过滤器和拦截器

过滤器和拦截器的区别

拦截器和过滤器的区别：

1. 拦截器（interceptor）只对action请求起作用，而过滤器（filter）则可以对几乎所有的请求起作用。
2. 过滤器是在请求进入容器（Tomcat）之后，但是请求进入Servlet之前。请求结束返回时也是，是在Servlet处理完之后，返回给前端之前

过滤器的配置

1.创建filter包和LoginFilter类

package com.zhongruan.filter;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

public class LoginFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        //过滤器出生
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        //servletRequest 是接口 HTTPServletRequest 是实现，但是有些方法是HttpServletRequest独有的，例如说getSession
        //HttpServletRequest 接口是继承自servletRequest接口怎加了和Http相关的方法
        HttpServletRequest request = (HttpServletRequest)servletRequest;
        HttpServletResponse response =(HttpServletResponse)servletResponse;

        //获取session
        HttpSession session = request.getSession();
        //获取session,indexOf（）,求取字符串中路径出现的位置
        if (session.getAttribute("userInfo")==null && request.getRequestURI().indexOf("/user/doLogin.do")==-1){
            response.sendRedirect(request.getContextPath()+"/user/doLogin.do");

        }else {
            //已经登录，继续下一个请求（继续访问）
            filterChain.doFilter(request,response);
        }
    }

    @Override
    public void destroy() {
        //过滤器死亡
    }
}

2.web.xml配置

  <!--使用filter实现登录控制-->
  <filter>
    <filter-name>SessionFilter</filter-name>
    <filter-class>com.zhongruan.filter.LoginFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>SessionFilter</filter-name>
    <url-pattern>/pages/*</url-pattern>
    <url-pattern>*.jsp</url-pattern>
    <url-pattern>/css/*</url-pattern>
    <url-pattern>/img/*</url-pattern>
  </filter-mapping>

拦截器的配置

1.创建interceptor包和LoginInterceptor类

package com.zhongruan.interceptor;

import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class LoginInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        //在拦截里执行拦截，如果返回的是true则不执行拦截点后的操作（拦截成功）
        //1.判断当前的User用户不为空,获取当前的登录方法
        HttpSession session = request.getSession();
//        String url = request.getRequestURI();
//        System.out.println("接收到的url"+url);
        if (session.getAttribute("userInfo")!=null){
            return true;
        }else {
            //拦截，返回登录页面
            response.sendRedirect(request.getContextPath()+"/user/doLogin.do");
            return false;
        }

    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
        //处理过程中，执行拦截
    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
        //执行完毕，返回前拦截
    }
}

2.在spring-mvc.xml配置拦截器

<mvc:interceptors>
        <mvc:interceptor>
            <!--拦截所有的mvc控制器-->
            <mvc:mapping path="/**/"/>
            <!--放行机制，可以测试/指定某个页面不进行拦截-->
            <mvc:exclude-mapping path="/user/doLogin.do"/>
            <!--指定使用拦截器-->
            <bean class="com.zhongruan.interceptor.LoginInterceptor"></bean>
        </mvc:interceptor>
    </mvc:interceptors>