Filter过滤器学习总结

Login.jsp 代码

<%@ page language="java" contentType="text/html; charset=utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>login.jsp</title>
</head>
<body>

<form  name="login_info" action="<%=request.getContextPath()%>/LoginServlet" method="post">
用户名：<input type="text" name="username"><br>
密码:<input  type="password" name="password"><br>
<input type="submit" value="提交">
</form>


</body>
</html>

此时注意，Servlet中不需要重写service方法，继承自HttpServlet的service 方法会自动根据请求类型调用doPost 或者doGet

public class LoginServlet extends HttpServlet {
 @Overrideprotected void doGet(HttpServletRequest req, HttpServletResponse resp)throws ServletException, IOException {doPost(req, resp);}@Overrideprotected void doPost(HttpServletRequest
 req, HttpServletResponse resp)throws ServletException, IOException {String user_name=req.getParameter("username");String password=req.getParameter("password");HttpSession session=(HttpSession)req.getSession();session.setAttribute("username", user_name);session.setAttribute("password",
 password);user_name=new String(user_name.getBytes("ISO-8859-1"),"utf-8");System.out.println("username:"+user_name);System.out.println("password:"+password);if(user_name.equals("")||user_name==null)System.out.println("logininfo fail to transer");if("admin".equals(user_name)&&"admin".equals(password)){resp.sendRedirect(req.getContextPath()+"/success.jsp");}else{resp.sendRedirect(req.getContextPath()+"/fail.jsp");}}}



web.xml中filter和servlet配置方法
<filter>
  <filter-name>LoginFilter</filter-name>
  <filter-class>com.loginfilter.LoginFilter</filter-class>
 <!-- 初始参数配置，在init方法中调用此参数 --> <init-param> <param-name>notLoginPaths</param-name> <param-value>login.jsp;LoginServlet;fail.jsp</param-value> </init-param> <init-param> <param-name>charSet</param-name> <param-value>UTF-8</param-value>
 </init-param> </filter> <filter-mapping> <filter-name>LoginFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <servlet> <servlet-name>LoginServlet</servlet-name> <servlet-class>com.servlet.LoginServlet</servlet-class> </servlet> <servlet-mapping>
 <servlet-name>LoginServlet</servlet-name> <url-pattern>/LoginServlet</url-pattern> </servlet-mapping>



filter代码


public class LoginFilter implements Filter {
	
	private FilterConfig config;

	@Override
	public void destroy() {
		// TODO Auto-generated method stub

	}

	@Override
	public void doFilter(ServletRequest req, ServletResponse resp,
			FilterChain chain) throws IOException, ServletException {
		
		HttpServletRequest request=(HttpServletRequest)req;
		HttpServletResponse response=(HttpServletResponse)resp;
		HttpSession session=request.getSession();
		
		
		
		//如果请求URL中包含login.jsp等不需要拦截的请求(请求登录界面)则放行，不进行修改
		String notLoginPaths=config.getInitParameter("notLoginPaths");
		String[] paths=notLoginPaths.split(";");
		for(int i=0;i<paths.length;i++){
			//如果路径为空字符串或者null则不需要判断，直接下次循环
			if(paths[i]==null&&paths[i].equals(""))
				continue;			
			if(request.getRequestURI().indexOf(paths[i])!=-1)
			{
				System.out.println("LoginFilter---doFilter-----"+paths[i]+"包含指定域名，放行");
				chain.doFilter(req, resp);				
				return;
			}	
			
		}
		
		/*if(request.getRequestURI().indexOf("login.jsp")!=-1||
				request.getRequestURI().indexOf("LoginServlet")!=-1)
		{
			chain.doFilter(req, resp);
			return;
		}	
		*/
		
		//登录验证
		//如果session中已经保存了登录名，则可以继续请求的访问，如果没有说明未登录，跳转到登录界面
		if(session.getAttribute("username")!=null)
		{	
			System.out.println("已登录，放行");
			chain.doFilter(req, resp);
			return;
		}else{
			System.out.println("未登录，请先登录");
		    response.sendRedirect("login.jsp");
		    
		}
		
			

	}

	@Override
	public void init(FilterConfig arg0) throws ServletException {
	    config=arg0;

	}

}