下列例子实现 (页面是基于JSP脚本实现的)
1.统一编码过滤 2.登录权限过滤器
1.1首先先写一个简单的JSP登录页面
具体代码如下
<form action="LoginFifterServlet" method="post">
用户名:<input type="text" name="username">
密码:<input type="password" name="pwd">
<input type="submit" value="提交">
</form>
1.2创建一个Servlet名为LoginFifterServlet
package com.fifter.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
@WebServlet("/LoginFifterServlet") //访问路径
public class LoginFifterServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
System.out.println("进入servlet服务...");
String name = request.getParameter("username");
String pwd = request.getParameter("pwd");
HttpSession session =request.getSession();
session.setAttribute("username",name);
//设置session有效期(10秒钟)
session.setMaxInactiveInterval(10);
//直接输出到页面用户信息
response.getWriter().print("用户名:" + name);
response.getWriter().print("<br/>");
response.getWriter().print("密码:" + pwd);
System.out.println("退出servlet服务");
}
}
这里可以观察;在运行结束后response.getWriter().print()输出的信息是乱码的;而解决这个,可以加在servlet中加上
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=utf-8");
其次;思考到将来可能会有很多个Servlet,每个都加上比较繁琐;所以需要放到Filter中,
1.3创建Filter过滤器
package com.filter.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
/**
* Servlet Filter implementation class CodeFilter
*/
@WebFilter(filterName = "CodeFilter", urlPatterns = "/*")
public class CodeFilter implements Filter {
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chai)throws IOException, ServletException {
// 直接输入到页面会乱码;所以用Filter来实现乱码问题
// 通过一个功能把公共代码提取来
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=utf-8");
//登录权限过滤器
// doFilter把request和reponse继续向后传递
System.out.println("进入编码过滤器...");
chain.doFilter(request, response);
System.out.println("退出编码过滤器...");
System.out.println("页面在发送请求时,会先进入Filter过滤器,执行后由chain.doFilter(request,response)进入Servlet执行")
}
public void init(FilterConfig fConfig) throws ServletException {
}
}
2.1登录权限过滤器
实现用户不能直接跳转除登录以外的页面,
先创建一个message.jsp;
//**首先先在Login.jsp页面加上
如果不用过滤器,我们每个除登录以外的页面都需要加以下代码
<% String username = (String) session.getAttribute("username");
if (username==null) {
rsp.sendRedirect("Login.jsp");
}%>
用户名:${username}
2.2使用过滤器验证
package com.filter.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.annotation.WebInitParam;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
* Servlet Filter implementation class LoginFilter 登录过滤器
*/
@WebFilter(filterName = "LoginFilter", urlPatterns = "/*", initParams = {
@WebInitParam(name = "noFilterUrl", value = "Login.jsp,LoginFifterServlet") })
//initParams 设置本个过滤器不参与过滤的页面
public class LoginFilter implements Filter {
private String[] noFifter;
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse rsp = (HttpServletResponse) response;
HttpSession session = req.getSession();
String username = (String) session.getAttribute("username");
if (username != null) {
chain.doFilter(request, response);
} else {
// 未登录
String url = req.getRequestURI();// 获取用户请求地址
for (String temp : noFifter) {
if (url.indexOf(temp)!= -1) {
chain.doFilter(req, rsp);
return;
}
}
rsp.sendRedirect("Login.jsp");
}
}
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
noFifter = fConfig.getInitParameter("noFilterUrl").split(",");//分割路径
}
}
这样JSP中<%%>的代码就可以全部删除了而且同样实现了无Session过滤