三大守卫
过滤器
简介:
过滤器filter,是Servlet的一个实用技术,可通过过滤器对请求进行拦截,
如:根据session判断用户是否登录,判断访问的url是否有权限。
实现方式
利用WebFilter注解配置
@WebFilter
时Servlet3.0
新增的注解,原先实现过滤器,需要在web.xml
中进行配置,而现在通过此注解,启动启动时会自动扫描自动注册。
编写过滤器继承filter
package com.leaning.Fiter;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import org.apache.commons.logging.Log;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.xml.ws.RequestWrapper;
import java.io.BufferedReader;
import java.io.IOException;
//注册器名称为customFilter,拦截的url为所有
@WebFilter(filterName="customFilter",urlPatterns={"/*"})
public class Customer implements Filter {
//
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("初始化过滤器");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("doFilter 请求处理");
//对request、response进行一些预处理
// 比如设置请求编码
// request.setCharacterEncoding("UTF-8");
// response.setCharacterEncoding("UTF-8");
//TODO 进行业务逻辑
//链路 直接传给下一个过滤器
filterChain.doFilter(servletRequest, servletResponse);
}
@Override
public void destroy() {
System.out.println("销毁filter");
}
}
启动类上加上@ServletComponentScan
@ServletComponentScan
@SpringBootApplication
public class SpringstudyApplication {
public static void main(String[] args) {
SpringApplication.run(SpringstudyApplication.class, args);
}
}
书写配置类
@Configuration
public class filterConfig {
@Bean
public FilterRegistrationBean filterRegistrationBean(){
FilterRegistrationBean bean = new FilterRegistrationBean(new Customer());
bean.addUrlPatterns("/*");
bean.setOrder(10);// 设置顺序
return bean;
}
}
拦截器详解
拦截器
简介:
以上的过滤器、监听器都属于Servlet的api,我们在开发中处理利用以上的进行过滤web请求时,还可以使用Spring
提供的拦截器(HandlerInterceptor
)进行更加精细的控制。
实例
@Configuration
public class WebMVCConfig extends WebMvcConfigurationSupport/WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(getHandlerInterceptor()).addPathPatterns("/**");
}
@Bean
public static HandlerInterceptor getHandlerInterceptor() {
return new Customer();
}
}
添加拦截器类
@Component
public class Customer implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 处理前
System.out.println("preHandle:请求前调用");
return false;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
System.out.println("请求后");
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
System.out.println("视图渲染完后的回调");
}
}
监听器详解
监听器
简介:
Listeeshi是servlet规范中定义的一种特殊类。用于监听servletContext、HttpSession和servletRequest等域对象的创建和销毁事件。监听域对象的属性发生修改的事件。用于在事件发生前、发生后做一些必要的处理。一般是获取在线人数等业务需求。
实例解释
@WebListener
public class Cuntomer implements ServletRequestListener {
@Override
public void requestDestroyed(ServletRequestEvent sre) {
System.out.println("监听器销毁");
}
@Override
public void requestInitialized(ServletRequestEvent sre) {
System.out.println("监听器初始化");
}
}