javaweb中Filter(过滤器)的常见应用

网友投稿 234 2023-07-24


javaweb中Filter(过滤器)的常见应用

一、统一全站字符编码

通过配置参数charset指明使用何种字符编码,以处理Html Form请求参数的中文问题

package me.gacl.web.filter;

import java.io.IOException;

import javax.servlet.Filter;

import javax.servlet.FilterChain;

import javax.servlet.FilterConfig;

import javax.servlet.ServletException;

import javax.servlet.ServletRequest;

import javax.servlet.ServletResponse;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletRequestWrapper;

import javax.servlet.http.HttpServletResponse;

/**

* @ClassName: CharacterEncodingFilter

* @Description: 此过滤器用来解决全站中文乱码问题

*/

public class CharacterEncodingFilter implements Filter {

private FilterConfig filterConfig = null;

//设置默认的字符编码

private String defaultCharset = "UTF-8";

public void doFilter(ServletRequest req, ServletResponse resp,

FilterChain chain) throws IOException, ServletException {

HttpServletRequest request = (HttpServletRequest) req;

HttpServletResponse response = (HttpServletResponse) resp;

String charset = filterConfig.getInitParameter("charset");

if(charset==null){

charset = defaultCharset;

}

request.setCharacterEncoding(charset);

response.setCharacterEncoding(charset);

response.setContentType("text/html;charset="+charset);

MyCharacterEncodingRequest requestWrapper = new MyCharacterEncodingRequest(request);

chain.doFilter(requestWrapper, response);

}

public void init(FilterConfig filterConfig) throws ServletException {

//得到过滤器的初始化配置信息

this.filterConfig = filterConfig;

}

public void destroy() {

}

}

/*

1.实现与被增强对象相同的接口

2、定义一个变量记住被增强对象

3、定义一个构造器,接收被增强对象

4、覆盖需要增强的方法

5、对于不想增强的方法,直接调用被增强对象(目标对象)的方法

*/

class MyCharacterEncodingRequehttp://st extends HttpServletRequestWrapper{

private HttpServletRequest request;

public MyCharacterEncodingRequest(HttpServletRequest request) {

super(request);

this.request = request;

}

/* 重写getParameter方法

* @see javax.servlet.ServletRequestWrapper#getParameter(java.lang.String)

*/

@Override

public String getParameter(String name) {

try{

//获取参数的值

String value= this.request.getParameter(name);

if(value==null){

return null;

}

//如果不是以get方式提交数据的,就直接返回获取到的值

if(!this.request.getMethod().equalsIgnoreCase("get")) {

return value;

}else{

//如果是以get方式提交数据的,就对获取到的值进行转码处理

value = new String(value.getBytes("ISO8859-1"),this.request.getCharacterEncoding());

return value;

}

}catch (Exception e) {

throw new RuntimeException(e);

}

}

}

web.xml文件中的配置如下:

CharacterEncodingFilter

me.gacl.web.filter.CharacterEncodingFilter

charset

UTF-8

CharacterEncodingFilter

/*

二、禁止浏览器缓存所有动态页面

  有3 个HTTP 响应头字段都可以禁止浏览器缓存当前页面,它们在 Servlet 中的示例代码如下:

response.setDateHeader("Expires",-1);

response.setHeader("Cache-Control","no-cache");

response.setHeader("Pragma","no-cache");

并不是所有的浏览器都能完全支持上面的三个响应头,因此最好是同时使用上面的三个响应头。

Expires数据头:值为GMT时间值,为-1指浏览器不要缓存页面

Cache-Control响应头有两个常用值:

no-cache指浏览器不要缓存当前页面。

max-age:xxx指浏览器缓存页面xxx秒。

package me.gacl.web.filter;

import java.io.IOException;

import javax.servlet.Filter;

import javax.servlet.FilterChain;

import javax.servlet.FilterConfig;

import javax.servlet.ServletException;

import javax.servlet.ServletRequest;

import javax.servlet.ServletResponse;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

/**

* @ClassName: NoCacheFilter

* @Description: 禁止浏览器缓存所有动态页面

* @author: 孤傲苍狼

* @date: 2014-8-31 下午11:25:40

*

*/

public class NoCacheFilter implements Filter {

public void doFilter(ServletRequest req, ServletResponse resp,

FilterChain chain) throws IOException, ServletException {

//把ServletRequest强转成HttpServletRequest

HttpServletRequest request = (HttpServletRequest) req;

//把ServletResponse强转成HttpServletResponse

HttpServletResponse response = (HttpServletResponse) resp;

//禁止浏览器缓存所有动态页面

response.setDateHeader("Expires", -1);

response.setHeader("Cache-Control", "no-cache");

response.setHeader("Pragma", "no-cache");

chain.doFilter(request, response);

}

public void init(FilterConfig filterConfig) throws ServletException {

}

public void destroy() {

}

}

web.xml文件中的配置如下:

NoCacheFilter

me.gacl.web.filter.NoCacheFilter

NoCacheFilter

*.jsp

三、控制浏览器缓存页面中的静态资源

有些动态页面中引用了一些图片或css文件以修饰页面效果,这些图片和css文件经常是不变化的,所以为减轻服务器的压力,可以使用filter控制浏览器缓存这些文件,以提升服务器的性能。

package me.gacl.web.filter;

import java.io.IOException;

import javax.servlet.Filter;

import javax.servlet.FilterChain;

import javax.servlet.FilterConfig;

import javax.servlet.ServletException;

import javax.servlet.ServletRequest;

import javax.servlet.ServletResponse;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

/**

* @ClassName: CacheFilter

* @Description: 控制缓存的filter

*/

public class CacheFilter implements Filter {

private FilterConfig filterConfig;

public void doFilter(ServletRequest req, ServletResponse resp,

FilterChain chain) throws IOException, ServletException {

HttpServletRequest request = (HttpServletRequest) req;

HttpServletResponse response = (HttpServletResponse) resp;

//1.获取用户想访问的资源

String uri = request.getRequestURI();

//2.得到用户想访问的资源的后缀名

String ext = uri.substring(uri.lastIndexOf(".")+1);

//得到资源需要缓存的时间

String time = filterConfig.getInitParameter(ext);

if(time!=null){

long t = Long.parseLong(time)*3600*1000;

//设置缓存

response.setDateHeader("expires", System.currentTimeMillis() + t);

}

chain.doFilter(request, response);

}

public void init(FilterConfig filterConfig) throws ServletException {

this.filterConfig = filterConfig;

}

public void destroy() {

}

}

web.xml文件中的配置如下:

CacheFilter

me.gacl.web.filter.CacheFilter

css

4

jpg

1

js

4

png

4

CacheFilter

*.jpg

CacheFilter

*.css

CacheFilter

*.js

CacheFilter

*.png

四、实现用户自动登陆

思路是这样的:

1、在用户登陆成功后,发送一个名称为user的cookie给客户端,cookie的值为用户名和md5加密后的密码。

  2、编写一个AutoLoginFilter,这个filter检查用户是否带有名称为user的cookie来,如果有,则调用dao查询cookie的用户名和密码是否和数据库匹配,匹配则向session中存入user对象(即用户登陆标记),以实现程序完成自动登陆。

核心代码如下:

处理用户登录的控制器:LoginServlet

package me.gacl.web.controller;

import java.io.IOException;

import javax.servlet.ServletException;

import javax.servlet.http.Cookie;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import me.gacl.dao.UserDao;

import me.gacl.domain.User;

import me.gacl.util.WebUtils;

public class LoginServlet extends HttpServlet {

public void doGet(HttpServletRequest request, HttpServletResponse response)

throws ServletException, IOException {

String username = request.getParameter("username");

String password = request.getParameter("password");

UserDao dao = new UserDao();

User user = dao.find(username, password);

if(user==null){

request.setAttribute("message", "用户名或密码不对!!");

request.getRequestDispatcher("/message.jsp").forward(request, response);

return;

}

request.getSession().setAttribute("user", user);

//发送自动登陆cookie给客户端浏览器进行存储

sendAutoLoginCookie(request,response,user);

request.getRequestDispatcher("/index.jsp").forward(request, response);

}

/**

* @Method: sendAutoLoginCookie

* @Description: 发送自动登录cookie给客户端浏览器

* @param request

* @param response

* @param user

*/

private void sendAutoLoginCookie(HttpServletRequest request, HttpServletResponse response, User user) {

if (request.getParameter("logintime")!=null) {

int logintime = Integer.parseInt(request.getParameter("logintime"));

//创建cookie,cookie的名字是autologin,值是用户登录的用户名和密码,用户名和密码之间使用.进行分割,密码经过md5加密处理

Cookie cookie = new Cookie("autologin",user.getUsername() + "." + WebUtils.md5(user.getPassword()));

//设置cookie的有效期

cookie.setMaxAge(logintime);

//设置cookie的有效路径

cookie.setPath(request.getContextPath());

//将cookie写入到客户端浏览器

response.addCookie(cookie);

}

}

public void doPost(HttpServletRequest request, HttpServletResponse response)

throws ServletException, IOException {

doGet(request, response);

}

}

处理用户自动登录的过滤器:AutoLoginFilter

package me.gacl.web.filter;

import java.io.IOException;

import javax.servlet.Filter;

import javax.servlet.FilterChain;

import javax.servlet.FilterConfig;

import javax.servlet.ServletException;

import javax.servlet.ServletRequest;

import javax.servlet.ServletResponse;

import javax.servlet.http.Cookie;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import me.gacl.dao.UserDao;

import me.gacl.domain.User;

import me.gacl.util.WebUtils;

public class AutoLoginFilter implements Filter {

public void doFilter(ServletRequest req, ServletResponse resp,

FilterChain chain) throws IOException, ServletException {

HttpServletRequest request = (HttpServletRequest) req;

HttpServletResponse response = (HttpServletResponse) resp;

//如果已经登录了,就直接chain.doFilter(request, response)放行

if(request.getSession().getAttribute("user")!=null){

chain.doFilter(request, response);

return;

}

//1.得到用户带过来的authlogin的cookie

String value = null;

Cookie cookies[] = request.getCookies();

for(int i=0;cookies!=null && i

if(cookies[i].getName().equals("autologin")){

value = cookies[i].getValue();

}

}

//2.得到 cookie中的用户名和密码

if(value!=null){

String username = value.split("\\.")[0];

String password = value.split("\\.")[1];

//3.调用dao获取用户对应的密码

UserDao dao = new UserDao();

User user = dao.find(username);

String dbpassword = user.getPassword();

//4.检查用户带过来的md5的密码和数据库中的密码是否匹配,如匹配则自动登陆

if(password.equals(WebUtils.md5(dbpassword))){

request.getSession().setAttribute("user", user);

}

}

chain.doFilter(request, response);

}

public void destroy() {

}

public void init(FilterConfig filterConfig) throws ServletException {

}

}

如果想取消自动登录,那么可以在用户注销时删除自动登录cookie,核心代码如下:

package me.gacl.web.controller;

import java.io.IOException;

import javax.servlet.ServletException;

import javax.servlet.http.Cookie;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

public class CancelAutoLoginServlet extends HttpServlet {

public void doGet(HttpServletRequest request, HttpServletResponse response)

throws ServletException, IOException {

//移除存储在session中的user

request.getSession().removeAttribute("user");

//移除自动登录的cookie

removeAutoLoginCookie(request,response);

//注销用户后跳转到登录页面

request.getRequestDispatcher("/login.jsp").forward(request, response);

}

/**

* @Method: removeAutoLoginCookie

* @Description: 删除自动登录cookie,

* JavaWeb中删除cookie的方式就是新创建一个cookie,新创建的cookie与要删除的cookie同名,

* 设置新创建的cookie的cookie的有效期设置为0,有效路径与要删除的cookie的有效路径相同

* @param request

* @param response

*/

private void removeAutoLoginCookie(HttpServletRequest request, HttpServletResponse response) {

//创建一个名字为autologin的cookie

Cookie cookie = new Cookie("autologin","");

//将cookie的有效期设置为0,命令浏览器删除该cookie

cookie.setMaxAge(0);

//设置要删除的cookie的path

cookie.setPath(request.getContextPath());

response.addCookie(cookie);

}

public void doPost(HttpServletRequest request, HttpServletResponse response)

throws ServletException, IOException {

doGet(request, response);

}

}

以上就是过滤器的几个常见应用场景,希望对大家的学习有所帮助。

if(cookies[i].getName().equals("autologin")){

value = cookies[i].getValue();

}

}

//2.得到 cookie中的用户名和密码

if(value!=null){

String username = value.split("\\.")[0];

String password = value.split("\\.")[1];

//3.调用dao获取用户对应的密码

UserDao dao = new UserDao();

User user = dao.find(username);

String dbpassword = user.getPassword();

//4.检查用户带过来的md5的密码和数据库中的密码是否匹配,如匹配则自动登陆

if(password.equals(WebUtils.md5(dbpassword))){

request.getSession().setAttribute("user", user);

}

}

chain.doFilter(request, response);

}

public void destroy() {

}

public void init(FilterConfig filterConfig) throws ServletException {

}

}

如果想取消自动登录,那么可以在用户注销时删除自动登录cookie,核心代码如下:

package me.gacl.web.controller;

import java.io.IOException;

import javax.servlet.ServletException;

import javax.servlet.http.Cookie;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

public class CancelAutoLoginServlet extends HttpServlet {

public void doGet(HttpServletRequest request, HttpServletResponse response)

throws ServletException, IOException {

//移除存储在session中的user

request.getSession().removeAttribute("user");

//移除自动登录的cookie

removeAutoLoginCookie(request,response);

//注销用户后跳转到登录页面

request.getRequestDispatcher("/login.jsp").forward(request, response);

}

/**

* @Method: removeAutoLoginCookie

* @Description: 删除自动登录cookie,

* JavaWeb中删除cookie的方式就是新创建一个cookie,新创建的cookie与要删除的cookie同名,

* 设置新创建的cookie的cookie的有效期设置为0,有效路径与要删除的cookie的有效路径相同

* @param request

* @param response

*/

private void removeAutoLoginCookie(HttpServletRequest request, HttpServletResponse response) {

//创建一个名字为autologin的cookie

Cookie cookie = new Cookie("autologin","");

//将cookie的有效期设置为0,命令浏览器删除该cookie

cookie.setMaxAge(0);

//设置要删除的cookie的path

cookie.setPath(request.getContextPath());

response.addCookie(cookie);

}

public void doPost(HttpServletRequest request, HttpServletResponse response)

throws ServletException, IOException {

doGet(request, response);

}

}

以上就是过滤器的几个常见应用场景,希望对大家的学习有所帮助。


版权声明:本文内容由网络用户投稿,版权归原作者所有,本站不拥有其著作权,亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容,请联系我们jiasou666@gmail.com 处理,核实后本网站将在24小时内删除侵权内容。

上一篇:详解maxlength属性在textarea里奇怪的表现
下一篇:java servlet结合Oracle搭建java的web开发环境
相关文章

 发表评论

暂时没有评论,来抢沙发吧~