Filter常见应用
1、禁止浏览器缓存所有动态页面的过滤器:
(1)有 3 个 HTTP 响应头字段都可以禁止浏览器缓存当前页面,它们在 Servlet 中的示例代码如下:
①response.setDateHeader("Expires",-1);
Expires数据头:值为GMT时间值,为-1指浏览器不要缓存页面
②response.setHeader("Cache-Control","no-cache");
Cache-Control响应头有两个常用值:
no-cache指浏览器不要缓存当前页面。
max-age:xxx指浏览器缓存页面xxx秒。
③response.setHeader("Pragma","no-cache");
(2)所有的浏览器都能完全支持上面的三个响应头,因此最好是同时使用上面的三个响应头。
(3)代码:
//禁止浏览器缓存所有动态页面的过滤器
publicclassNoCacheFilter implements Filter {
publicvoiddestroy() { }
publicvoiddoFilter(ServletRequest request, ServletResponse response,
FilterChainchain) throws IOException,ServletException {
//转换成HttpServlet
HttpServletRequestreq=(HttpServletRequest) request;
HttpServletResponseresp=(HttpServletResponse) response;
//3个http响应头
//过期时间,-1为不缓存页面
resp.setDateHeader("expires",-1);
//没有缓存控制,no—chche为没有缓存
resp.setHeader("Cache-Control","no-cache");
//也相当于无缓存
resp.setHeader("Pragma","no-cache");
//过滤器链 ,寻找目标资源
chain.doFilter(req,resp);
}
publicvoidinit(FilterConfig filterConfig) throws ServletException {}
}
2、控制浏览器缓存页面中的静态资源的过滤器:
有些动态页面中引用了一些图片或css文件以修饰页面效果,这些图片和css文件经常是不变化的,所以为减轻服务器的压力,可以使用filter控制浏览器缓存这些文件,以提升服务器的性能。
代码:
//控制浏览器缓存页面中的静态资源过滤器
publicclassExpiresFilter implements Filter {
FilterConfigconfig;
publicvoiddestroy() {}
publicvoiddoFilter(ServletRequest request, ServletResponse response,
FilterChainchain) throws IOException,ServletException {
HttpServletRequestreq=(HttpServletRequest) request;
HttpServletResponseresp=(HttpServletResponse) response;
//获取请求的URl
Stringuri=req.getRequestURI();
//判断是什么结尾
if(uri.endsWith(".css")){
longtime=Integer.parseInt(config.getInitParameter("css"))*1000;
resp.setDateHeader("expires",System.currentTimeMillis()+time);
}elseif(uri.endsWith(".js")){
longtime=Integer.parseInt(config.getInitParameter("js"))*1000;
resp.setDateHeader("expires",System.currentTimeMillis()+time);
}elseif(uri.endsWith(".jpg")){
longtime=Integer.parseInt(config.getInitParameter("jpg"))*1000;
resp.setDateHeader("expires",System.currentTimeMillis()+time);
}
chain.doFilter(req,resp);
}
publicvoid init(FilterConfig filterConfig) throws ServletException {
// 获取参数值
this.config =filterConfig;
}
}
3、实现用户自动登陆的过滤器
题目:
(1)在用户登陆成功后,发送一个名称为user的cookie给客户端,cookie的值为用户名和md5加密后的密码。
(2)编写一个AutoLoginFilter,这个filter检查用户是否带有名称为user的cookie来,如果有,则调用dao查询cookie的用户名和密码是否和数据库匹配,匹配则向session中存入user对象(即用户登陆标记),以实现程序完成自动登陆。
代码:
publicclassAutoLoginFilter implements Filter {
publicvoiddestroy() { }
publicvoid doFilter(ServletRequestrequest, ServletResponse response,
FilterChainchain) throws IOException,ServletException {
HttpServletRequestreq = (HttpServletRequest) request;
HttpServletResponseresp = (HttpServletResponse) response;
//1.检查用户是否登录
Useruser = (User) req.getSession().getAttribute("user");
if(user!=null){
chain.doFilter(req,resp);
return;
}
//2.检查用户是否带cookie来
Stringusername = null;
Stringpassword = null;
Cookie[]cookies = req.getCookies();
for(inti=0;cookies!=null &&i<cookies.length;i++){
if(cookies[i].getName().equals("username")){
username= cookies[i].getValue();
}
if(cookies[i].getName().equals("password")){
password= cookies[i].getValue();
}
}
if(username==null&& password==null){
chain.doFilter(req,resp);
return;
}
UserDaodao = new UserDao();
Useruser1 = dao.find(username);
Stringsave_password = user1.getPassword();
if(!password.equals(save_password)){
chain.doFilter(req,resp);
return;
}
req.getSession().setAttribute("user",user1);
chain.doFilter(req,resp);
}
publicvoidinit(FilterConfig filterConfig) throws ServletException { }
}
publicclass LoginServletextends HttpServlet {
publicvoiddoGet(HttpServletRequest request, HttpServletResponse response)
throwsServletException, IOException {
Stringusername = request.getParameter("username");
Stringpassword = request.getParameter("password");
IntautoLoginTime=Integer.parseInt(request.getParameter("autoLoginTime"));
UserDaodao = new UserDao();
Useruser = dao.find(username, password);
if(user!=null){
request.getSession().setAttribute("user",user);
//Stringpassword1 = user.getPassword();
//Stringmd5password = md5(password1);
//System.out.println(md5password);
Cookiecookie1 = new Cookie("username",user.getUsername());
Cookiecookie2 = new Cookie("password",user.getPassword());
//Cookiecookie2 = new Cookie("password",md5password);
cookie1.setMaxAge(autoLoginTime);
cookie2.setMaxAge(autoLoginTime);
cookie1.setPath("/FilterDemo");
cookie2.setPath("/FilterDemo");
response.addCookie(cookie1);
response.addCookie(cookie2);
response.sendRedirect("/FilterDemo/welcome.jsp");
}else{
request.setAttribute("message","用户名密码错");
request.getRequestDispatcher("/message.jsp").forward(request,response);
}
}
privateString md5(String input){
try {
MessageDigest md = MessageDigest.getInstance("md5");
byte[] result =md.digest(input.getBytes());
BASE64Encoderencoder = new BASE64Encoder();
returnencoder.encode(result);
}catch (NoSuchAlgorithmException e) {
thrownewRuntimeException();
}
}
publicvoiddoPost(HttpServletRequest request, HttpServletResponse response)
throwsServletException, IOException {
doGet(request,response);
}
}