1.filter概述
可以过滤从客户端向服务器发送的请求
进行IP的过滤,脏话过滤,自动登录
编写一个类实现Filter接口;
2.filter的生命周期
创建:服务器启动的时候.
销毁:服务器关闭的时候.
3.FilterConfig:过滤器的配置对象
public void init(FilterConfig filterConfig) throws ServletException { // 获得当前的Filter的名称: String filterName = filterConfig.getFilterName(); System.out.println(filterName); // 获得初始化参数: String username = filterConfig.getInitParameter("username"); String password = filterConfig.getInitParameter("password"); System.out.println(username+" "+password); // 获得所有的初始化参数的名称: Enumeration<String> en = filterConfig.getInitParameterNames(); while(en.hasMoreElements()){ String name = en.nextElement(); String value = filterConfig.getInitParameter(name); System.out.println(name+" "+value); } }
4.FilterChain:过滤器链
过滤器链中的过滤器的执行的顺序与<filter-mapping>的配置顺序有关.
doFilter(request,response); -- 放行,放行到下一个过滤器中,如果没有下一个过滤器,到达目标资源.
5.Filter相关的配置
? <url-pattern>的配置:
* 完全路径匹配 :以 / 开始 /demo4/demo1.jsp
* 目录匹配 :以 / 开始 以 * 结束. /* /demo1/*
* 扩展名匹配 :不能以 / 开始 以 * 开始. *.do *.action
? <servlet-name>的配置:根据Servlet的名称拦截Servlet.
? <dispatcher>的配置:
* REQUEST :默认值.
* FORWARD :转发.
* INCLUDE :包含.
* ERROR :错误页面跳转.(全局错误页面)
6.自动登录的案例
/** * 这是一个登录的servlet * 这个案例没有做中文的处理 * */ public class LoginServlet extends HttpServlet { private static final long serialVersionUID = 1L; protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { try { //获取表单数据 User user = new User(); BeanUtils.populate(user, request.getParameterMap()); UserService us = new UserService(); User users = us.login(user); if(users != null) { //判断是否勾选自动登录 String autoLogin = request.getParameter("autoLogin"); if(autoLogin != null) { Cookie password_cookie = new Cookie("password_cookie", users.getPassword()); Cookie username_cookie = new Cookie("username_cookie", users.getUsername()); password_cookie.setMaxAge(30*60); username_cookie.setMaxAge(30*60); //发送cookie出去 response.addCookie(username_cookie); response.addCookie(password_cookie); //在过滤器中检测cookie } request.setAttribute("user", users); request.getRequestDispatcher("/index.jsp").forward(request, response); }else { String loginInfo = "用户名或密码错误"; request.setAttribute("loginInfo", loginInfo); request.getRequestDispatcher("/login.jsp").forward(request, response); } } catch (Exception e) { e.printStackTrace(); } } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
/** * 这是一个自动登录的过滤器 * */ public class AutoLoginFilter implements Filter{ @Override public void destroy() { } @Override public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) throws IOException, ServletException { System.out.println("AutoLoginFilter"); //获得request和response HttpServletRequest request = (HttpServletRequest) arg0; HttpServletResponse response = (HttpServletResponse) arg1; //获得所有cookie Cookie[] cookies = request.getCookies(); //调用cookie的工具类 Cookie username_cookie = CookieUtils.findCookie(cookies, "username_cookie"); Cookie password_cookie = CookieUtils.findCookie(cookies, "password_cookie"); User user = new User(); if(username_cookie != null && password_cookie != null) { //取出存在特定cookie中的用户名和密码 String username = username_cookie.getValue(); String password = password_cookie.getValue(); //设置到user对象中 user.setUsername(username); user.setPassword(password); //创建session对象 HttpSession session = request.getSession(); UserDao ud = new UserDao(); User users = null; try { //调用dao层判断cookie有没有发生变化 users = ud.login(user); //保存到session域 session.setAttribute("user", users); } catch (SQLException e) { e.printStackTrace(); } } //放行 arg2.doFilter(request, response); } @Override public void init(FilterConfig arg0) throws ServletException { } }
cookie工具类:
/** * Cookie的工具类 * @author admin * */ public class CookieUtils { public static Cookie findCookie(Cookie[] cookies,String name){ if(cookies == null){ return null; }else{ for(Cookie cookie:cookies){ if(name.equals(cookie.getName())){ return cookie; } } return null; } } }
7.解决中文乱码问题
public class MyHttpServletRequestWrapper extends HttpServletRequestWrapper{ private HttpServletRequest request; public MyHttpServletRequestWrapper(HttpServletRequest request) { super(request); this.request = request; } @Override public String getParameter(String name) { // 根据请求方式不同,去处理: // 获得请求方式: String method = request.getMethod(); if("get".equalsIgnoreCase(method)){ String value = null; try { value = new String(request.getParameter(name).getBytes("ISO-8859-1"),"UTF-8"); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return value; }else if("post".equalsIgnoreCase(method)){ try { request.setCharacterEncoding("UTF-8"); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } } return super.getParameter(name); } }
public class EncodingFilter implements Filter{ @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; MyHttpServletRequestWrapper myReq = new MyHttpServletRequestWrapper(req); chain.doFilter(myReq, response); } @Override public void destroy() { } }