文章目录
1. 过滤器
- 过滤器(Filter),是一个Web组件,先于Servlet或JSP执行
2. Filter作用
① 对请求和响应进行过滤
② 添加设置附加的参数或功能 – 中文处理
③ 对特定的权限、或其他需要满足的条件进行判断 – 登录控制
3. Filter 实现
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
//@WebFilter(filterName = "", urlPatterns = "", initParams = { @WebInitParam(name = "", value = "") })
@WebFilter("/*") // 过滤所有资源
//@WebFilter("*.jsp") // 过滤所有的jsp页面
//@WebFilter(urlPatterns= {"*.jsp","*.action"}) //过滤所有的jsp页面和以.action结尾的请求
//@WebFilter("/main/*") //过滤URL地址以/main/开始的资源
public class EncodingFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("EncodingFilter init ()");
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest)request;
HttpServletResponse httpServletResponse = (HttpServletResponse)response;
//处理中文
httpServletRequest.setCharacterEncoding("utf-8");
httpServletResponse.setCharacterEncoding("utf-8");
//执行过滤,放行
chain.doFilter(httpServletRequest, httpServletResponse);
}
@Override
public void destroy() {
System.out.println("EncodingFilter destroy ()");
}
}
4. 过滤器的生命周期
-
过滤器在服务器启动时,进行初始化,初始化一次
Init(FilterConfig config) // 过滤器的初始化方法
-
当一次请求资源的路径能够匹配拦截路径,就会调用doFilter方法,可以多次调用
doFilter(request,response,chain)
-
在服务器正常关闭时,销毁
detroy() // 过滤器的销毁方法
5. doFilter(过滤器链)
public void doFilter(ServletRequest req, ServletResponse resp,FilterChain chain)
-
FilterChain 过滤器链。
过滤器链:当服务器注册了多个过滤器,多个过滤器都会被初始化。当请求被多个过滤器匹配时,会被多个过滤器进行拦截,当第一个过滤器符合要求时,必须放行,然后通过第二个过滤器,符合条件,进行放行。。。。(依次通过多个过滤器),最后放行,请求资源。 -
ServletRequest 、 servletResponse
一般都会强转,两个参数在一次请求中和servlet中的request和response对象是同一个对象,都是tomcat创建和销毁。通过chain.doFilter(Request,response)将request和response对象传递到下一个filter或者servlet。
过滤器链,返回时,是逆向返回。
6. 过滤器的顺序
-
web.xml
跟filterMapping 配置的顺序有关,按照从上至下的配置顺序进行过滤<filter-mapping> <filter-name>Filter03</filter-name> <url-pattern>/ChainServlet</url-pattern> <init-param> <param-name>encoding</param-name> <param-value>UTF-8</param-value> </init-param> </filter-mapping> <filter-mapping> <filter-name>Filter04</filter-name> <url-pattern>/ChainServlet</url-pattern> </filter-mapping>
-
注解配置
按照Filter命名的字母顺序进行排序
7. url-pattern路径匹配
-
(1) 完全匹配
- 必须以/开头,拦截路径必须和请求一致
- 例如:/a/b/oneservlet
- /loginServlet
-
(2) 不完全匹配
- 必须以/开头 ,以*结尾 /a/b/*
- @WebFilter("/*") // 过滤所有资源
- @WebFilter("/main/*") //过滤URL地址以/main/开始的资源
-
(3) 后缀名匹配(通配符)
- 以.开头 *结尾
- 例如:.do .action .jsp
- @WebFilter("*.jsp") // 过滤所有的jsp页面
- @WebFilter(urlPatterns= {"*.jsp","*.action"}) //过滤所有的jsp页面和以.action结尾的请求
8. 过滤器实现登录控制
package com.hxzy.filter;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.annotation.WebInitParam;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
//@WebFilter(filterName = "", urlPatterns = "", initParams = { @WebInitParam(name = "", value = "") })
@WebFilter(urlPatterns = "/*",
initParams = {
@WebInitParam(name = "uncheckedUrls", value = "/login.jsp,/login.action,/reg.jsp,/reg.action,/index.jsp")
}) // 过滤所有资源
public class LoginFilter implements Filter {
private String uncheckedUrls;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
uncheckedUrls = filterConfig.getInitParameter("uncheckedUrls");
System.out.println("uncheckedUrls=====" + uncheckedUrls);
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
// 1.获取请求URL
String servletPath = httpServletRequest.getServletPath();
// 2.检测1中获取的servletPath是否为不需要检测的URl中的一个.若是,放行
List<String> urls = Arrays.asList(uncheckedUrls.split(","));
if (urls.contains(servletPath)) {
chain.doFilter(httpServletRequest, httpServletResponse);
} else {
// 获得session
HttpSession session = httpServletRequest.getSession();
if (session.getAttribute("user") == null) {
// 当前用户没有登录,跳转到login.jsp中
httpServletRequest.setAttribute("msg", "当前用户没有登录,先登录再使用");
httpServletRequest.getRequestDispatcher("/login.jsp").forward(httpServletRequest, httpServletResponse);
} else {
// 当前用户已经登录
// 执行过滤,放行
chain.doFilter(httpServletRequest, httpServletResponse);
}
}
}
}
9. 过滤器处理中文
package com.hxzy.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.annotation.WebInitParam;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* 过滤器 -- 字符编码
* @author Administrator
*/
@WebFilter(urlPatterns = "/*",initParams = @WebInitParam(name = "encoding", value = "UTF-8"))
public class EncodingFilter implements Filter {
private String encoding;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
encoding = filterConfig.getInitParameter("encoding");
System.out.println("encoding=====" + encoding);
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
//处理中文
httpServletRequest.setCharacterEncoding(encoding);
httpServletResponse.setCharacterEncoding(encoding);
System.out.println("EncodingFilter");
//执行过滤,放行
chain.doFilter(httpServletRequest, httpServletResponse);
}
}