Filter是服务器端的组件,用来过滤web请求。流程是这样的,当一个web请求进来时,web容器会先检查请求的URL是否设置了Filter,如果设置了,则执行该Filter的doFilter方法。所有Filter都实现了javax.servlet.Filter接口,doFilter是定义在该接口中的最重要的方法。
最常见的使用过滤器的例子有:登录验证(有些页面只有登录了才能访问)
今天我用一个验证登录例子,让大家对Filter(过滤器)有一个更深的认识。本例包含上一遍的图书页面,一个login.jsp页面,一个fail.jsp页面,一个LoginFilter。我在配置文件中指定将LoginFilter用于index.jsp,当用户访问index.jsp页面时,如果未登录,则重定向到login.jsp进行登录,如果登录错误,则重定向到fail.jsp提示错误信息。
步骤说明:
1、代码请参考——第十篇JDBC操作数据库之Filter过滤器(拦截404)。
2、在第十篇基础上继续实现功能——第十一篇JDBC操作数据库之Filter过滤器(登录验证)。
一.简单的登录界面login.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://"
+ request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>登录界面</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
<form action="<%=request.getContextPath()%>/Login"
method="post">
<table>
<tr>
<td>用户名:</td>
<td><input type="text" name="username">
</td>
</tr>
<tr>
<td>密码:</td>
<td><input type="password" name="password">
</td>
</tr>
<tr>
<td><input type="submit" value="登录">
</td>
</tr>
</table>
</form>
</body>
</html>
二.简单的错误界面fail.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>登录失败</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
<h1>登录失败,用户名或密码有误!</h1>
</body>
</html>
三.Login.java
1.获取用户名和密码
2.判断用户名和密码
3.重定向
/**
* Created by Ray on 2018/3/13 0013.
**/
public class Login extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doGet(request,response);
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//获取用户名
String username = request.getParameter("username");
//获取密码
String password = request.getParameter("password");
//控制台输出用户名(解决乱码)
System.out.println(username);
if("admin".equals(username) && "admin".equals(password)){
//校验通过
HttpSession session = request.getSession();
//将username保存在session中
session.setAttribute("username",username);
//response 重定向
response.sendRedirect(request.getContextPath() + "/BookList");
}else{
//校验失败
response.sendRedirect(request.getContextPath() + "/fail.jsp");
}
}
}
四.LoginFilter.java
详细请看拦截请求说明
注意:noLoginPaths
/**
* Created by Ray on 2018/3/13 0013.
**/
public class LoginFilter implements Filter {
private FilterConfig config;
//初始化
public void init(FilterConfig filterConfig) throws ServletException {
config = filterConfig;
}
//拦截请求
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
HttpSession httpSession = httpServletRequest.getSession();
//不拦截的地址
String noLoginPaths = config.getInitParameter("noLoginPaths");
if(noLoginPaths != null){
//使用";"分割
String[] strArray = noLoginPaths.split(";");
for(int i = 0; i < strArray.length; i++){
if(strArray[i] == null || "".equals(strArray[i])){
continue;
}
//httpServletRequest.getRequestURI()获取请求页面的相对路径
//indexOf如果此字符串中没有这样的字符,则返回 -1
if(httpServletRequest.getRequestURI().indexOf(strArray[i]) != -1){
chain.doFilter(request,response);
return;
}
}
}
//获取session中的username(sessinon在用户访问第一次访问服务器时创建)
if(httpSession.getAttribute("username") != null){
chain.doFilter(request,response);
}else{
httpServletResponse.sendRedirect("login.jsp");
}
}
//销毁
public void destroy() {
}
}
五.web.xml配置文件
1.servlet
2.filter
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<servlet>
<servlet-name>BookList</servlet-name>
<servlet-class>com.control.BookList</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>BookList</servlet-name>
<url-pattern>/BookList</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>BookAdd</servlet-name>
<servlet-class>com.control.BookAdd</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>BookAdd</servlet-name>
<url-pattern>/BookAdd</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>BookUpdate</servlet-name>
<servlet-class>com.control.BookUpdate</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>BookUpdate</servlet-name>
<url-pattern>/BookUpdate</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>BookDoUpdate</servlet-name>
<servlet-class>com.control.BookDoUpdate</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>BookDoUpdate</servlet-name>
<url-pattern>/BookDoUpdate</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>BookDelete</servlet-name>
<servlet-class>com.control.BookDelete</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>BookDelete</servlet-name>
<url-pattern>/BookDelete</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>BookDoDelete</servlet-name>
<servlet-class>com.control.BookDoDelete</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>BookDoDelete</servlet-name>
<url-pattern>/BookDoDelete</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>BookBatchAdd</servlet-name>
<servlet-class>com.control.BookBatchAdd</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>BookBatchAdd</servlet-name>
<url-pattern>/BookBatchAdd</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>BookBatchDelete</servlet-name>
<servlet-class>com.control.BookBatchDelete</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>BookBatchDelete</servlet-name>
<url-pattern>/BookBatchDelete</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>BookFind</servlet-name>
<servlet-class>com.control.BookFind</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>BookFind</servlet-name>
<url-pattern>/BookFind</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>Login</servlet-name>
<servlet-class>com.control.Login</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Login</servlet-name>
<url-pattern>/Login</url-pattern>
</servlet-mapping>
<!--登录拦截-->
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.Filter.LoginFilter</filter-class>
<init-param>
<param-name>noLoginPaths</param-name>
<param-value>login.jsp;fail.jsp;Login;ErrorFilter</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--配置过滤器-->
<filter>
<filter-name>CharSetFilter</filter-name>
<filter-class>com.Filter.CharSetFilter</filter-class>
<init-param>
<!--用来指定一个具体的字符集-->
<param-name>charset</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<!--映射过滤器-->
<filter-mapping>
<filter-name>CharSetFilter</filter-name>
<!--“/*”表示拦截所有的请求 -->
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--拦截404,500页面-->
<error-page>
<error-code>404</error-code>
<location>/error/error404.jsp</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/error/error500.jsp</location>
</error-page>
<filter>
<filter-name>ErrorFilter</filter-name>
<filter-class>com.Filter.ErrorFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ErrorFilter</filter-name>
<url-pattern>/error.jsp</url-pattern>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
</web-app>
六.页面效果
ok!