过滤器
Filter 和 Listener 是 Servlet 规范中的高级特性
不处理任何客户端请求,只用于对 request, response进行修改或者对象 context, session, request时间进行监听.
过滤器链,一个FilterChain包括多个Filter,客户端请求request在抵达Servlet之前会进入FilterChain里面的所有过滤器,服务器相应response在从servlet抵达客户端浏览器之前也会经过FIlterChain里面的过滤器
一个过滤器必须实现javax.servlet.Filter接口,filter接口有3个方法
init(FilterConfig config) : web程序启动时调用此方法,用于初始化过滤器
FilterConfig : 可以从改参数中获取初始化参数 == ServletConfig
doFilter(servletRequest,ServletResponse,FIlterChain) : 客户端所有请求都会经过此方法
request : 客户请求
response : 服务器响应
FilterChain :将请求传给下一个filter或servlet
destory() : 销毁方法
REQUEST : 拦截所有进入服务器的请求资源
FORWARD : 只拦截转发请求
在完成过滤器的设计后,在web.xml中配置对应的过滤器即可。
web配置
filter
com.ugrow.filter.FilterDemo01
name
why
filter
/*
过滤器的用处很多,在写页面很多,而且需要设置字符集的时候,可以吧修改字符集直接写在过滤器中,这样就不必给每个页面设置字符集了;
同理当有登录页面时,为防止直接未登录就访问其他页面,需要每一页都添加一个登录验证,判断是否登录,页面多时,显然是行不通的,所以也要用到过滤器
还有就是图片防盗,通过过滤器可以防止别人直接复制你的图片链接,盗图
filter
package org.lq.web;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.catalina.Session;
/**
* Servlet Filter implementation class ImgFilter
*/
@WebFilter("/ImgFilter")
public class ImgFilter implements Filter {
/**
* Default constructor.
*/
public ImgFilter() {
// TODO Auto-generated constructor stub
}
/**
* @see Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
//轉換成HttpServletRequest 獲取請求頭信息
request.setCharacterEncoding("utf-8");
response.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=utf-8");
HttpServletRequest req = (HttpServletRequest)request;
String referer = req.getHeader("Referer");
System.out.println(req.getRequestURL()+"======="+referer);
String path = req.getServletPath();
String pathExt = path.substring(path.lastIndexOf(".")+1);
List<String> imgExt = Arrays.asList("jpg","png","gif","jpeg");
if(imgExt.contains(pathExt)) {
if(referer==null) {
request.getRequestDispatcher("/img/2.png").forward(request, response);
}
}
HttpServletResponse reqr=(HttpServletResponse) response;
HttpSession session = req.getSession();
List<String> urlContxt = Arrays.asList("index.jsp","jpg","css","js","LoginServlet","BBB.jsp","png");
String path2 = req.getServletPath();
System.out.println(req.getServletPath());
if(
session.getAttribute("user")!=null
||urlContxt.contains(path2.substring(1))
||urlContxt.contains(path2.substring(path2.lastIndexOf(".")+1))
) {
chain.doFilter(request, response);
}else {
reqr.sendRedirect("main.jsp");
}
// chain.doFilter(request, response);
}
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
// TODO Auto-generated method stub
}
}
loginServlet
package org.lq.web;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Servlet implementation class LoginServlet
*/
@WebServlet("/LoginServlet")
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* @see HttpServlet#HttpServlet()
*/
public LoginServlet() {
super();
// TODO Auto-generated constructor stub
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String name = request.getParameter("uname");
String pwd = request.getParameter("upwd");
if("admin".equals(name) && "123456".equals(pwd)) {
request.getSession().setAttribute("user", name);
response.sendRedirect("main.jsp");
}else {
response.sendRedirect("index.jsp");
}
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
doGet(request, response);
}
}
login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<img alt="" src="img/1.png">
<form action="LoginServlet">
<input name ="uname">
<input type="password" name = "upwd">;
<input type="submit">
</form>
</body>
</html>
main.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<h1>
歡迎用戶${user }
</h1>
</body>
</html>