知识点汇总
Filter:是javaWeb的一个重要组件,可以对发送到Servlet的请求进行拦截,并对响应也进行拦截。
Filter是实现了Filter接口的java类
Filter需要在web.xml中进行配置。多个Filter拦截的顺序和<filter-mapping>
配置顺序有关
`指定过滤器所拦截的资源被Servlet容器调用的方式默认REQUESE
①REQUEST用户之间访问页面时,Web容器将会调用过滤器。如果目标资源是通过RequestDispatcher的include()或forward()方法访问时,该过滤器不会被调用。
②FORWARD如果目标资源是通过RequestDispatcher的forward()方法访问时,该过滤器将会被调用,除外该过滤器不会被调用。
③INCLUDE如果目标资源是通过RequestDispatcher的include()方法访问时,该过滤器将会被调用,除外该过滤器不会被调用。
④ERROR如果目标资源是通过声明式异常处理机制调用时,那么该过滤器将会被调用,除外该过滤器不会被调用。
代码示例:
1.定义自己的HttpFilter类
public abstract class HttpFilter implements Filter {
private FilterConfig filterConfig;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig=filterConfig;
init();
}
protected void init(){}
public FilterConfig getFilterConfig(){
return filterConfig;
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest httpServletRequest=(HttpServletRequest) servletRequest;
HttpServletResponse httpServletResponse=(HttpServletResponse)servletResponse;
doFilter(httpServletRequest,httpServletResponse,filterChain);
}
public abstract void doFilter(HttpServletRequest request,HttpServletResponse response,FilterChain filterChain)
throws IOException,ServletException;
@Override
public void destroy() {
}
}
2.登录过滤器
public class LoginFilter extends HttpFilter {
private String sessionKey;
private String redirectUrl;
private String uncheckedUrls;
@Override
protected void init() {
ServletContext servletContext=getFilterConfig().getServletContext();
sessionKey=servletContext.getInitParameter("userSessionKey");
redirectUrl=servletContext.getInitParameter("redirectPage");
uncheckedUrls=servletContext.getInitParameter("UncheckedUrls");
}
/**
*@ClassName LoginFilter
*@Description 检查用户是否登录的过滤器
*@Param [request, response, filterChain]
*@Return void
*@Date 2020/2/29 12:12
*@Author Roy
*/
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
//获取请求的ServletPath
String servletPath=request.getServletPath();
//检查获取的servletPath是否为需要检查的
List<String> urls= Arrays.asList(uncheckedUrls.split(","));
if(urls.contains(servletPath)){
filterChain.doFilter(request,response);
return;
}
//从session中获取sessionKey的值若只不存在重定向的redirectUrl
Object user=request.getSession().getAttribute(sessionKey);
if(user == null){
response.sendRedirect(request.getContextPath()+redirectUrl);
return;
}
//若存在允许访问
filterChain.doFilter(request,response);
}
}
3.编码过滤器
public class EncodingFilter extends HttpFilter {
private String encoding ;
@Override
protected void init() {
encoding=getFilterConfig().getServletContext().getInitParameter("encoding");
}
/**
*@ClassName EncodingFilter
*@Description 字符编码过滤器
*@Param [request, response, filterChain]
*@Return void
*@Date 2020/2/29 11:44
*@Author Roy
*/
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
request.setCharacterEncoding(encoding);
filterChain.doFilter(request,response);
}
}
4.缓存过滤器
public class NoCacheFilter extends HttpFilter {
/**
*@ClassName NoCacheFilter
*@Description 禁用缓存的filter
*@Param [request, response, filterChain]
*@Return void
*@Date 2020/2/29 11:36
*@Author Roy
*/
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
response.setDateHeader("Expires",-1);
response.setHeader("Cache-Control","no-cache");
response.setHeader("Pragma","no-cache");
filterChain.doFilter(request,response);
}
}
5.敏感词过滤
public class MyHttpServletRequest extends HttpServletRequestWrapper {
public MyHttpServletRequest(HttpServletRequest request) {
super(request);
}
@Override
public String getParameter(String name) {
String val=super.getParameter(name);
if(val != null && val.contains(" 敏感词")){
val=val.replace("敏感词","****");
}
return val;
}
}