1.什么是过滤器?
解析:过滤器是向web应用程序的请求和响应(pipeline)添加功能的web服务,过滤器可以统一的集中处理请求和响应。
2. 1〉 过滤器是对资源的请求进行过滤的对象,对请求和响应都进行过滤。
2〉过滤器是一个类,实现了javax.servlet.Filter接口
3. 字符集的过滤器
1) 创建form表单
<form action = "<%=path %>/servlet/uploadServlet" method = "post" > 用户名:<input name = "uname" type = "text" value = "" /> <input type = "submit" value = "提交" > </form>
2)创建servlet,即表单提交的地址
public class uploadServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request,response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String name = request.getParameter("uname"); //获取用户从前台传过来的数据 if (name.equals("admin")) { request.getSession().setAttribute("name", name); //把信息放入session中 //成功跳转到欢迎界面 index.jsp
request.getRequestDispatcher("/jsp/index.jsp").forward(request, response); }else{
//失败则停留在登陆界面 login.jsp request.getRequestDispatcher("/login.jsp").forward(request, response); } } }
3)创建过滤器CharacterEncodingFilter
import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; public class CharacterEncodingFilter implements Filter{ public void destroy() { } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { request.setCharacterEncoding("utf-8"); //对字符集进行过滤 chain.doFilter(request, response); //对拦截到的请求 进行 放行 ,到哪里? 去下一个过滤器 } public void init(FilterConfig filterConfig) throws ServletException { } }
4)在WEB—INF下的web.xml中进行节点的配置(千万不能忘)
<filter> <filter-name>CharacterEncodingFilter</filter-name> <filter-class>cn.uploadServlet.CharacterEncodingFilter</filter-class> </filter>
<filter-mapping>
<filter-name>CharacterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern> //对web工程下的所有项目进行过滤
</filter-mapping>
以上的过滤器可以防止中文乱码,不需要每次都设置字符编码格式
4. 通用的用户登陆过滤器(SessionFilter)
1)功能描述 :用于检查用户是否登陆了系统,如未登陆,则重新定向到登陆页面
2) ,3)步同上述 3 中的一样
4) 创建SessionFilter
import java.io.IOException; import java.util.regex.Pattern; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class SessionFilter implements Filter { Pattern patternUrl; public void init(FilterConfig config) throws ServletException { String url = config.getInitParameter("execuldeUrl"); if (url!=null&& !url.equals("")) { //在webXml中配置了例外,需要获取一个正则对象 patternUrl = Pattern.compile(url); } } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest)request; HttpServletResponse res = (HttpServletResponse)response;
//HttpServletRequest继承自ServletRequest,ServletRequest中没有获取路径的方法,所以进行上面的强转 String servletPath = req.getServletPath(); if (patternUrl.matcher(servletPath).matches()) { chain.doFilter(request, response); return; }
//获取用户登陆的信息,是否正常登陆 Object obj = req.getSession().getAttribute("name"); if (obj!=null) { //用户已登陆 ,放行 chain.doFilter(request, response); }else{ //用户未登陆,返回登陆页面 res.sendRedirect(req.getContextPath()+"/login.jsp"); } } public void destroy() { } }
5) 在web—xml中配置节点
<!-- 鉴权过滤 --> <filter> <filter-name>SessionFilter</filter-name> <filter-class>cn.uploadServlet.SessionFilter</filter-class> <init-param> <param-name>execuldeUrl</param-name> <param-value>/servlet/uploadServlet</param-value> </init-param> </filter>
<!-- 需要权限的页面 -->
<filter-mapping>
<filter-name>SessionFilter</filter-name>
<url-pattern>/jsp/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>SessionFilter</filter-name>
<url-pattern>/uploadServlet/*</url-pattern>
</filter-mapping>