Filter
filter是对客户端访问资源的过滤,符合条件放行,不符合条件不放行,并且可以对目 标资源访问前后进行逻辑处理
apis
methods | desc |
---|---|
init(Filterconfig) | filter对象初始化方法 filter对象创建时执行 |
doFilter(ServletRequest,ServletResponse,FilterCha) | filter执行过滤的核心方法,如果某资源在已经被配置到这个filter进行过滤的话,那么每次访问这个资源都会执行doFilter方法 |
destory() | filter销毁方法 当filter对象销毁时执行该方法 |
1、创建一个Filter(实现Filter接口即可)
package cn.zdfy.web.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class EncodingFilter implements Filter {
public EncodingFilter() {
}
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
// 0 强转
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
// 1 设置编码
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
// 2 放行
chain.doFilter(request, response);
}
public void init(FilterConfig fConfig) throws ServletException {
}
}
2、Filter url-pattern 配置
<filter>
<display-name>EncodingFilter</display-name>
<filter-name>EncodingFilter</filter-name>
<filter-class>cn.zdfy.web.filter.EncodingFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>EncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
【注意】
url-pattern配置时
1)完全匹配 /sertvle1
2)目录匹配 /aaa/bbb/* —-最多的
/user/*:访问前台的资源进入此过滤器
/admin/*:访问后台的资源时执行此过滤器
3)扩展名匹配 .abc .jsp
url-pattern可以使用servlet-name替代,也可以混用
Filter的作用
1)公共代码的提取
2)可以对request和response中的方法进行增强(装饰者模式/动态代理)
3)进行权限控制
filter访问流程图
利用Filter做自动登录
package cn.zdfy.web.filter;
import java.io.IOException;
import java.sql.SQLException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import cn.zdfy.domain.User;
import cn.zdfy.service.UserService;
public class AutoLoginFilter implements Filter {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
// 强转成HttpServletRequest
HttpServletRequest req = (HttpServletRequest) request;
User user = (User) req.getSession().getAttribute("user");
if (user == null) {
String cookie_username = null;
String cookie_password = null;
// 获取携带用户名和密码cookie
Cookie[] cookies = req.getCookies();
if (cookies != null) {
for (Cookie cookie : cookies) {
// 获得想要的cookie
if ("cookie_username".equals(cookie.getName())) {
cookie_username = cookie.getValue();
}
if ("cookie_password".equals(cookie.getName())) {
cookie_password = cookie.getValue();
}
}
}
if (cookie_username != null && cookie_password != null) {
// 去数据库校验该用户名和密码是否正确
UserService service = new UserService();
user = service.login(cookie_username, cookie_password);
// 完成自动登录
req.getSession().setAttribute("user", user);
}
}
// 放行
chain.doFilter(req, response);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void destroy() {
}
}