使用@WebFilter注解方式使用過濾器
學習前提:
- 了解過濾器的web.xml中filter和filter-mapping的配置信息
過濾器的介紹:
Servlet3.0里面的過濾器跟以前版本的一樣,還是需要實現javax.servlet.Filter接口。
Filter接口中定義了三個方法,init()、destroy()和doFilter()(真正進行過濾處理的方法)。
方法介紹:
1 public void doFilter (ServletRequest, ServletResponse, FilterChain)
該方法完成實際的過濾操作,當客戶端請求方法與過濾器設置匹配的URL時,Servlet容器將先調用過濾器的doFilter方法。FilterChain用戶訪問后續過濾器。
2 public void init(FilterConfig filterConfig)
web 應用程序啟動時,web 服務器將創建Filter 的實例對象,並調用其init方法,讀取web.xml配置,完成對象的初始化功能,從而為后續的用戶請求作好攔截的准備工作(filter對象只會創建一次,init方法也只會執行一次)。開發人員通過init方法的參數,可獲得代表當前filter配置信息的FilterConfig對象。
3 public void destroy()
Servlet容器在銷毀過濾器實例前調用該方法,在該方法中釋放Servlet過濾器占用的資源。
Demo:
工具:myeclipse
Demo簡介:
使用登陸小例子,不允許用戶自行跳轉到登陸成功的success.jsp頁面,用過濾器攔截
並跳轉回index.jsp頁面。
代碼:
LoginServlet.java
package servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/** * Servlet implementation class LoginServlet */
@WebServlet("/LoginServlet")
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
/** * @see HttpServlet#HttpServlet() */
public LoginServlet() {
super();
// TODO Auto-generated constructor stub
}
/** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
//response.getWriter().append("Served at: ").append(request.getContextPath());
doPost(request,response);
}
/** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
//doGet(request, response);
String username=request.getParameter("username");
String password=request.getParameter("password");
//判斷輸入的用戶名和密碼是不是都為admin
if(username.equals("admin")&&password.equals("admin"))
{
//請求重定向
request.getSession().setAttribute("username", username);
response.sendRedirect(request.getContextPath()+"/login_success.jsp");
}else
{
response.sendRedirect(request.getContextPath()+"/login_fail.jsp");
}
}
}
FilterTest.java
package Filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.annotation.WebInitParam;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
@WebFilter(filterName="FilterTest",urlPatterns="/login_success.jsp")
public class FilterTest implements Filter {
@Override
public void destroy() {
System.out.println("過濾器destroy方法執行~");
}
@Override
public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2)
throws IOException, ServletException {
System.out.println("Start……doFilter");
HttpServletRequest request = (HttpServletRequest) arg0;
HttpServletResponse response = (HttpServletResponse) arg1;
HttpSession session = request.getSession();
//arg2.doFilter(arg0, arg1);
//如果是login.jsp,則不攔截,直接放行,不用進行其他操作
if(request.getRequestURI().indexOf("index.jsp")!=-1 ){
arg2.doFilter(arg0, arg1);
return;
}
//因為登錄后保存了username,所以可以先檢查username判斷是否登錄
if(session.getAttribute("username")!=null){
arg2.doFilter(arg0, arg1);//已登錄,則放行,
}else{
response.sendRedirect("login_fail.jsp");//未登錄,重定向到登錄頁面
}
//如果是下面3個url,則不攔截,直接放行,不用進行其他操作
if(request.getRequestURI().indexOf("index.jsp")!=-1
||request.getRequestURI().indexOf("/LoginServlet")!=-1
||request.getRequestURI().indexOf("login_fail.jsp")!=-1 )
{
arg2.doFilter(arg0, arg1);
return;
}
System.out.println("End……doFilter");
}
@Override
public void init(FilterConfig arg0) throws ServletException {
System.out.println("過濾器init()執行了~");
}
}
index.jsp
<%@ page language="java" import="java.util.*" contentType="text/html; charset=utf-8"%>
<% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; //在index.jsp頁面輸出文字測試 doFilter()的方法執行順序 System.out.println("here is index.jsp "); %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>FilterTest</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!-- <link rel="stylesheet" type="text/css" href="styles.css"> -->
</head>
<body>
<h1>使用@WebFilter注解的過濾器測試頁面</h1><br><hr>
<form action="<%=request.getContextPath() %>/LoginServlet" method="post">
用戶名:<input type="text" name="username">
密碼:<input type="password" name="password">
<input type="submit" value="提交">
</form>
</body>
</html>
success.jsp
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>登陸成功</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!-- <link rel="stylesheet" type="text/css" href="styles.css"> -->
</head>
<body>
<h1>登陸成功!</h1> <br>
</body>
</html>
fail.jsp
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>My JSP 'login_fail.jsp' starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!-- <link rel="stylesheet" type="text/css" href="styles.css"> -->
</head>
<body>
<h1>登陸失敗!</h1>
<a href="index.jsp">返回登陸</a>
<br>
</body>
</html>
過程:
創建FliterTest.java時使它繼承Fliter接口,然后myclipese會生成需要重寫的三個方法,在該類聲明的上面一行輸入:@WebFilter(filterName=”FilterTest”,urlPatterns=”/login_success.jsp”)
其他步驟沒有什么重點,略過
啟動tomcat,可以看到init()執行了:
然后,地址欄輸入項目地址訪問項目index.jsp頁面(localhost:8080/ServletFliter/index.jsp),后台也輸出:here is index.jsp。
輸入用戶名、密碼(都是admin),可以訪問到,login_success.jsp頁面。后台卻並沒有什么輸出,這是因為,我們並沒有出發到過濾器。
接着,我們觸發一下過濾器,看看他的工作順序。在地址欄輸入localhost:8080/ServletFliter/login_success.jsp(我們的初衷就是讓用戶不能這樣訪問).
於是結果為:
如圖,我們發現后台輸出了:Start和End 說明我們的過濾器中的doFilter方法已經執行了,而且經過了邏輯判斷,最后重定向到了index.jsp頁面。