过滤器中的初始化参数是在容器启动时自动加载的,可以通过FilterConfig的getInitParameter()方法取出配置的初始化参数,只初始化一次,过滤器中的doFilter()方法实际上会调用两次,一次在FilterChain操作之前,一次是在FilterChain操作之后。
过滤器在登录验证的应用。
01
@WebFilter("/*")
public class LoginFilter implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
//向下转型
HttpServletRequest request = (HttpServletRequest) req;
HttpSession ses = request.getSession();
if (ses.getAttribute("userid") != null) {
System.out.println("userid不为空");
chain.doFilter(req, resp);
System.out.println("我把他放了");
} else {
//没有登录就跳转到登录页
System.out.println("他没有userid");
req.getRequestDispatcher("index.jsp").forward(req, resp);
}
}
public void init(FilterConfig config) throws ServletException {
}
}
02
/**
* 登录验证的过滤器
*/
@WebFilter("/*")
public class LoginFilter implements Filter {
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
System.out.println(req);
//0.强制转换
HttpServletRequest request = (HttpServletRequest) req;
//1.获取资源请求路径
String uri = request.getRequestURI();
//2.判断是否包含登录相关资源路径,要注意排除掉 css/js/图片/验证码等资源
if(uri.contains("/login.jsp") || uri.contains("/loginServlet") || uri.contains("/css/") || uri.contains("/js/") || uri.contains("/fonts/") || uri.contains("/checkCodeServlet") ){
//包含,用户就是想登录。放行
chain.doFilter(req, resp);
}else{
//不包含,需要验证用户是否登录
//3.从获取session中获取user
Object user = request.getSession().getAttribute("user");
if(user != null){
//登录了。放行
chain.doFilter(req, resp);
}else{
//没有登录。跳转登录页面
request.setAttribute("login_msg","您尚未登录,请登录");
request.getRequestDispatcher("/login.jsp").forward(request,resp);
}
}