Java Web过滤器详解

Java Web过滤器详解

过滤器是什么玩意？

所谓过滤器，其实就是一个服务端组件，用来截取用户端的请求与响应信息。

过滤器的应用场景：

1.对用户请求进行统一认证，保证不会出现用户账户安全性问题

2.编码转换，可在服务端的过滤器中设置统一的编码格式，避免出现乱码

3.对用户发送的数据进行过滤替换

4.转换图像格式

5.对响应的内容进行压缩

其中，第1,2场景经常涉及。

login.jsp

<%@ page language="java" import="java.util.*" contentType="text/html; charset=utf-8"%>

<%

String path = request.getContextPath();

String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";

%>

用户名:

密码:

success.jsp

<%@ page language="java" import="java.util.*" pageEncoding="utf-8" contentType="text/html; charset=utf-8"%>

<%

String path = request.getContextPath();

String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";

%>

failure.jsp

<%@ page language="java" import="java.util.*" contentType="text/html; charset=utf-8"%>

<%

String path = request.getContextPath();

String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";

%>

登录失败，请检查用户名或密码！

LoginFilter.java

package com.cityhuntshou.filter;

import java.io.IOException;

import javax.servlet.Filter;

import javax.servlet.FilterChain;

import javax.servlet.FilterConfig;

import javax.servlet.ServletException;

import javax.servlet.ServletRequest;

import javax.servlet.ServletResponse;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import javax.servlet.http.HttpSession;

public class LoginFilter implements Filter {

private FilterConfig config;

public void destroy() {

}

public void doFilter(ServletRequest arg0, ServletResponse arg1,

FilterChain arg2) throws IOException, ServletException {

HttpServletRequest request = (HttpServletRequest) arg0;

HttpServletResponse response = (HttpServletResponse) arg1;

HttpSession session = request.getSession();

//过滤器实际应用场景之二-----编码转换

String charset = config.getInitParameter("charset");

if(charset == null)

{

charset = "UTF-8";

}

request.setCharacterEncoding(charset);

String noLoginPaths = config.getInitParameter("noLoginPaths");

if(noLoginPaths != null)

{

String[] strArray = noLoginPaths.split(";");

for(int i = 0; i < strArray.length; i++)

{

//空元素，放行

if(strArray[i] == null || "".equals(strArray[i]))

continue;

if(request.getRequestURI().indexOf(strArray[i]) != -1)

{

arg2.doFilter(arg0, arg1);

return;

}

}

}

if(request.getRequestURI().indexOf("login.jsp") != -1

|| request.getRequestURI().indexOf("LoginServlet") != -1)

{

arg2.doFilter(arg0, arg1);

return;

}

if(session.getAttribute("username") != null)

{

arg2.doFilter(arg0, arg1);

}

else

{

response.sendRedirect("login.jsp");

}

}

public void init(FilterConfig arg0) throws ServletException {

config = arg0;

}

}

LoginServlet.java

package com.cityhuntshou.servlet;

import java.io.IOException;

import java.io.PrintWriter;

import javax.servlet.ServletException;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import javax.servlet.http.HttpSession;

public class LoginServlet extends HttpServlet {

/**

* Constructor of the object.

*/

public LoginServlet() {

super();

}

/**

* Destruction of the servlet.

*/

public void destroy() {

super.destroy(); // Just puts "destroy" string in log

// Put your code here

}

/**

* The doGet method of the servlet.

*

* This method is called when a form has its tag value method equals to get.

*

* @param request the request send by the client to the server

* @param response the response send by the server to the client

* @throws ServletException if an error occurred

* @throws IOException if an error occurred

*/

public void doGet(HttpServletRequest request, Hhttp://ttpServletResponse response)

throws ServletException, IOException {

}

/**

* The doPost method of the servlet.

*

* This method is called when a form has its tag value method equals to post.

*

* @param request the request send by the client to the server

* @param response the response send by the server to the client

* @throws ServletException if an error occurred

* @throws IOException if an error occurred

*/

public void doPost(HttpServletRequest request, HttpServletResponse response)

throws ServletException, IOException {

String username = request.getParameter("username");

String password = request.getParameter("password");

//new String(username.getBytes("ISO-8859-1"),"UTF-8")

System.out.println(username);

if("admin".equals(username) && "admin".equals(password))

{

QujNeP //校验通过

HttpSession session = request.getSession();

session.setAttribute("username", username);

response.sendRedirect(request.getContextPath()+"/success.jsp");

}

else

{

//校验失败

response.sendRedirect(request.getContextPath()+"/failure.jsp");

}

}

/**

* Initialization of the servlet.

*

* @throws ServletException if an error occurs

*/

public void init() throws ServletException {

// Put your code here

}

}

web.xml

xmlns="http://java.sun.com/xml/ns/javaee"

xmlns:xsi="http://w3.org/2001/XMLSchema-instance"

xsi:schemaLocation="http://java.sun.com/xml/ns/javaee

http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

This is the description of my J2EE component

This is the display name of my J2EE component

LoginServlet

com.cityhuntshou.servlet.LoginServlet

LoginServlet

/servlet/LoginServlet

index.jsp

LoginFilter

com.cityhuntshou.filter.LoginFilter

noLoginPaths

login.jsp;failure.jsp;loginServlet

charset

UTF-8

LoginFilter

/*

xmlns="http://java.sun.com/xml/ns/javaee"

xmlns:xsi="http://w3.org/2001/XMLSchema-instance"

xsi:schemaLocation="http://java.sun.com/xml/ns/javaee

http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

This is the description of my J2EE component

This is the display name of my J2EE component

LoginServlet

com.cityhuntshou.servlet.LoginServlet

LoginServlet

/servlet/LoginServlet

index.jsp

LoginFilter

com.cityhuntshou.filter.LoginFilter

noLoginPaths

login.jsp;failure.jsp;loginServlet

charset

UTF-8

LoginFilter

/*

运行效果：

访问结果：

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。