过滤器的名称
initParams:初始参数
largeIcon:过滤器的大图标名称
servletNames:适用于过滤器的Servlet名称
smallIcon:过滤器的小图标名称
urlPatterns:应用过滤器的URL模式
value:应用过滤器的URL模式
实例:
@WebFilter(filterName="DataCompressionFilter",urlPatterns={"/*"})
实例
解决乱码问题
public class CharacterEncodingFilter implements Filter {
private FilterConfig config;
public void destroy() { }
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
String charset = config.getInitParameter("charset");
String encodingFlag = config.getInitParameter("encodingFlag");
if (charset == null) {
charset = "UTF-8";
}
request.setCharacterEncoding(charset);
chain.doFilter(request, response);
if ("true".equals(encodingFlag)) {
response.setCharacterEncoding(charset);
response.setContentType("text/html; charset=" + charset);
}
}
public void init(FilterConfig config) throws ServletException {
this.config = config;
}
}
public class AuthenticateFilter implements Filter {
private RedisServiceFacade redisServiceFacade;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
ServletContext servletContext = filterConfig.getServletContext();
ApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(servletContext);
redisServiceFacade = (RedisServiceFacade) ctx.getBean(RedisServiceFacade.class);
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest res = (HttpServletRequest) request;
HttpServletResponse rep = (HttpServletResponse) response;
if ("H5".equals(res.getHeader("requestApiFrom")) && !"/3rdParty/getInfoByUUID".equals(res.getRequestURI())) {
String sessionId = res.getParameter("sessionId");
if (StringUtils.isEmpty(sessionId)) {
rep.sendError(HttpStatus.SC_UNAUTHORIZED);
return;
} else {
if (StringUtils.isEmpty((String) redisServiceFacade.get(sessionId + "h5", "userId"))
|| StringUtils.isEmpty((String) redisServiceFacade.get(sessionId + "h5", "exhibitionId"))) {
rep.sendError(HttpStatus.SC_UNAUTHORIZED);
return;
} else {
chain.doFilter(request, response);
}
}
} else {
chain.doFilter(request, response);
}
}
@Override
public void destroy() {
}
}