权限验证过滤器案例需求
- 现在一个网站上需要有登录功能,在登陆成功之后,重定向到后台的成功页面(后台的页面有很多),如果没有登录直接在地址栏输入后台url,也是可以登录的。
- 编写一个过滤器:可以对没有登录的用户进行拦截。(没有登录,回到登陆页面,如果已经登陆,放行。)
权限验证过滤器代码
package com.itheima.Filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import com.itheima.domain.User;
public class PrivilegeFilter implements Filter {
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2)
throws IOException, ServletException {
//判断:用户是否已经登陆,如果登录了,放行;没有登录,回到登陆页面。
HttpServletRequest request = (HttpServletRequest) arg0;
User existUser = (User) request.getSession().getAttribute("existUser");
//判断
if(existUser == null) {
//没有登陆
request.setAttribute("msg", "您还没有登录,请先登录");
request.getRequestDispatcher("/login.jsp").forward(arg0, arg1);
}else {
//已经登陆
arg2.doFilter(arg0, arg1);
}
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}
配置权限验证过滤器
<filter>
<filter-name>PrivilegeFilter</filter-name>
<filter-class>com.itheima.Filter.PrivilegeFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>PrivilegeFilter</filter-name>
<url-pattern>/jsp/*</url-pattern>
</filter-mapping>
除了登陆页面(login.jsp)在根目录,其他jsp文件放在jsp文件夹里,所有需访问后续页面的路径都必须先经过过滤器判断。
通用字符集编码过滤器案例需求
- 网站,需要向后台提交中文的数据(有可能是get、也有可能是post提交)。中文处理方式不同。
- 需要调用request.getparamater()方法接收数据,但这个时候无论是get还是post接收数据都会乱码,怎么解决?
- 通过上面的分析,现在增强request的getparamater方法,增强的过程要写在过滤器当中。
通用字符集编码过滤器代码实现
package com.itheima.Filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
/**
* 通用的字符集编码过滤器
*/
public class GenericEncodingFilter implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
//在过滤器中增强request对象,并将增强后的request对象传递给Servlet
HttpServletRequest req = (HttpServletRequest) request;
MyHttpServletRequest myReq = new MyHttpServletRequest(req);
chain.doFilter(myReq, response);
}
public void init(FilterConfig fConfig) throws ServletException {
}
}
package com.itheima.Filter;
import java.io.UnsupportedEncodingException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
/**
* 增强的类
*/
public class MyHttpServletRequest extends HttpServletRequestWrapper{
private HttpServletRequest request;
public MyHttpServletRequest(HttpServletRequest request) {
super(request);
this.request=request;
}
//增强request.getparameter()方法
@Override
public String getParameter(String name) {
//获得请求方式
String method = request.getMethod();
//根据get还是post请求进行不同方式乱码的处理
if("GET".equalsIgnoreCase(method)) {
String value = super.getParameter(name);
try {
value = new String(value.getBytes("ISO-8859-1"),"UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return value;
}else if ("POST".equalsIgnoreCase(method)) {
try {
request.setCharacterEncoding("UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
}
return super.getParameter(name);
}
}
<filter>
<display-name>GenericEncodingFilter</display-name>
<filter-name>GenericEncodingFilter</filter-name>
<filter-class>com.itheima.Filter.GenericEncodingFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>GenericEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>