![85d9774375445543b344a2f69748d560.png](https://img-blog.csdnimg.cn/img_convert/85d9774375445543b344a2f69748d560.png)
【过滤器和监听器】
二 过滤器案例开发
2.1 过滤器案例开发之解决post乱码问题
filter可以帮助我们在请求到达servlet之前处理好post乱码问题,这样我们servlet接受的post请求参数是,直接获取参数即可
开发form表单
<form action="servlet1" method="post">
<input type="text" name="username">
<input type="submit">
</form>
开发后台servlet
package com.bjsxt.controller;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet("/servlet1")
public class Servlet1 extends HttpServlet{
@Override
protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String username = req.getParameter("username");
System.out.println("username:"+username);
resp.setContentType("text/html;charset=UTF-8");
resp.getWriter().write("你好");
}
}
开发编码过滤器
package com.bjsxt.filter;
import javax.servlet.*;
import java.io.IOException;
public class EncodingFilter implements Filter {
private String encoding;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
//从配置文件中读取编码
encoding = filterConfig.getInitParameter("charset");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
// 设置请求编码
servletRequest.setCharacterEncoding(encoding);
// 设置响应编码
servletResponse.setCharacterEncoding(encoding);
// 传递处理请求
filterChain.doFilter(servletRequest,servletResponse);
}
@Override
public void destroy() {
}
}
配置servlet和Filter
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>com.bjsxt.filter.EncodingFilter</filter-class>
<init-param>
<param-name>charset</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/servlet1</url-pattern>
</filter-mapping>
</web-app>
访问测试:
提交数据
![78a6fae40186b232f5f67beb6e2893ea.png](https://img-blog.csdnimg.cn/img_convert/78a6fae40186b232f5f67beb6e2893ea.png)
后台接收
![c9ad049898d81ef58901aeeecb7273d4.png](https://img-blog.csdnimg.cn/img_convert/c9ad049898d81ef58901aeeecb7273d4.png)
返回数据
![f7f3e38f1115b6f24aa47bf6cbb84664.png](https://img-blog.csdnimg.cn/img_convert/f7f3e38f1115b6f24aa47bf6cbb84664.png)
2.2 过滤器案例开发之登录验证和权限校验问题
什么是用户角色管理
RBAC(Role-Based Access Control,基于角色的访问控制),就是用户通过角色与权限进行关联,从而获得某些功能的使用权限。权限被赋予给角色,而不是用户,但是一个用户可以拥有若干个角色,当一个角色被赋予给某一个用户时,此用户就拥有了该角色所包含的功能权限。简单地说,一个用户拥有若干角色,每一个角色拥有若干功能权限。这样,就构造成“用户-角色-权限”的授权模型。在这种模型中,用户与角色之间,角色与权限之间,一般者是多对多的关系。
![7511cf6a15f78784e4f6b5c7c0a19638.png](https://img-blog.csdnimg.cn/img_convert/7511cf6a15f78784e4f6b5c7c0a19638.png)
需求
- 校验是否登录,如果没有登录执行登录,如果已经登录,那么校验资源
- 如果用户权限较高,那么可以访问的资源有ABC
- 如果用户全校较低,那么只能访问BC
![d86836483a6b22a0754121821b51713c.png](https://img-blog.csdnimg.cn/img_convert/d86836483a6b22a0754121821b51713c.png)
Index 页登录代码
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<head>
<title>$Title$</title>
</head>
<body>
<form action="loginCheck" method="post">
<input type="text" name="username"><br/>
<input type="password" name="pwd"><br/>
<input type="submit"><br/>
</form>
${msg}
<c:remove var="msg" scope="session"></c:remove>
</body>
</html>
后台servlet代码
package com.bjsxt.controller;
import com.bjsxt.com.bjsxt.pojo.User;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet("/loginCheck")
public class LoginCheck extends HttpServlet {
@Override
protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String username = req.getParameter("username");
HttpSession session = req.getSession();
String pwd = req.getParameter("pwd");
if("尚学堂".equals(username)&&"1234".equals(pwd)){
User user= new User("sxt","1234","1");
session.setAttribute("user",user);
resp.sendRedirect("b.jsp");
}else if("北京尚学堂".equals(username)&&"4321".equals(pwd)){
User user= new User("bjsxt","4321","2");
session.setAttribute("user",user);
resp.sendRedirect("a.jsp");
}else{
session.setAttribute("msg","登录失败");
resp.sendRedirect("index.jsp");
}
}
}
过滤器代码
package com.bjsxt.filter;
import com.bjsxt.com.bjsxt.pojo.User;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebFilter("/*")
public class LoginFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
/*如果请求的是index.jsp 放行*/
HttpServletRequest request =(HttpServletRequest)servletRequest;
HttpServletResponse response =(HttpServletResponse)servletResponse;
String uri = request.getRequestURI();
//放行 对于index.jsp 的访问 /loginCheck
if(uri.contains("index.jsp")||uri.contains("loginCheck")){
filterChain.doFilter(request,response);
return;
}
/*如果已经登录 完成页面跳转*/
HttpSession session = request.getSession();
Object user = session.getAttribute("user");
if(null != user){
/*如果权限高 任何请求直接放行*/
User u=(User)user;
String level = u.getLevel();
if(level.equals("2")){
filterChain.doFilter(request,response);
}else{
/*如果权限低 请求a的时候 阻止*/
if(uri.contains("a.jsp")){
/*如果没权限 ,回到登录页 提示权限不足*/
response.sendRedirect("index.jsp");
session.setAttribute("msg","权限不足,请使用更高级的账号登录");
}else{
filterChain.doFilter(request,response);
}
}
}else{
response.sendRedirect("index.jsp");
session.setAttribute("msg","您还没有登录,请先登录");
}
}
@Override
public void destroy() {
}
}
配置filter
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>com.bjsxt.filter.EncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
本节作业
- 完成通过过滤器解决post乱码问题
- 完成通过过滤器解决登录和权限校验问题