Servlet學習——@WebFilter注解方式使用過濾器


使用@WebFilter注解方式使用過濾器

學習前提:

  • 了解過濾器的web.xml中filter和filter-mapping的配置信息

過濾器的介紹:

Servlet3.0里面的過濾器跟以前版本的一樣,還是需要實現javax.servlet.Filter接口
Filter接口中定義了三個方法,init()、destroy()和doFilter()(真正進行過濾處理的方法)。

方法介紹:

1 public void doFilter (ServletRequest, ServletResponse, FilterChain)
該方法完成實際的過濾操作,當客戶端請求方法與過濾器設置匹配的URL時,Servlet容器將先調用過濾器的doFilter方法。FilterChain用戶訪問后續過濾器。
2 public void init(FilterConfig filterConfig)
web 應用程序啟動時,web 服務器將創建Filter 的實例對象,並調用其init方法,讀取web.xml配置,完成對象的初始化功能,從而為后續的用戶請求作好攔截的准備工作(filter對象只會創建一次,init方法也只會執行一次)。開發人員通過init方法的參數,可獲得代表當前filter配置信息的FilterConfig對象。
3 public void destroy()
Servlet容器在銷毀過濾器實例前調用該方法,在該方法中釋放Servlet過濾器占用的資源。


Demo:

工具:myeclipse

Demo簡介:

使用登陸小例子,不允許用戶自行跳轉到登陸成功的success.jsp頁面,用過濾器攔截
並跳轉回index.jsp頁面。

代碼:

LoginServlet.java

package servlet;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


/** * Servlet implementation class LoginServlet */
@WebServlet("/LoginServlet")
public class LoginServlet extends HttpServlet {
    private static final long serialVersionUID = 1L;

    /** * @see HttpServlet#HttpServlet() */
    public LoginServlet() {
        super();
        // TODO Auto-generated constructor stub
    }

    /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        //response.getWriter().append("Served at: ").append(request.getContextPath());
        doPost(request,response);
    }

    /** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // TODO Auto-generated method stub
        //doGet(request, response);
        String username=request.getParameter("username");
        String password=request.getParameter("password");
        //判斷輸入的用戶名和密碼是不是都為admin
        if(username.equals("admin")&&password.equals("admin"))
        {
            //請求重定向
    request.getSession().setAttribute("username", username);
    response.sendRedirect(request.getContextPath()+"/login_success.jsp");
        }else
        {
            response.sendRedirect(request.getContextPath()+"/login_fail.jsp");
        }
    }

}

FilterTest.java

package Filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.annotation.WebInitParam;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

@WebFilter(filterName="FilterTest",urlPatterns="/login_success.jsp")
public class FilterTest implements Filter {

    @Override
    public void destroy() {
        System.out.println("過濾器destroy方法執行~");
    }

    @Override
    public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2)
            throws IOException, ServletException {
        System.out.println("Start……doFilter");
         HttpServletRequest request = (HttpServletRequest) arg0;
         HttpServletResponse response = (HttpServletResponse) arg1;
         HttpSession session = request.getSession();
        //arg2.doFilter(arg0, arg1);

         //如果是login.jsp,則不攔截,直接放行,不用進行其他操作
         if(request.getRequestURI().indexOf("index.jsp")!=-1 ){
                   arg2.doFilter(arg0, arg1);
                   return;
                  }
        //因為登錄后保存了username,所以可以先檢查username判斷是否登錄
        if(session.getAttribute("username")!=null){
                      arg2.doFilter(arg0, arg1);//已登錄,則放行,
                  }else{
                      response.sendRedirect("login_fail.jsp");//未登錄,重定向到登錄頁面
                  }
      //如果是下面3個url,則不攔截,直接放行,不用進行其他操作
        if(request.getRequestURI().indexOf("index.jsp")!=-1 
         ||request.getRequestURI().indexOf("/LoginServlet")!=-1 
         ||request.getRequestURI().indexOf("login_fail.jsp")!=-1 )
        {
                     arg2.doFilter(arg0, arg1);
                     return;
         }
        System.out.println("End……doFilter");
    }

    @Override
    public void init(FilterConfig arg0) throws ServletException {
        System.out.println("過濾器init()執行了~");
    }

}

index.jsp

<%@ page language="java" import="java.util.*" contentType="text/html; charset=utf-8"%>
<% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; //在index.jsp頁面輸出文字測試 doFilter()的方法執行順序 System.out.println("here is index.jsp "); %>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <base href="<%=basePath%>">

    <title>FilterTest</title>
    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="cache-control" content="no-cache">
    <meta http-equiv="expires" content="0">    
    <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
    <meta http-equiv="description" content="This is my page">
    <!-- <link rel="stylesheet" type="text/css" href="styles.css"> -->
  </head>

  <body>
     <h1>使用@WebFilter注解的過濾器測試頁面</h1><br><hr>
      <form action="<%=request.getContextPath() %>/LoginServlet" method="post">
        用戶名:<input type="text" name="username">
         密碼:<input type="password" name="password">
            <input type="submit" value="提交"> 
     </form>
  </body>
</html>

success.jsp

<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <base href="<%=basePath%>">

    <title>登陸成功</title>

    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="cache-control" content="no-cache">
    <meta http-equiv="expires" content="0">    
    <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
    <meta http-equiv="description" content="This is my page">
    <!-- <link rel="stylesheet" type="text/css" href="styles.css"> -->

  </head>

  <body>
    <h1>登陸成功!</h1> <br>
  </body>
</html>

fail.jsp

<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <base href="<%=basePath%>">

    <title>My JSP 'login_fail.jsp' starting page</title>

    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="cache-control" content="no-cache">
    <meta http-equiv="expires" content="0">    
    <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
    <meta http-equiv="description" content="This is my page">
    <!-- <link rel="stylesheet" type="text/css" href="styles.css"> -->

  </head>

  <body>
    <h1>登陸失敗!</h1>
    <a href="index.jsp">返回登陸</a> 
    <br>
  </body>
</html>

過程:

創建FliterTest.java時使它繼承Fliter接口,然后myclipese會生成需要重寫的三個方法,在該類聲明的上面一行輸入:@WebFilter(filterName=”FilterTest”,urlPatterns=”/login_success.jsp”)
其他步驟沒有什么重點,略過
啟動tomcat,可以看到init()執行了:
init
然后,地址欄輸入項目地址訪問項目index.jsp頁面(localhost:8080/ServletFliter/index.jsp),后台也輸出:here is index.jsp。
輸入用戶名、密碼(都是admin),可以訪問到,login_success.jsp頁面。后台卻並沒有什么輸出,這是因為,我們並沒有出發到過濾器。
接着,我們觸發一下過濾器,看看他的工作順序。在地址欄輸入localhost:8080/ServletFliter/login_success.jsp(我們的初衷就是讓用戶不能這樣訪問).
於是結果為:
result
如圖,我們發現后台輸出了:Start和End 說明我們的過濾器中的doFilter方法已經執行了,而且經過了邏輯判斷,最后重定向到了index.jsp頁面。

Ps:可以選着跳轉到失敗頁面來確定,過濾器是否真的工作了。另外,建議先測試login_success.jsp是否被攔截,再驗證用戶密碼是否能正確登陸,因為,session在tomcat里默認時長為30分鍾,會導致一直是登陸成功狀態。


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM