过滤器Filter

本文介绍了如何在Java Web中使用Filter,包括Filter的生命周期、配置顺序,以及在处理中文编码、敏感词过滤和权限控制等实际场景中的应用。重点讲解了Filter的创建、初始化、过滤和销毁过程,并提到了不同场景下的最佳实践。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

介绍

过滤器是用来拦截传入的请求和传出的响应,可以处理客户端和服务端之间传输的数据流。

使用

过滤器和Servlet类似,是java web提供的一个接口,开发者需要自定义一个类并实现该接口即可。

public class MyFilter implements Filter {

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        servletRequest.setCharacterEncoding("UTF-8");
        filterChain.doFilter(servletRequest,servletResponse);
    }

    @Override
    public void destroy() {

    }

}

然后需要在web.xml对服务端的请求映射到filter上:

    <filter>
        <filter-name>encoding</filter-name>
        <filter-class>com.julian.filter.MyFilter</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>encoding</filter-name>
        <url-pattern>/login</url-pattern>
        <url-pattern>/test</url-pattern>
    </filter-mapping>

另外我们可以通过注解的方式简化Filter的xml配置:

@WebFilter("/login")
public class MyFilter implements Filter {
...
}


@WebFilter(urlPatterns={"/test","/login"}) //1个filter配置多个servlet
public class MyFilter implements Filter {
...
}

Filter生命周期

当tomcat启动是,通过反射机制调用Filter的无参构造创建实例化对象,同时调用init方法完成初始化,doFilter方法可重复调用,当tomcat关闭的时候,调用destroy方法销毁Filter对象。

  • 无参构造函数:调用一次,当tomcat启动是调用(需要在web.xml里配置)
  • init():创建实例化对象后调用一次
  • doFilter():调用多次
  • destroy():调用一次,tomcat关闭时调用

Filter的顺序

如果配置多个Filter,Filter的调用顺序由web.xml的配置顺序决定的,web.xml按顺序读取,由上到下顺序执行。

    <filter>
        <filter-name>encoding</filter-name>
        <filter-class>com.julian.filter.MyFilter</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>encoding</filter-name>
        <url-pattern>/login</url-pattern>
        <url-pattern>/test</url-pattern>
    </filter-mapping>

    <filter>
        <filter-name>test</filter-name>
        <filter-class>com.julian.filter.YourFilter</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>test</filter-name>
        <url-pattern>/login</url-pattern>
    </filter-mapping>

如上面的配置,配置两个Filter映射了login,那么顺序是这样的:
在这里插入图片描述

注意:如果配置多个filter,有严格的执行顺序,那么就不能通过注解的方式进行配置,只能通过xml的方式配置

Filter的应用场景

实际开发中需要用到Filter的场景:

  1. 统一处理中文乱码
  2. 屏蔽敏感词
package com.julian.filter;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import java.io.IOException;

@WebFilter("/login")
public class WordFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        servletRequest.setCharacterEncoding("UTF-8");
        String name = servletRequest.getParameter("name");
        name = name.replaceAll("敏感词","***");
        servletRequest.setAttribute("name",name);
        filterChain.doFilter(servletRequest, servletResponse);
    }

    @Override
    public void destroy() {

    }
}
package com.julian.servlet;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@WebServlet("/login")
public class MyServlet extends HttpServlet {
    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        String name = (String) req.getAttribute("name");
        System.out.println(name);
    }

    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

    }
}
  1. 控制资源的访问权限:
    访问download.jsp,如果是登录状态,则进下载页面,如果不是登录状态,返回登录页面

login.jsp

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Title</title>
</head>
<body>
<form action="/login" method="post">
    用户名:<input type="text" name="name"><br>
    密码:<input type="text" name="password"><br>
    <input type="submit" value="确定">
</form>
</body>
</html>

LoginServlet.java

package com.julian.servlet;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebFilter;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

@WebServlet("/login")
public class LoginServlet extends HttpServlet {
    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        String name = req.getParameter("name");
        String password = req.getParameter("password");
        if(name.equals("admin")&& password.equals("123"))
        {
            HttpSession session = req.getSession();
            session.setAttribute("name", name);
            session.setAttribute("password", password);
            resp.sendRedirect("/download.jsp");
        }
    }

    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        super.doGet(req, resp);
    }
}

DownloadFilter.java

package com.julian.filter;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

@WebFilter("/download.jsp")
public class DownloadFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest) servletRequest;
        HttpServletResponse resp = (HttpServletResponse) servletResponse;
        HttpSession session = req.getSession();
        String name = (String) session.getAttribute("name");
        if(name == null)
        {
            resp.sendRedirect("/login.jsp");
        }
        else
        {
            filterChain.doFilter(servletRequest, servletResponse);
        }

    }

    @Override
    public void destroy() {

    }
}

download.jsp

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Title</title>
</head>
<body>
<a href="">资源1</a>
<a href="">资源2</a>
<a href="">资源3</a>
</body>
</html>
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值