当访问服务器的资源时,过滤器可以将请求拦截下来,完成一些特殊功能。
demo:
定义一个类 实现Filter接口,重写方法,配置拦截路径
@WebFilter("/*")//访问资源之前,都会执行该过滤器
public class MyFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("MyFilter......");
//放行
filterChain.doFilter(servletRequest,servletResponse);
}
@Override
public void destroy() {
}
}
细节:
- web.xml配置
<filter>
<filter-name>demo0901</filter-name>
<filter-class>com.hetl.filter.MyFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>demo0901</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
- 过滤器执行流程
执行过滤器
执行放行后的资源
回来执行过滤器放行代码下边的代码 - 过滤器生命周期
init(FilterConfig filterConfig):服务器启动后,filter对象被创建,然后调用初始化方法,加载资源
doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain):每一次请求拦截资源时,会被执行。执行多次
destroy():服务器关闭后,filter对象被销毁,只执行一下,并释放资源 - 过滤器配置详解
拦截路径配置:具体的资源路径、拦截的目录、后缀名拦截、拦截所有资源
拦截方式配置:资源被访问的方式。注解配置、web.xml配置
注解配置(设置dispatcherTypes属性):REQUEST:默认值(浏览器直接请求支援)、FORWARD:转发访问资源、 INCLUDE:包含访问资源、 ERROR:错误跳转资源 、 ASYNC:异步访问资源
web.xml配置
<filter>
<filter-name>demo0901</filter-name>
<filter-class>com.hetl.filter.MyFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>demo0901</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher><!--配置标签-->
</filter-mapping>
- 配置多个过滤器
敏感词汇过滤:
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import java.io.BufferedReader;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.util.ArrayList;
import java.util.List;
import static javafx.scene.input.KeyCode.G;
@WebFilter("/*")
public class MyFilterOfSensitiveWord implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
try {
//获取文件
ServletContext context = filterConfig.getServletContext();
String path = context.getRealPath("/mingancihui.txt");
//加载文件
BufferedReader br = new BufferedReader(new FileReader(path));
String line=null;
while ((line = br.readLine())!=null){
list.add(line);
}
br.close();
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
@Override
public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
//1.创建代理对象,增强getParameter
ServletRequest proxy_req = (ServletRequest) Proxy.newProxyInstance(servletRequest.getClass().getClassLoader(), servletRequest.getClass().getInterfaces(), new InvocationHandler() {
@Override
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
if(method.getName().equals("getParameter")){
String value = (String) method.invoke(servletRequest,args);
if(value!=null){
for (String str: list) {
if (value.contains(str)){
value = value.replaceAll(str,"**");
}
}
}
return value;
}
return method.invoke(servletRequest,args);
}
});
filterChain.doFilter(proxy_req,servletResponse);
}
private List<String> list = new ArrayList<String>();//存放敏感词汇
@Override
public void destroy() {
}
}
监听器
未完待续。。。。。