webfilter过滤url_过滤器和监听器(二)

85d9774375445543b344a2f69748d560.png

【过滤器和监听器】

二 过滤器案例开发

2.1 过滤器案例开发之解决post乱码问题

filter可以帮助我们在请求到达servlet之前处理好post乱码问题,这样我们servlet接受的post请求参数是,直接获取参数即可

开发form表单

<form action="servlet1" method="post">
  <input type="text" name="username">
  <input type="submit">
</form>

开发后台servlet

package com.bjsxt.controller;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@WebServlet("/servlet1")
public class Servlet1  extends HttpServlet{
    @Override
    protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        String username = req.getParameter("username");
        System.out.println("username:"+username);
        resp.setContentType("text/html;charset=UTF-8");
        resp.getWriter().write("你好");
    }
}

开发编码过滤器

package com.bjsxt.filter;

import javax.servlet.*;
import java.io.IOException;

public class EncodingFilter implements Filter {
    private String encoding;
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        //从配置文件中读取编码
        encoding = filterConfig.getInitParameter("charset");
    }
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        // 设置请求编码
        servletRequest.setCharacterEncoding(encoding);
        // 设置响应编码
        servletResponse.setCharacterEncoding(encoding);
        // 传递处理请求
        filterChain.doFilter(servletRequest,servletResponse);
    }
    @Override
    public void destroy() {

    }
}

配置servlet和Filter

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
        http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
           version="3.0">

    <filter>
        <filter-name>encodingFilter</filter-name>
        <filter-class>com.bjsxt.filter.EncodingFilter</filter-class>
        <init-param>
            <param-name>charset</param-name>
            <param-value>UTF-8</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>encodingFilter</filter-name>
        <url-pattern>/servlet1</url-pattern>
    </filter-mapping>
</web-app>

访问测试:

提交数据

78a6fae40186b232f5f67beb6e2893ea.png

后台接收

c9ad049898d81ef58901aeeecb7273d4.png

返回数据

f7f3e38f1115b6f24aa47bf6cbb84664.png

2.2 过滤器案例开发之登录验证和权限校验问题

什么是用户角色管理

RBAC(Role-Based Access Control,基于角色的访问控制),就是用户通过角色与权限进行关联,从而获得某些功能的使用权限。权限被赋予给角色,而不是用户,但是一个用户可以拥有若干个角色,当一个角色被赋予给某一个用户时,此用户就拥有了该角色所包含的功能权限。简单地说,一个用户拥有若干角色,每一个角色拥有若干功能权限。这样,就构造成“用户-角色-权限”的授权模型。在这种模型中,用户与角色之间,角色与权限之间,一般者是多对多的关系。

7511cf6a15f78784e4f6b5c7c0a19638.png

需求

  1. 校验是否登录,如果没有登录执行登录,如果已经登录,那么校验资源
  2. 如果用户权限较高,那么可以访问的资源有ABC
  3. 如果用户全校较低,那么只能访问BC

d86836483a6b22a0754121821b51713c.png

Index 页登录代码

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
  <head>
    <title>$Title$</title>
  </head>
  <body>
    <form action="loginCheck" method="post">
      <input type="text" name="username"><br/>
      <input type="password" name="pwd"><br/>
      <input type="submit"><br/>
    </form>
    ${msg}
    <c:remove var="msg" scope="session"></c:remove>
  </body>
</html>

后台servlet代码

package com.bjsxt.controller;

import com.bjsxt.com.bjsxt.pojo.User;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

@WebServlet("/loginCheck")
public class LoginCheck extends HttpServlet {
    @Override
    protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        String username = req.getParameter("username");
        HttpSession session = req.getSession();
        String pwd = req.getParameter("pwd");
        if("尚学堂".equals(username)&&"1234".equals(pwd)){
            User user= new User("sxt","1234","1");
            session.setAttribute("user",user);
            resp.sendRedirect("b.jsp");
        }else if("北京尚学堂".equals(username)&&"4321".equals(pwd)){
            User user= new User("bjsxt","4321","2");
            session.setAttribute("user",user);
            resp.sendRedirect("a.jsp");
        }else{
            session.setAttribute("msg","登录失败");
            resp.sendRedirect("index.jsp");
        }

    }
}

过滤器代码

package com.bjsxt.filter;


import com.bjsxt.com.bjsxt.pojo.User;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

@WebFilter("/*")
public class LoginFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        /*如果请求的是index.jsp 放行*/
        HttpServletRequest request =(HttpServletRequest)servletRequest;
        HttpServletResponse response =(HttpServletResponse)servletResponse;
        String uri = request.getRequestURI();
        //放行 对于index.jsp 的访问  /loginCheck
        if(uri.contains("index.jsp")||uri.contains("loginCheck")){
            filterChain.doFilter(request,response);
            return;
        }

        /*如果已经登录 完成页面跳转*/
        HttpSession session = request.getSession();
        Object user = session.getAttribute("user");
        if(null != user){
            /*如果权限高 任何请求直接放行*/
            User u=(User)user;
            String level = u.getLevel();
            if(level.equals("2")){
                filterChain.doFilter(request,response);
            }else{
                /*如果权限低 请求a的时候 阻止*/
                if(uri.contains("a.jsp")){
                    /*如果没权限 ,回到登录页 提示权限不足*/
                    response.sendRedirect("index.jsp");
                    session.setAttribute("msg","权限不足,请使用更高级的账号登录");
                }else{
                    filterChain.doFilter(request,response);
                }
            }
        }else{
            response.sendRedirect("index.jsp");
            session.setAttribute("msg","您还没有登录,请先登录");
        }
    }

    @Override
    public void destroy() {

    }
}

配置filter

<filter>
    <filter-name>encodingFilter</filter-name>
    <filter-class>com.bjsxt.filter.EncodingFilter</filter-class>
    <init-param>
        <param-name>encoding</param-name>
        <param-value>UTF-8</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>encodingFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

本节作业

  1. 完成通过过滤器解决post乱码问题
  2. 完成通过过滤器解决登录和权限校验问题
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值