过滤器和拦截器
过滤器和拦截器的区别
拦截器和过滤器的区别:
- 拦截器(interceptor)只对action请求起作用,而过滤器(filter)则可以对几乎所有的请求起作用。
- 过滤器是在请求进入容器(Tomcat)之后,但是请求进入Servlet之前。请求结束返回时也是,是在Servlet处理完之后,返回给前端之前
过滤器的配置
1.创建filter包和LoginFilter类
package com.zhongruan.filter;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
public class LoginFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
//过滤器出生
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
//servletRequest 是接口 HTTPServletRequest 是实现,但是有些方法是HttpServletRequest独有的,例如说getSession
//HttpServletRequest 接口是继承自servletRequest接口怎加了和Http相关的方法
HttpServletRequest request = (HttpServletRequest)servletRequest;
HttpServletResponse response =(HttpServletResponse)servletResponse;
//获取session
HttpSession session = request.getSession();
//获取session,indexOf(),求取字符串中路径出现的位置
if (session.getAttribute("userInfo")==null && request.getRequestURI().indexOf("/user/doLogin.do")==-1){
response.sendRedirect(request.getContextPath()+"/user/doLogin.do");
}else {
//已经登录,继续下一个请求(继续访问)
filterChain.doFilter(request,response);
}
}
@Override
public void destroy() {
//过滤器死亡
}
}
2.web.xml配置
<!--使用filter实现登录控制-->
<filter>
<filter-name>SessionFilter</filter-name>
<filter-class>com.zhongruan.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SessionFilter</filter-name>
<url-pattern>/pages/*</url-pattern>
<url-pattern>*.jsp</url-pattern>
<url-pattern>/css/*</url-pattern>
<url-pattern>/img/*</url-pattern>
</filter-mapping>
拦截器的配置
1.创建interceptor包和LoginInterceptor类
package com.zhongruan.interceptor;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//在拦截里执行拦截,如果返回的是true则不执行拦截点后的操作(拦截成功)
//1.判断当前的User用户不为空,获取当前的登录方法
HttpSession session = request.getSession();
// String url = request.getRequestURI();
// System.out.println("接收到的url"+url);
if (session.getAttribute("userInfo")!=null){
return true;
}else {
//拦截,返回登录页面
response.sendRedirect(request.getContextPath()+"/user/doLogin.do");
return false;
}
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
//处理过程中,执行拦截
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
//执行完毕,返回前拦截
}
}
2.在spring-mvc.xml配置拦截器
<mvc:interceptors>
<mvc:interceptor>
<!--拦截所有的mvc控制器-->
<mvc:mapping path="/**/"/>
<!--放行机制,可以测试/指定某个页面不进行拦截-->
<mvc:exclude-mapping path="/user/doLogin.do"/>
<!--指定使用拦截器-->
<bean class="com.zhongruan.interceptor.LoginInterceptor"></bean>
</mvc:interceptor>
</mvc:interceptors>