Filter过滤器
Filter主要作用:拦截请求,过滤响应
常见拦截请求应用场景有:
-
权限检查
-
日记操作
-
食物管理
…
Filter过滤器使用步骤:
- 编写一个类去实现Filter接口
- 实现过滤方法doFilter()
- 到web.xml中去配置拦截路径
<filter>
<filter-name>Adminfilter</filter-name>
<filter-class>com.filter.Adminfilter</filter-class>
</filter>
<filter-mapping>
<filter-name>Adminfilter</filter-name>
//配置拦截路径
<url-pattern>/admin/*</url-pattern>
</filter-mapping>
练习:
使用Filter过滤器实现无登录不能admin下的页面
页面结构
login页面代码:
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<form action="http://localhost:8080/06Filter/loginServlet" method="get">
用户名:<input type="text" name="username"><br>
密码:<input type="password" name="pwd"><br>
<input type="submit" value="登录">
</form>
</body>
</html>
LoginServlet程序代码:
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class LoginServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
resp.setContentType("text/html;charset=utf-8");
String username = req.getParameter("username");
String pwd = req.getParameter("pwd");
if (username.equals("doom") && pwd.equals("123")){
// 设置域
req.setAttribute("user", username);
// 请求转发
req.getRequestDispatcher("/admin/a.jsp").forward(req, resp);
resp.getWriter().print("登录成功");
}else {
// 请求转发
req.getRequestDispatcher("/login.jsp").forward(req, resp);
}
}
}
AdminFilter程序代码:
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.io.IOException;
public class Adminfilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
// 强制转为HttpServletRequest对象,因为HttpServletRequest有获取session的方法
HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
// 获取session域
HttpSession session = httpServletRequest.getSession();
// 获取session中的值
Object user = session.getAttribute("user");
if (user.equals("doom")){
// 这行代码很重要,让程序继续访问用户的目标资源
filterChain.doFilter(servletRequest, servletResponse);
}else {
servletRequest.getRequestDispatcher("/login.jsp").forward(servletRequest, servletResponse);
return;
}
}
@Override
public void destroy() {
}
}
web-xml配置:
<filter>
<filter-name>Adminfilter</filter-name>
<filter-class>com.filter.Adminfilter</filter-class>
</filter>
<filter-mapping>
<filter-name>Adminfilter</filter-name>
<url-pattern>/admin/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>com.LoginServlet.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/loginServlet</url-pattern>
</servlet-mapping>
ervlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/loginServlet</url-pattern>
</servlet-mapping>