过滤器Filter也具有生命周期:init()->doFilter()->destroy(),由部署文件中的filter元素驱动。在servlet2.4中,过滤器同样可以用于请求分派器,但须在web.xml中声明,<dispatcher>INCLUDE或FORWARD或REQUEST或ERROR</dispatcher>该元素位于filter-mapping中。
一、字符编码过滤
Java代码
public class EncodingFilter implements Filter {
private FilterConfig filterConfig;
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse
response, FilterChain chain) {
try{
HttpServletRequest httpRequest=(HttpServletRequest)request;
String encoding=filterConfig.getInitParameter("encoding");
if (encoding == null){
encoding = "UTF-8";
}
httpRequest.setCharacterEncoding(encoding);// 在请求里设置上指定的编码
chain.doFilter(request, response);
}catch (ServletException sx){
filterConfig.getServletContext().log(sx.getMessage());
} catch (IOException iox){
filterConfig.getServletContext().log(iox.getMessage());
}
}
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig; //初始化信息,保存filterConfig对象
}
}
Xml代码
<filter>
<filter-name>EncodingFilter</filter-name>
<filter-class>com.logcd.filter.EncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>EncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
二、用filter控制用户访问权限
Java代码
public void doFilter(ServletRequest request,
ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession();
if (session.getAttribute("username") != null&&"" != session.getAttribute("username")) {//登录后才能访问
chain.doFilter(request, response);
} else {
res.sendRedirect("./failure.jsp");
}
}
Xml代码
<filter>
<filter-name>SecurityFilter</filter-name>
<filter-class>com.logcd.filter.SecurityFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SecurityFilter</filter-name>
<url-pattern>/admin/*</url-pattern>
</filter-mapping>
三、用filter控制用户登录权限
Java代码
public voiddoFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req =(HttpServletRequest) request;
HttpServletResponse resp =(HttpServletResponse) response;
resp.setContentType("text/html;");
resp.setCharacterEncoding("UTF-8");
HttpSession session =req.getSession();
PrintWriter out =resp.getWriter();
// 得到用户请求的URI
String request_uri =req.getRequestURI();
// 得到web应用程序的上下文路径
String ctxPath =req.getContextPath();
// 去除上下文路径,得到剩余部分的路径
String uri =request_uri.substring(ctxPath.length());
// 判断用户访问的是否是登录页面或注册页面
if (uri.equals("/logon.jsp")||uri.equals("/regist.jsp") ||uri.equals("/logonServlet")||uri.equals("/registServlet")){
chain.doFilter(request,response);
} else {
// 如果访问的不是登录页面,则判断用户是否已经登录
if (null != session.getAttribute("user") &&"" != session.getAttribute("user")) {
chain.doFilter(request,response);
} else {
out.println("您没有登录,请先登录!");
return;
}
}
}
Xml代码
<filter>
<filter-name>loginFilter</filter-name>
<filter-class>filters.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>