Web基础(七)----过滤器

于 2017-12-22 21:51:05 发布
阅读量449 收藏 1
点赞数
分类专栏: Web基础
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/csdn_kenneth/article/details/78877109
版权
本文详细介绍了Java Web中的过滤器Filter,包括filter的简介、快速入门、访问流程、API详解和配置方法。重点讲解了filter如何设置字符编码,实现权限控制,以及其生命周期和执行顺序。同时,文中还探讨了filter的配置策略,如完全匹配、目录匹配和扩展名匹配,并通过实例说明了在重定向情况下的过滤器行为。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

一、过滤器Filter

1.1 filter的简介

filter是对客户端访问资源的过滤,符合条件放行,不符合条件不放行,并且可以对目 标资源访问前后进行逻辑处理

1.2 快速入门

步骤:
1)编写一个过滤器的类实现Filter接口
2)实现接口中尚未实现的方法(着重实现doFilter方法)
3)在web.xml中进行配置(主要是配置要对哪些资源进行过滤)

1.创建filter

package com.ken.web.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

public class QuickFilter1 implements Filter {

	@Override
	public void init(FilterConfig filterConfig) throws ServletException {

	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		System.out.println("quick1 running");
	}

	@Override
	public void destroy() {

	}
}
2.配置 
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns="http://java.sun.com/xml/ns/javaee"
	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
	id="WebApp_ID" version="2.5">
	<display-name>filterDemo</display-name>
	<welcome-file-list>
		<welcome-file>index.html</welcome-file>
		<welcome-file>index.htm</welcome-file>
		<welcome-file>index.jsp</welcome-file>
		<welcome-file>default.html</welcome-file>
		<welcome-file>default.htm</welcome-file>
		<welcome-file>default.jsp</welcome-file>
	</welcome-file-list>
	<filter>
		<filter-name>QuickFilter1</filter-name>
		<filter-class>com.ken.web.filter.QuickFilter1</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>QuickFilter1</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>
	<servlet>
		<description></description>
		<display-name>Servlet1</display-name>
		<servlet-name>Servlet1</servlet-name>
		<servlet-class>com.ken.web.servlet.Servlet1</servlet-class>
	</servlet>
	<servlet-mapping>
		<servlet-name>Servlet1</servlet-name>
		<url-pattern>/servlet1</url-pattern>
	</servlet-mapping>
</web-app>
3.创建servlet 
package com.ken.web.servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class Servlet1 extends HttpServlet {
	private static final long serialVersionUID = 1L;

	protected void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		response.getWriter().write("Servlet1 running...");
	}

	protected void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		doGet(request, response);
	}
}
4.运行效果



如图,servlet的dopost()方法没有执行。filte的doFilter()方法执行了。

是因为,过滤器没有放行。
5.修改filter

package com.ken.web.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

public class QuickFilter1 implements Filter {

	@Override
	public void init(FilterConfig filterConfig) throws ServletException {

	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		System.out.println("quick1 running");
		//放行请求
		chain.doFilter(request, response);
	}

	@Override
	public void destroy() {

	}
}
6.运行效果


1.3 访问流程


filter的作用:1.可以设置setCharacterEncoding("UTF-8"),这样,我们不用每个servlet中自己手动去写。2.权限控制,我们把所有请求拦下来,得到请求用户的角色,然后,根据请求所要访问的目标资源,进行过滤。

三、Filter的API详解

3.1 filter生命周期及其与生命周期相关的方法

Filter接口有三个方法,并且这个三个都是与Filter的生命相关的方法
init(Filterconfig):代表filter对象初始化方法 filter对象创建时执行
doFilter(ServletRequest,ServletResponse,FilterCha):代表filter执行过滤的核心方法,如果某资源在已经被配置到这个filter进行过滤的话,那么每次访问这个资源都会执行doFilter方法
destory():代表是filter销毁方法 当filter对象销毁时执行该方法
Filter对象的生命周期:
Filter何时创建:服务器启动时就创建该filter对象
Filter何时销毁:服务器关闭时filter销毁

3.2 Filter的AP详解

1)init(FilterConfig)
其中参数config代表 该Filter对象的配置信息的对象,内部封装是该filter的配置信息。 
package com.ken.web.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

public class QuickFilter1 implements Filter {

	@Override
	// Filter创建的时候执行init方法
	public void init(FilterConfig filterConfig) throws ServletException {
		// 1、获得web.xml中filter的名称<filter-name>QuickFilter1</filter-name>
		System.out.println(filterConfig.getFilterName());
		// 2、获得当前filter的初始化参数
		String url = filterConfig.getInitParameter("url");
		// 3、获得servletContext
		ServletContext servletContext = filterConfig.getServletContext();

		System.out.println("init...");
	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		System.out.println("quick1 running...");
		// 放行请求
		chain.doFilter(request, response);
	}

	@Override
	public void destroy() {

	}
}
2)destory()方法
filter对象销毁时执行
3)doFilter方法
doFilter(ServletRequest,ServletResponse,FilterChain)
其中的参数:
ServletRequest/ServletResponse:每次在执行doFilter方法时 web容器负责创建一个request和一个response对象作为doFilter的参数传递进来。该request和该response就是在访问目标资源的service方法时的request和response。
FilterChain:过滤器链对象,通过该对象的doFilter方法可以放行该请求
生命周期:服务器启动的时候创建filter对象,并且执行init()方法。当服务器关闭的时候执行destory()方法,并且该filter对象销毁。每次请求,只要配置了目标资源要经过此过滤器,doFilter()方法就执行一次。

filter的执行顺序是根据<filter-mapping>标签的顺序来的。

四、Filter的配置

url-pattern配置时
1)完全匹配  /sertvle1
2)目录匹配  /aaa/bbb/* ----最多的
/user/*:访问前台的资源进入此过滤器
/admin/*:访问后台的资源时执行此过滤器
3)扩展名匹配  *.abc  *.jsp
注意:url-pattern可以使用servlet-name替代,也可以混用

<filter-mapping>
	<filter-name>QuickFilter1</filter-name>
	<url-pattern>/*</url-pattern>
	<servlet-name>MyServlet</servlet-name>
</filter-mapping>
dispatcher:访问的方式(了解)
REQUEST:默认值,代表直接访问某个资源时执行filter
FORWARD:转发时才执行filter
INCLUDE: 包含资源时执行filter
ERROR:发生错误时 进行跳转时执行filter

演示REQUEST:

servlet1

package com.ken.web.servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class Servlet1 extends HttpServlet {
	private static final long serialVersionUID = 1L;

	protected void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		// response.getWriter().write("Servlet1 running...");
		System.out.println("Servlet1 running...");

		request.getRequestDispatcher("/servlet2").forward(request, response);
	}

	protected void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		doGet(request, response);
	}
}
servlet2 
package com.ken.web.servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class Servlet2 extends HttpServlet {
	private static final long serialVersionUID = 1L;

	protected void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		response.getWriter().write("hello world...");
	}

	protected void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		doGet(request, response);
	}
}
fileter1: 
package com.ken.web.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

public class QuickFilter1 implements Filter {

	@Override
	// Filter创建的时候执行init方法
	public void init(FilterConfig filterConfig) throws ServletException {
		// 1、获得web.xml中filter的名称<filter-name>QuickFilter1</filter-name>
		System.out.println(filterConfig.getFilterName());
		// 2、获得当前filter的初始化参数
		String url = filterConfig.getInitParameter("url");
		// 3、获得servletContext
		ServletContext servletContext = filterConfig.getServletContext();

		System.out.println("init...");
	}

	@Override
	// doFilter是Filter的核心过滤的方法
	/**
	 * 
	 */
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {
		System.out.println("quick1 running...");
		// 放行请求
		chain.doFilter(request, response);
	}

	@Override
	public void destroy() {

	}
}
web.xml: 
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
  <display-name>filterDemo</display-name>
  <welcome-file-list>
    <welcome-file>index.html</welcome-file>
    <welcome-file>index.htm</welcome-file>
    <welcome-file>index.jsp</welcome-file>
    <welcome-file>default.html</welcome-file>
    <welcome-file>default.htm</welcome-file>
    <welcome-file>default.jsp</welcome-file>
  </welcome-file-list>
  <filter>
    <filter-name>QuickFilter1</filter-name>
    <filter-class>com.ken.web.filter.QuickFilter1</filter-class>
    <init-param>
      <param-name>url</param-name>
      <param-value>www.baidu.com</param-value>
    </init-param>
  </filter>
  <filter-mapping>
    <filter-name>QuickFilter1</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
  </filter-mapping>
<!--   <filter>
    <filter-name>QuickFilter2</filter-name>
    <filter-class>com.ken.web.filter.QuickFilter2</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>QuickFilter2</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping> -->
  <servlet>
    <description></description>
    <display-name>Servlet1</display-name>
    <servlet-name>Servlet1</servlet-name>
    <servlet-class>com.ken.web.servlet.Servlet1</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>Servlet1</servlet-name>
    <url-pattern>/servlet1</url-pattern>
  </servlet-mapping>
  <servlet>
    <description></description>
    <display-name>Servlet2</display-name>
    <servlet-name>Servlet2</servlet-name>
    <servlet-class>com.ken.web.servlet.Servlet2</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>Servlet2</servlet-name>
    <url-pattern>/servlet2</url-pattern>
  </servlet-mapping>
</web-app>
运行效果:



过滤器quick1只执行了一次。也就是,访问servlet2的时候过滤器没有执行。
重定向的情况,修改servlet1

package com.ken.web.servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class Servlet1 extends HttpServlet {
	private static final long serialVersionUID = 1L;

	protected void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		System.out.println("Servlet1 running...");
		// response.getWriter().write("Servlet1 running...");
		// request.getRequestDispatcher("/servlet2").forward(request, response);
		response.sendRedirect(request.getContextPath()+"/servlet2");
	}

	protected void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		doGet(request, response);
	}
}
运行效果:



重定向,从客户端重新请求,属于直接访问资源。

五、总结Filter的作用

1)公共代码的提取
2)可以对request和response中的方法进行增强(装饰者模式/动态代理)
3)进行权限控制

源码下载

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值