什么是过滤器
创建过滤器
Servlet的过滤器的配置
Servlet过滤器时从Servlet2.3规范引入的,与servlet技术一样,servlet过滤器也是一种web应用程序组件,也可以部署在web应用程序中,可以看作是一种特殊的servlet
过滤器的工作流程
web服务器接收到一个请求后,将会判断此请求是否匹配到一个过滤器设置,如果匹配到,则服务器会把请求交给相关联的过滤器处理,过滤器处理之后,web服务器会判断否有另一个关联的过滤器,如果存在继续交给下个处理,最后调用客户需要访问的web资源,如jsp或者servlet。在返回给客户端的过程中,首先同样经过关联的过滤器,知识顺序与请求到来时相反
进行请求的权限判断
处理文本乱码问题
---------xml转换过滤,数据压缩过滤,图像转换过滤,加密过滤,请求与相应封装
实现一个javax.servlet.Filter()
dofilter(),init(),destroy()
在dofilter方法中添加需要完成的某个过滤功能的代码,调用FilterChain对象的dofilter方法。
---服务器在调用此对象的dofilter方法时,调用下一个相关的过滤器,如果没有其他过滤器与所请求的路经信息关联,那么会调用客户端请求的web资源
----要在web.xml中使用<filter><filter-mapping>元素注册过滤器,执行时按上下顺序
init()
doFilter()
destroy()
FilterConfig接口
此接口主要有以下方法
public String getFilterName()
public String getInitParameter(String name)
public Enumeration getInitParameterNames()
ServletContext getServletContext()
不同的request,response才可以触发filter,只有请求转发可以
实例:------------------在web.xml中的配置
<!-- filters begin -->
<filter>
<filter-name>authorizationfilter</filter-name>
<filter-class>myfilter.AuthorizationFilter</filter-class>
<init-param>
<param-name>errorPage</param-name>
<param-value>/java_web/noPower.jsp</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>authorizationfilter</filter-name>
<url-pattern>/test33.html</url-pattern><!-- test.html 注意这里不能为/*,否则无权访问时会再返回此过滤器,产生循环 -->
</filter-mapping>
<!-- 字符转化问题 -->
<filter>
<filter-name>encodingfilter</filter-name>
<filter-class>myfilter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>utf-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodingfilter</filter-name>
<url-pattern>/aa</url-pattern><!-- 测试汉字过滤时,把这里改为 /aa 即可看效果 -->
<!-- <servlet-name>testRequestServlet</servlet-name> -->
</filter-mapping>
<!-- filters end -->
--------------------------------------------servlet代码,字符转换----------------------------------------------------------每个页面都要添加request.setCharacterEncoding("utf-8");//注意:当用户名为汉字“张三”时,需要使用本行代码;将request传入的汉字转为有效字符;
response.setContentType("text/html;charset=utf-8");//注意:本行代码保证在页面正确输出汉字;---------------------------------------------------
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class CharacterEncodingFilter implements Filter {
private FilterConfig filterConfig;
// 初始化信息,保存filterConfig对象
public void init(FilterConfig filterConfig) throws ServletException {
// System.out.println("---CharacterEncodingFilter init");
this.filterConfig = filterConfig;
// System.out.println("---FilterName:"+filterConfig.getFilterName());
}
// Process the request/response pair
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) {
try {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
String encoding = filterConfig.getInitParameter("encoding");
System.out.println("---CharacterEncodingFilter doFilter");
httpRequest.setCharacterEncoding(encoding);
httpResponse.setCharacterEncoding(encoding);
filterChain.doFilter(request, response);
} catch (Exception iox) {
filterConfig.getServletContext().log(iox.getMessage());
}
}
// 释放资源
public void destroy() {
// System.out.println("---CharacterEncodingFilter destroy");
}
}
-----------------------------------------------------------------权限控制
package myfilter;
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
public class AuthorizationFilter implements Filter {
private FilterConfig filterConfig;
// Handle the passed-in FilterConfig
public void init(FilterConfig filterConfig) throws ServletException {
// System.out.println("---AuthorizationFilter init");
this.filterConfig = filterConfig;
}
// Process the request/response pair
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) {
try {
//HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
String hostAddress = request.getRemoteAddr();
System.out.println("hostAddress="+hostAddress);//注意:0:0:0:0:0:1这种格式是IPv6的格式,相当于IPv4的127.0.0.1
if (hostAddress.startsWith("127.0.")) {//判断权限
// if (hostAddress.startsWith("0:0:")) {//判断权限这是
filterChain.doFilter(request, response);
} else {//不符合条件,则重定向到error页面
String errorPage = filterConfig.getInitParameter("errorPage");
httpResponse.sendRedirect(errorPage);
// httpResponse.sendRedirect("/java_web/noPower.jsp");-------------两种做法
--------------------------------------跳转到noPower.jsp页面
}
} catch (ServletException sx) {
filterConfig.getServletContext().log(sx.getMessage());
} catch (IOException iox) {
filterConfig.getServletContext().log(iox.getMessage());
}
}
// Clean up resources
public void destroy() {
// System.out.println("---AuthorizationFilter destroy");
}
}
-----------------------------------------------------权限noPower.jsp页面
<%@ page language="java" pageEncoding="utf-8" contentType="text/html; charset=utf-8"%>
<%@ page import="java.io.*,java.util.*" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://"
+ request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>
<html>
<head>
<base href="<%=basePath%>">
<title>noPower.jsp</title>
</head>
<body>
<center>
<font color="red">您没有访问的权限!</font>
</center>
</body>
</html>