過濾器 - 基礎篇
阿新 • • 發佈:2018-11-10
- 簡介
- 應用場景
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" id="WebApp_ID" version="3.1"> <display-name>FilterDemo</display-name> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> <!-- 字符集編碼過濾器配置 --> <filter> <filter-name>characterEncodingFilter</filter-name> <filter-class>filter.CharacterEncodingFilter</filter-class> <init-param> <param-name>charset</param-name> <param-value>UTF-8</param-value> </init-param> </filter> <filter-mapping> <filter-name>characterEncodingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <!-- 使用者登入安全控制過濾器配置 --> <filter> <filter-name>sessionFilter</filter-name> <filter-class>filter.SessionFilter</filter-class> </filter> <filter-mapping> <filter-name>sessionFilter</filter-name> <url-pattern>/message.jsp</url-pattern> </filter-mapping> </web-app>
◆ Web資源許可權訪問控制(如:登入系統)package filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * 使用者登入安全控制過濾器 */ public class SessionFilter implements Filter { @Override public void destroy() { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest hrequest = (HttpServletRequest) request;// 涉及到HTTP請求處理,轉型處理 HttpServletResponse hresponse = (HttpServletResponse) response;// 涉及到HTTP請求處理,轉型處理 String loginUser = (String) hrequest.getSession().getAttribute("loginUser");// 判斷使用者是否完成了登入操作,session中是否儲存使用者名稱 if (loginUser == null) { hresponse.sendRedirect(hrequest.getContextPath() + "/index.jsp?flag=1");// 未登入,系統強制重定向至登入頁面 return; } else { chain.doFilter(hrequest, hresponse); return; } } @Override public void init(FilterConfig config) throws ServletException { } }
◆ 請求字符集編碼處理package filter; /** * 字符集編碼過濾器 */ import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; public class CharacterEncodingFilter implements Filter { private FilterConfig config; @Override public void destroy() { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { request.setCharacterEncoding(config.getInitParameter("charset")); // 根據過濾器配置字符集,設定請求字符集編碼 // System.out.println("characterEncodingFilter 請求預處理"); // 測試過濾器(鏈)工作流程使用 chain.doFilter(request, response); // 通知web伺服器已經完成,或請求下一個過濾器 // System.out.println("characterEncodingFilter 響應後處理"); // 測試過濾器(鏈)工作流程使用 } @Override public void init(FilterConfig config) throws ServletException { this.config = config; } public FilterConfig getConfig() { return config; } public void setConfig(FilterConfig config) { this.config = config; } }
◆ 內容敏感字元詞彙過濾
◆ 響應資訊壓縮
◆ 404 錯誤頁面
◆ 在過濾器中執行觸發新的過濾器
◆ 重定向(REQUEST)
◆ 多個 dispatcher 子元素的配置 - 過濾器 web.xml 配置步驟(類似Servlet的web.xml配置)
1、註冊過濾器
2、攔截對映配置 - 過濾器配置
Ps:只有當 url-pattern 和 dispatcher 都滿足時,才觸發過濾器。 - 過濾器——轉發與重定向(死迴圈)
@Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { System.out.println("Filter 開始》》》》》》》》》》》》》》"); /*filterChain.doFilter(servletRequest, servletResponse);*/ System.out.println("首次監聽啟動"); servletRequest.getRequestDispatcher("main.jsp").forward(servletRequest, servletResponse); // 重定向省略... System.out.println("Filter 結束》》》》》》》》》》》》》》"); }
<filter> <filter-name>SimpleFilter</filter-name> <filter-class>SimpleFilter</filter-class> </filter> <filter-mapping> <filter-name>SimpleFilter</filter-name> <url-pattern>/index.jsp</url-pattern> </filter-mapping> <filter-mapping> <filter-name>SimpleFilter</filter-name> <url-pattern>/main.jsp</url-pattern> </filter-mapping>
1)對於請求轉發;forward跳轉到main.jsp url不變,因此過濾器只過濾一次/index.jsp的訪問;當然這是針對dispatcher型別是預設的REQUEST而言,如果將dispatcher型別改為FORWARD,那麼即使url不變,也可以過濾Forward跳轉行為,然後就會死迴圈訪問main.jsp。
2)對於請求重定向,url一直變,然後一直過濾,一直死迴圈。
- 待更新...