中文乱码
@WebFilter(filterName = "CharacterEncodingFilter", urlPatterns = "/*")
public class CharacterEncodingFilter implements Filter {
public static String encoding;
public void init(FilterConfig config) throws ServletException {
// Web服务器启动就初始化了
encoding = config.getServletContext().getInitParameter("encoding");
}
public void destroy() {
// Web服务器关闭就销毁
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {
request.setCharacterEncoding(encoding);
response.setContentType("text/html;charset=" + encoding);
chain.doFilter(request, response);
}
}
登陆拦截
拦截器
@WebFilter(filterName = "AuthorityFilter", urlPatterns = "/*")
public class AuthorityFilter implements Filter {
public static List<String> passPath = new ArrayList<>();
public void init(FilterConfig config) throws ServletException {
passPath.add("login.jsp");
passPath.add("login");
}
public void destroy() {
}
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
String requestURI = request.getRequestURI().substring(request.getRequestURI().lastIndexOf("/") + 1);
String userID = (String) request.getSession().getAttribute("UserID");
if (!passPath.contains(requestURI)) {
// 不在放行范围内的其他链接,如果没有登陆则跳到登陆页面
if (userID == null) {
response.sendRedirect(request.getContextPath() + "/login.jsp");
} else {
chain.doFilter(request, response);
}
} else {
// 被放行的链接,如果已登陆则跳到首页
if (userID != null) {
response.sendRedirect(request.getContextPath() + "/index.jsp");
}else {
chain.doFilter(request, response);
}
}
}
}
LoginServlet
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String username = request.getParameter("username");
String password = request.getParameter("password");
if ("admin".equals(username) && "admin".equals(password)) {
request.getSession().removeAttribute("msg");
request.getSession().setAttribute("UserID", request.getSession().getId());
response.sendRedirect(request.getContextPath() + "/common/LoginSuccess.jsp");
} else {
request.getSession().setAttribute("msg", "账号或密码错误");
response.sendRedirect(request.getContextPath() + "/login.jsp");
}
}
LogoutServlet
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
request.getSession().removeAttribute("UserID");
response.sendRedirect(request.getContextPath() + "/login.jsp");
}
LoginJSP
<body>
<form action="${pageContext.request.contextPath}/login">
用户名:<input type="text" name="username"> <br/>
密码:<input type="password" name="password"> <br/>
<input type="submit" value="登陆"> ${pageContext.session.getAttribute("msg")}
</form>
</body>
LogSuccessJSP
<body>
<h1>登陆成功!</h1>
<form action="${pageContext.request.contextPath}/logout">
<input type="submit" value="注销">
</form>
</body>
总结
折腾了好久,登陆拦截器的关键点在于某些路径需要放行,否则会造成各种问题。且在过滤器里进行重定向的链接一定不能执行chain.doFilter(request, response);,否则继续执行后续代码如果有再有重定向就会报错,最好就是重定向完就不继续chain了,直接执行重定向代码。这也是chain的意义。