一、过滤器相关Api
interface Filter 过滤器核心接口
1. init(FilterConfig filterConfig)初始化方法,在服务器启动时就执行
2. doFilter(ServletRequest request, ServletResponse response, FilterChain chain)过滤器拦截的业务逻辑处理
3. destroy() 销毁过滤器实例的时候调用
interface FilterChain 过滤链
doFilter(ServletRequest request, ServletResponse response)
执行下一个过滤器或放行(访问servlet)
二、用过滤器处理POST请求中文乱码问题
@WebFilter(filterName = "encoding", urlPatterns = "/*")
public class EncodingFilter implements Filter {
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("EncodingFilter.doFilter");
HttpServletRequest request = (HttpServletRequest) servletRequest;
String method = request.getMethod();
System.out.println("method: " + method);
if("post".equalsIgnoreCase(method)) { //equalsIgnoreCase 忽略大小写
request.setCharacterEncoding("UTF-8");
}
filterChain.doFilter(servletRequest,servletResponse);
}
}
三、用过滤器完成登录功能
// “/*”代表拦截所有请求
@WebFilter(filterName = "login", urlPatterns = "/*")
public class LoginFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
Filter.super.init(filterConfig);
System.out.println("LoginFilter.init");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("LoginFilter.doFilter");
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String uri = request.getRequestURI();
System.out.println("uri: " + uri);
String method = request.getParameter("method");
System.out.println("method: " + method);
//如果这个请求是要去完成登录的,不需要执行后面的验证是否已经登录的流程
//这些是没有登录情况下可以访问的资源
if (uri.startsWith("/static") // 访问“/static”都放行
|| uri.equals("/login.jsp")
|| uri.equals("/fail.jsp")
|| (uri.equals("/user") && "login".equals(method))) {
filterChain.doFilter(servletRequest, servletResponse);
return;
}
HttpSession session = request.getSession();
User user = (User) session.getAttribute("user");
if (user == null) {
response.sendRedirect("/login.jsp");
return;
}
//“user”这个通行证不是null,说明用户已经登录
//如果加了这了这句话代表放行,继续往后执行
//1.如果后面还有filter就访问后面的filter
//2.没有filter就访问后台资源
filterChain.doFilter(servletRequest, servletResponse);
}
@Override
public void destroy() {
Filter.super.destroy();
System.out.println("LoginFilter.destroy");
}
}