一、什么是过滤器
Filter
过滤器它是 JavaWeb 的三大组件之一。三大组件分别是Servlet
程序、Listener
监听器、Filter
过滤器。Filter
过滤器它是 JavaEE 的规范,也就是一个接口。- Filter 过滤器它的作用是拦截请求和过滤响应。拦截请求常见的应用场景有权限检查、日记操作、事务管理等等。
二、Filter过滤器的使用
编写一个类去实现 Filter
接口,并实现过滤方法 doFilter()
public class AdminFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
HttpSession session = httpServletRequest.getSession();
Object user = session.getAttribute("user");
// 如果等于 null,说明还没有登录
if (user == null) {
servletRequest.getRequestDispatcher("/login.jsp").forward(servletRequest,servletResponse);
return;
}else {
// 让程序继续往下访问用户的目标资源
filterChain.doFilter(servletRequest,servletResponse);
}
}
@Override
public void destroy() {
}
}
web.xml
中配置 Filter
的拦截路径
<filter>
<filter-name>AdminFilter</filter-name>
<filter-class>filter.AdminFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AdminFilter</filter-name>
<url-pattern>/admin/*</url-pattern>
</filter-mapping>
编写LoginServlet
程序
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html; charset=UTF-8");
String username = request.getParameter("username");
String password = request.getParameter("password");
if ("asd".equals(username) && "111".equals(password)){
request.getSession().setAttribute("user",username);
response.getWriter().write("登录成功");
}else {
request.getRequestDispatcher("/login.jsp").forward(request,response);
}
}
三、Filter的生命周期
构造器方法
和init()
方法在web工程启动时就会被执行,此时filter
过滤器已经被创建。- 每次拦截到请求时,就会执行
doFilter()
方法。 - 在停止web工程时,就会执行
destroy()
方法,此时会销毁filter过滤器。
public class AdminFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
HttpSession session = httpServletRequest.getSession();
Object user = session.getAttribute("user");
// 如果等于 null,说明还没有登录
if (user == null) {
servletRequest.getRequestDispatcher("/login.jsp").forward(servletRequest,servletResponse);
return;
}else {
// 让程序继续往下访问用户的目标资源
filterChain.doFilter(servletRequest,servletResponse);
}
}
@Override
public void destroy() {
}
}
四、FilterConfig类
FilterConfig
类它是Filter
过滤器的配置文件类。- Tomcat 每次创建
Filter
的时候,也会同时创建一个FilterConfig
类,这里包含了Filter
配置文件的配置信息。 FilterConfig
类的作用是获取filter
过滤器的配置内容
public void init(FilterConfig filterConfig) throws ServletException {
//获取filter的名称 filter-name的内容
System.out.println("filter-name的值是:" + filterConfig.getFilterName());
//获取在web.xml中配置的init-param初始化参数
System.out.println("初始化参数username的值是:" + filterConfig.getInitParameter("username"));
System.out.println("初始化参数url的值是:" + filterConfig.getInitParameter("url"));
//获取servletContext对象
System.out.println(filterConfig.getServletContext());
}
五、FilterChain过滤器链
Filter1
过滤器
public class Filter1 implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
System.out.println("Filter1前置代码");
chain.doFilter(req, resp);
System.out.println("Filter1后置代码");
}
public void init(FilterConfig config) throws ServletException {
}
}
Filter2
过滤器
public class Filter2 implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
System.out.println("Filter2前置代码");
chain.doFilter(req, resp);
System.out.println("Filter2后置代码");
}
public void init(FilterConfig config) throws ServletException {
}
}
六、Filter的拦截路径
精确匹配
<url-pattern>/index.jsp</url-pattern>
目录匹配
<url-pattern>/admin/*</url-pattern>
后缀名匹配
<url-pattern>*.html</url-pattern>
Filter 过滤器它只关心请求的地址是否匹配,不关心请求的资源是否存在.