过滤器(Filter)

过滤器的概念

  1. Servlet过滤器是在Java Servlet规范2.3中定义的,它能够对Servlet容器的请求和响应对象进行检查和修改。
  2. Servlet过滤器本身并不生成请求和响应对象,它只提供过滤作用。
  3. Servlet过滤器能够在Servlet被调用之前检查Request对象,修改Request Header和Request内容;
  4. 在Servlet被调用之后检查Response对象,修改Response Header和Response内容。Servlet过滤器负责过滤的Web组件可以是Servlet、JSP或HTML文件。

Servlet过滤器的过滤过程

在这里插入图片描述

Filter接口

  1. 所有的 Servlet 过 滤 器 类 都 必 须 实 现javax.servlet.Filter接口。这个接口含有3个过滤器类必须实现的方法:
    – init()
    – doFilter()
    – destroy()

  2. init(FilterConfig):这是Servlet过滤器的初始化方法,Servlet容器创建Servlet过滤器实例后将调用这个方法。在这个方法中可以读取web.xml 文件中Servlet过滤器的初始化参数。

  3. doFilter(ServletRequest, ServletResponse,FilterChain): 这个方法完成实际的过滤操作。当客户请求访问与过滤器关联的URL时,Servlet容器将先调用过滤器的doFilter方法。FilterChain参数用于访问后续过滤器

过滤器的链式请求处理过程(FilterChain)
在这里插入图片描述

  1. destroy():Servlet容器在销毁过滤器实例前调用该方法,在这个方法中可以释放Servlet过滤器占用的资源
  2. 在web.xml配置中filter要配置在servlet的上面,而url-parttern写的是要过滤的servlet,写/*是过滤web应用下的所有的请求
  3. Filter会在服务器启动的时候就初始化,如果在init启动失败服务器就无法启动,例如在init中抛出异常。
package learn.filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;


public class LoginFilter implements Filter {


	public void destroy() {
		
	}


	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		System.out.println("doFilter invoked!");
	}


	public void init(FilterConfig fConfig) throws ServletException {
		System.out.println("init invoked!");
	}

}

<filter>
		<description>
		</description>
		<display-name>LoginFilter</display-name>
		<filter-name>LoginFilter</filter-name>
		<filter-class>learn.filter.LoginFilter</filter-class>
	</filter>
	
	<filter-mapping>
		<filter-name>LoginFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

init invoked!
一月 31, 2019 4:54:15 下午 org.apache.coyote.AbstractProtocol start
信息: Starting ProtocolHandler [“http-nio-8080”]
一月 31, 2019 4:54:15 下午 org.apache.coyote.AbstractProtocol start
信息: Starting ProtocolHandler [“ajp-nio-8009”]
一月 31, 2019 4:54:15 下午 org.apache.catalina.startup.Catalina start
信息: Server startup in 251 ms
doFilter invoked!
doFilter invoked!

过滤器的例子

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<base href="<%=basePath%>">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>

<form action="CommentServlet" method="post">
username:<input type="text" name="username"><br>
comments:<textarea name="comment" row="7" cols="20"></textarea><br>

<input type="submit" value="submit">

</form>

</body>
</html>
package learn.filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


public class CommentFilter implements Filter {


	public void destroy() {
		// TODO Auto-generated method stub
	}


	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		
		HttpServletRequest req = (HttpServletRequest)request;
		HttpServletResponse resp = (HttpServletResponse)response;
		
		req.setCharacterEncoding("UTF-8");
		resp.setCharacterEncoding("UTF-8");
		
		String username = req.getParameter("username");
		String comment = req.getParameter("comment");
		
		username = username.replace("zhang", "li");
		comment = comment.replace("大连交通大学", "****");
		
		req.setAttribute("username", username);
		req.setAttribute("comment", comment);
		
		chain.doFilter(request, response);
	}


	public void init(FilterConfig fConfig) throws ServletException {
		// TODO Auto-generated method stub
	}

}

package learn.servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


public class CommentServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;
       

	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		
		
		request.getRequestDispatcher("commentResult.jsp").forward(request, response);
		
	}

}

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<base href="<%=basePath%>">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
uesrname:<%= request.getAttribute("username") %><br>
comments:<%= request.getAttribute("comment") %>


</body>
</html>

在这里插入图片描述
在这里插入图片描述

改进session中的例子

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>

<% String authority = request.getParameter("authority");
   String username = request.getParameter("username");
%>

<form action="${pageContext.request.contextPath}/MyLoginServlet" method="post">
username:<input type="text" name="username" value="<%= null == username?"":username %>"><br>
password:<input type="password" name="password"><br>

authority:
<select name="authority">
    <option value="1" <%= "1".equals(authority)?"selected='selected'":""%>>common user</option>
    <option value="2" <%= "2".equals(authority)?"selected='selected'":""%>>administrator</option>
</select>
<br>
<input type="submit" value="submit">
</form>

</body>
</html>
package learn.servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import learn.bean.User;


public class MyLoginServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;

	@Override
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		this.doPost(request, response);
	}
	
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		
		User user = new User();
		HttpSession session = request.getSession();
		String username = request.getParameter("username");
		String password = request.getParameter("password");
		String authority = request.getParameter("authority");

		if ("1".equals(authority)) {
			// 登录的是普通用户
			if ("zhangsan".equals(username) && "123".equals(password)) {
				// 将用户的信息放置到session当中

				user.setUsername(username);
				user.setPassword(password);
				user.setAuthority(authority);

				session.setAttribute("user", user);
				
				request.getRequestDispatcher("/filter/index.jsp").forward(request, response);
				
			}
			else {
				response.sendRedirect("filter/login.jsp?username=" + username + "&authority=" + authority);
			}
		} else if ("2".equals(authority)) {
			// 登录的是系统管理员
			if ("lisi".equals(username) && "456".equals(password)) {
				user.setUsername(username);
				user.setPassword(password);
				user.setAuthority(authority);

				session.setAttribute("user", user);
				request.getRequestDispatcher("/filter/index.jsp").forward(request, response);
			}
			else {
				response.sendRedirect("filter/login.jsp?username=" + username + "&authority=" + authority);
			}
		}
		// 登录失败
		else {
			response.sendRedirect("filter/login.jsp?username=" + username + "&authority=" + authority);
		}
		
		
	}

}

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8" import="learn.bean.User"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<base href="<%=basePath%>">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>

<a href="MyQueryServlet">query</a><br>
<% if(((User)session.getAttribute("user")).getAuthority().equals("2")){%>
	<a href="MyUpdateServlet">update</a>
<%}%>

</body>
</html>
package learn.filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;


public class LoginFilter implements Filter {


	public void destroy() {
		
	}


	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		
		HttpServletRequest r = (HttpServletRequest)request;
		
		String requestURI = r.getRequestURI();
		
		if(requestURI.endsWith("login.jsp") || requestURI.endsWith("MyLoginServlet")){
			chain.doFilter(request, response);
			return;
		}
		
		HttpSession session = r.getSession();
		
		if(null == session.getAttribute("user")){
			((HttpServletResponse)response).sendRedirect("login.jsp");
			return;
		}
		
		chain.doFilter(request, response);
	}


	public void init(FilterConfig fConfig) throws ServletException {
		System.out.println("init invoked!");
	}

}

串联Servlet过滤器的工作流程

在这里插入图片描述

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<base href="<%=basePath%>">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>

<form action="InfoServlet" method="post">
username:<input type="text" name="username"><br>
<input type="submit" value="submit">

</form>

</body>
</html>
package learn.servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


public class InfoServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;
       

	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		System.out.println(request.getParameter("username"));
		
		request.getRequestDispatcher("infoResult.jsp").forward(request, response);
		
	}

}

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<base href="<%=basePath%>">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>

username:<%=request.getParameter("username") %>

</body>
</html>
package learn.filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;


public class MyFilter1 implements Filter {


	public void destroy() {
		// TODO Auto-generated method stub
	}

	/**
	 * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
	 */
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		System.out.println("myFilter1 before chain.doFilter");
		
		chain.doFilter(request, response);
		
		System.out.println("myFilter1 after chain.doFilter");
	}

	/**
	 * @see Filter#init(FilterConfig)
	 */
	public void init(FilterConfig fConfig) throws ServletException {
		// TODO Auto-generated method stub
	}

}

package learn.filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;


public class MyFilter2 implements Filter {


	public void destroy() {
		// TODO Auto-generated method stub
	}

	/**
	 * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
	 */
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		System.out.println("myFilter2 before chain.doFilter");
		
		chain.doFilter(request, response);
		
		System.out.println("myFilter2 after chain.doFilter");
	}

	/**
	 * @see Filter#init(FilterConfig)
	 */
	public void init(FilterConfig fConfig) throws ServletException {
		// TODO Auto-generated method stub
	}

}

<filter>
		<description>
		</description>
		<display-name>MyFilter1</display-name>
		<filter-name>MyFilter1</filter-name>
		<filter-class>learn.filter.MyFilter1</filter-class>
	</filter>
	<filter>
		<description>
		</description>
		<display-name>MyFilter2</display-name>
		<filter-name>MyFilter2</filter-name>
		<filter-class>learn.filter.MyFilter2</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>MyFilter1</filter-name>
		<url-pattern>/InfoServlet</url-pattern>
	</filter-mapping>
	<filter-mapping>
		<filter-name>MyFilter2</filter-name>
		<url-pattern>/InfoServlet</url-pattern>
	</filter-mapping>

结果是:
myFilter1 before chain.doFilter
myFilter2 before chain.doFilter
zhangsan
myFilter2 after chain.doFilter
myFilter1 after chain.doFilter

问题

  1. 问题:在Servlet过滤器中能否访问application范围内的共享数据?

• 答案:可以的,先调用FilterConfig的getServletContext()方法获得ServletContext,再调用ServletContext的getAttribute()方法来获得application范围内的共享数据。

	public void init(FilterConfig fConfig) throws ServletException {
		String value1 = fConfig.getInitParameter("hello");
		String value2 = fConfig.getInitParameter("zhangsan");
		
		System.out.println(value1 + ":" + value2);
	}
<filter>
		<description>
		</description>
		<display-name>CommentFilter</display-name>
		<filter-name>CommentFilter</filter-name>
		<filter-class>learn.filter.CommentFilter</filter-class>
		<init-param>
		    <param-name>hello</param-name>
		    <param-value>world</param-value>
		</init-param>
		<init-param>
		    <param-name>zhangsan</param-name>
		    <param-value>li</param-value>
		</init-param>
	</filter>

结果是:
world:li

  1. 问题:“Servlet过滤器只能对Servlet进行过滤”,这句
    话是否正确?

• 答案:不正确。Servlet过滤器可以对Servlet、JSP和HTML文件过滤。

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值