servlet过滤器能够对servlet容器的请求和响应对象进行检查和修改
servlet过滤器本身并不生成请求和响应对象,它只提供过滤作用
servlet过滤器能够在servlet被调用之前检查request对象,修改request header和request内容
servlet过滤器能够在servlet被调用之前检查response对象,修改response header和response内容
servlet过滤器负责过滤的wrb组件可能是servlet,jsp或html文件
login的主页面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body>
<form action="/test/userloginservlet" method="post">
username:<input type="text" name="username"><br>
password:<input type="password" name="password"><br>
authority:
<select name="authority">
<option value="1">common user</option>
<option value="2">administrator</option>
</select>
<br>
<input type="submit" value="submit">
</form>
</body>
</html>
用户登录成功的主界面
<%@ page language="java" import="com.hpu.javabean.User" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>My JSP 'index.jsp' starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
<a herf="QueryServlet">query</a><br>
<%if(((User)session.getAttribute("user")).getAuthority().equals("2")){%>
<a herf="UpdateServlet">update</a>
</body>
<%} %>
</html>
登录成功之后主页面
<%@ page language="java" import="com.hpu.javabean.User" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>My JSP 'index.jsp' starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
<a herf="QueryServlet">query</a><br>
<%if(((User)session.getAttribute("user")).getAuthority().equals("2")){%>
<a herf="UpdateServlet">update</a>
</body>
<%} %>
</html>
filter的代码
package com.hpu.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.omg.CORBA.Request;
public class loginfilter implements Filter
{
public void destroy()
{
// TODO Auto-generated method stub
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException
{
HttpServletRequest r = (HttpServletRequest)request;
String requestURI = r.getRequestURI();
if(requestURI.endsWith("UserLogin.jsp")||requestURI.endsWith("QueryServlet"))
{
chain.doFilter(request, response);
return;
}
HttpSession session=r.getSession();
if(null == session.getAttribute("user"))
{
((HttpServletResponse)response).sendRedirect("/UserLogin.jsp");
return;
}
else
{
chain.doFilter(request, response);
}
System.out.println("doFilter invoked!");
}
public void init(FilterConfig arg0) throws ServletException
{
System.out.println("init invoked");
}
}