一.Servlet 标准中提供了过滤器功能,用于拦截Http请求,为服务器增加拦截功能:
1.Filter常用解决的问题:
(1)统一编码过滤处理
(2)统一登录处理,必须登录才能访问页面
(3)网站资源授权拦截
(4)不登录不能下载资源
2.过滤器的执行先后次序就是配置文件中 filter 的出现先后次序
3.过滤器不仅可以过滤Servlet 和 JSP 还可以过滤任何Web资源
二.Servlet 中的 url-pattern 是Servlet定义的特有规则:
1.精确匹配 /filterdemo.do 匹配的具体为URL请求
2.路径匹配 /user/* 利用路径规则匹配一系列URL请求
如 /user/add.do
/user/add.jsp
/user/demo.html
/user/test/add.do
3.后缀匹配(扩展名匹配) *.do 根据URL的后缀文件名匹配一系列URL请求
匹配: /login.do
/user/add.do
/user/save.do
匹配次序 精确>路径匹配(精确优先)>扩展匹配
三.ServletContext
1.Servlet 上下文: 代表当前Servlet的工作环境。如果Servlet需要与工作环境打交道时候,就利用ServletContext 进行交换
在一个Web应用程序中,全部Servlet、JSP可以访问同一个ServletContext
2.ServletContext 的最常见用途: Servlet之间共享全局数据!
四.ServletContext API 功能
1.获取WEB路径对应的“实际Real”硬盘路径
servletContext.getRealPath("/WEB-INF");
2.全局共享数据:
servletContext.setAttribute("key",value);
value = servletContext.getAttribute("key");
3.获取当前WEB应用路径
servletContext.getContextPath()
等同于 request.getContextPath();
4.获取全局配置参数
<!-- 全局配置参数 -->
<context-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</context-param>
val = servletContext.getInitParamter("encoding")
五.servletContext 与 session 共享数据的差别
servletContext 用于共享“全局”数据
session 用于共享属于当前用户的数据
六.Servlet/JSP 数据共享范围
共享数据的范围:
pageContext 当前JSP页面范围,其范围最小
request 当前请求的范围,在一次请求期间的全部Servlet、JSP(包含的JSP),是最常用的数据共享空间。
session 当前用户“会话”期间的多个请求之间共享数据。 用于当前用户浏览器发起的多个请求之间共享数据。
application(ServletContext) 全局共享数据,全部请求共享同一个数据。
七.数据访问层
数据访问层是无状态的,适合利用ServletContext共享,为全部Servlet使用。
这三个类在web文件里的配置信息:
<servlet>
<servlet-name>FilterDemoServlet</servlet-name>
<servlet-class>cn.tedu.tstore.web.FilterDemoServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>FilterDemoServlet</servlet-name>
<url-pattern>/filterdemo.do</url-pattern>
</servlet-mapping>
<filter>
<filter-name>demofilter</filter-name>
<filter-class>cn.tedu.tstore.web.DemoFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>demofilter</filter-name>
<servlet-name>FilterDemoServlet</servlet-name>
</filter-mapping>
<filter>
<filter-name>demo2filter</filter-name>
<filter-class>cn.tedu.tstore.web.Demo2Filter</filter-class>
</filter>
<filter-mapping>
<filter-name>demo2filter</filter-name>
<servlet-name>FilterDemoServlet</servlet-name>
</filter-mapping>
用浏览器访问http://localhost:8080/store/filterdemo.do服务器出现的结果如下:
init DemoFilter
Hello
Demo2
OK
OK2
World
2.浏览器访问html文件将触发过滤器Demo3Filter:
web配置文件如下:
<filter>
<filter-name>demo3filter</filter-name>
<filter-class>cn.tedu.tstore.web.Demo3Filter</filter-class>
</filter>
<filter-mapping>
<filter-name>demo3filter</filter-name>
<url-pattern>*.html</url-pattern>
</filter-mapping>
3.用浏览器访问.do结尾的路径触发编码过滤器
web配置文件如下:
<filter>
<filter-name>EncodeFilter</filter-name>
<filter-class>cn.tedu.tstore.web.EncodeFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>EncodeFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
4.登录过滤器使得用user或者product访问路径的都加载登录过滤器,用户没有登录都自动跳转到登录页面
web配置文件如下:
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>cn.tedu.tstore.web.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/user/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/product/*</url-pattern>
</filter-mapping>
5.ServletContext当前运行环境的信息:
6.ServletContext的设置方法:
7.ServletContext的获取方法:
1.Filter常用解决的问题:
(1)统一编码过滤处理
(2)统一登录处理,必须登录才能访问页面
(3)网站资源授权拦截
(4)不登录不能下载资源
2.过滤器的执行先后次序就是配置文件中 filter 的出现先后次序
3.过滤器不仅可以过滤Servlet 和 JSP 还可以过滤任何Web资源
二.Servlet 中的 url-pattern 是Servlet定义的特有规则:
1.精确匹配 /filterdemo.do 匹配的具体为URL请求
2.路径匹配 /user/* 利用路径规则匹配一系列URL请求
如 /user/add.do
/user/add.jsp
/user/demo.html
/user/test/add.do
3.后缀匹配(扩展名匹配) *.do 根据URL的后缀文件名匹配一系列URL请求
匹配: /login.do
/user/add.do
/user/save.do
匹配次序 精确>路径匹配(精确优先)>扩展匹配
三.ServletContext
1.Servlet 上下文: 代表当前Servlet的工作环境。如果Servlet需要与工作环境打交道时候,就利用ServletContext 进行交换
在一个Web应用程序中,全部Servlet、JSP可以访问同一个ServletContext
2.ServletContext 的最常见用途: Servlet之间共享全局数据!
四.ServletContext API 功能
1.获取WEB路径对应的“实际Real”硬盘路径
servletContext.getRealPath("/WEB-INF");
2.全局共享数据:
servletContext.setAttribute("key",value);
value = servletContext.getAttribute("key");
3.获取当前WEB应用路径
servletContext.getContextPath()
等同于 request.getContextPath();
4.获取全局配置参数
<!-- 全局配置参数 -->
<context-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</context-param>
val = servletContext.getInitParamter("encoding")
五.servletContext 与 session 共享数据的差别
servletContext 用于共享“全局”数据
session 用于共享属于当前用户的数据
六.Servlet/JSP 数据共享范围
共享数据的范围:
pageContext 当前JSP页面范围,其范围最小
request 当前请求的范围,在一次请求期间的全部Servlet、JSP(包含的JSP),是最常用的数据共享空间。
session 当前用户“会话”期间的多个请求之间共享数据。 用于当前用户浏览器发起的多个请求之间共享数据。
application(ServletContext) 全局共享数据,全部请求共享同一个数据。
七.数据访问层
数据访问层是无状态的,适合利用ServletContext共享,为全部Servlet使用。
1.过滤器功能演示:
package cn.tedu.tstore.web;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* 过滤器功能演示
*/
public class FilterDemoServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
System.out.println("OK");
response.setContentType("text/html");
response.getWriter().print("OK");
}
}
package cn.tedu.tstore.web;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
public class DemoFilter implements Filter{
public void init(FilterConfig config) throws ServletException {
System.out.println("init DemoFilter");
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException {
System.out.println("Hello");
//doFilter 执行后续的Web请求: 包括Servlet
//JSP 或其他html js css等
chain.doFilter(req, resp);
System.out.println("World");
}
public void destroy() {
}
}
package cn.tedu.tstore.web;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
public class Demo2Filter implements Filter{
public void init(FilterConfig arg0) throws ServletException {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException {
System.out.println("Demo2");
chain.doFilter(req, resp);
System.out.println("OK2");
}
public void destroy() {
}
}
这三个类在web文件里的配置信息:
<servlet>
<servlet-name>FilterDemoServlet</servlet-name>
<servlet-class>cn.tedu.tstore.web.FilterDemoServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>FilterDemoServlet</servlet-name>
<url-pattern>/filterdemo.do</url-pattern>
</servlet-mapping>
<filter>
<filter-name>demofilter</filter-name>
<filter-class>cn.tedu.tstore.web.DemoFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>demofilter</filter-name>
<servlet-name>FilterDemoServlet</servlet-name>
</filter-mapping>
<filter>
<filter-name>demo2filter</filter-name>
<filter-class>cn.tedu.tstore.web.Demo2Filter</filter-class>
</filter>
<filter-mapping>
<filter-name>demo2filter</filter-name>
<servlet-name>FilterDemoServlet</servlet-name>
</filter-mapping>
用浏览器访问http://localhost:8080/store/filterdemo.do服务器出现的结果如下:
init DemoFilter
Hello
Demo2
OK
OK2
World
2.浏览器访问html文件将触发过滤器Demo3Filter:
web配置文件如下:
<filter>
<filter-name>demo3filter</filter-name>
<filter-class>cn.tedu.tstore.web.Demo3Filter</filter-class>
</filter>
<filter-mapping>
<filter-name>demo3filter</filter-name>
<url-pattern>*.html</url-pattern>
</filter-mapping>
package cn.tedu.tstore.web;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
public class Demo3Filter implements Filter{
public void init(FilterConfig arg0) throws ServletException {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException {
System.out.println("Demo3");
chain.doFilter(req, resp);
System.out.println("OK3");
}
public void destroy() {
}
}
3.用浏览器访问.do结尾的路径触发编码过滤器
web配置文件如下:
<filter>
<filter-name>EncodeFilter</filter-name>
<filter-class>cn.tedu.tstore.web.EncodeFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>EncodeFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
package cn.tedu.tstore.web;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
/**
* 编码过滤器
*/
public class EncodeFilter implements Filter {
private String encoding;
public void init(FilterConfig config) throws ServletException {
encoding = config.getServletContext().getInitParameter("encoding");
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
System.out.println("设置编码"+encoding);
request.setCharacterEncoding(encoding);
//执行后续的Servlet!!!
chain.doFilter(request, response);
}
public void destroy() {
}
}
4.登录过滤器使得用user或者product访问路径的都加载登录过滤器,用户没有登录都自动跳转到登录页面
web配置文件如下:
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>cn.tedu.tstore.web.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/user/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/product/*</url-pattern>
</filter-mapping>
package cn.tedu.tstore.web;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import entity.User;
/**
* Servlet Filter implementation class LoginFilter
*/
public class LoginFilter implements Filter {
public void init(FilterConfig fConfig) throws ServletException {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
//检查session中是否有登录用户信息,如果没有
//登录用户信息,则用户没有登录,转到login.jsp
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse resp = (HttpServletResponse)response;
HttpSession session = req.getSession();
User user = (User)session.getAttribute("user");
if(user==null) {//没有登录的情况
//重定向到login.jsp
resp.sendRedirect(req.getContextPath()+"/login.jsp");
return;
}
//执行后续的Servlet
chain.doFilter(req, resp);
}
public void destroy() {
}
}
5.ServletContext当前运行环境的信息:
package cn.tedu.tstore.web;
import java.io.IOException;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Servlet implementation class ContextDemoServlet
*/
public class ContextDemoServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//ServletContext 代表当前的运行环境
//1. 可以通过很多渠道获取ServletContext
// 其返还对象都是同一个对象, 这样设计就是为
// 使用更加便捷。
ServletContext sc1 = getServletContext();
ServletContext sc2 = request.getServletContext();
ServletContext sc3 = getServletConfig().getServletContext();
System.out.println(sc1==sc2);//true
System.out.println(sc1==sc3);//true
System.out.println(sc2==sc3);//true
//获取当前环境信息: 当前有效的Servlet的版本
int v1 = sc1.getEffectiveMajorVersion();
int v2 = sc1.getEffectiveMinorVersion();
System.out.println("Servlet "+v1+"."+v2);
//获取当前环境信息: Tomcat支持的Servlet的版本
v1 = sc1.getMajorVersion();
v2 = sc1.getMinorVersion();
System.out.println("Servlet "+v1+"."+v2);
response.setContentType("text/html");
response.getWriter().print("OK");
}
}
6.ServletContext的设置方法:
package cn.tedu.tstore.web;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Servlet implementation class SetContextServlet
*/
public class SetContextServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
getServletContext().setAttribute("n", 56);
response.setContentType("text/html");
response.getWriter().print("OK");
}
}
7.ServletContext的获取方法:
package cn.tedu.tstore.web;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Servlet implementation class GetContextServlet
*/
public class GetContextServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
Integer i = (Integer)getServletContext().getAttribute("n");
response.setContentType("text/html");
response.getWriter().print(i);
}
}