學習相關資料:
簡單通俗易懂的理解,就是類似於殺毒軟件對電腦系統的功能和作用。即程序中的防火牆。
過濾器運行原理:
若有多個過濾器,則按順序進行執行,直到最后一個過濾器通過后,才可進行下一步的請求。
項目要求和功能:
1.編碼過濾器,對亂碼進行過濾
2.登錄權限過濾器,只有用戶登陸后,才可以訪問相關頁面
項目思路:
1.在Filter中將reques和response進行強制轉換
2.將所需要過濾的東西(本體為編碼格式,和驗證用戶登錄)的相關代碼放入Filter中
3.對Filter設置適用范圍,排除不用過濾的界面
項目源碼:
對編碼格式的過濾:
package com.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * Servlet Filter implementation class LoginFilter */ @WebFilter(filterName="CodeFilter",urlPatterns="/*")//設置適用的范圍 public class CodeFilter implements Filter { /** * Default constructor. */ public CodeFilter() { // TODO Auto-generated constructor stub } /** * @see Filter#destroy() */ public void destroy() { // TODO Auto-generated method stub } /** * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain) */ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { // TODO Auto-generated method stub HttpServletRequest req=(HttpServletRequest) request; HttpServletResponse res=(HttpServletResponse) response; //用戶請求編碼設置 request.setCharacterEncoding("utf-8"); response.setCharacterEncoding("ytf-8"); response.setContentType("text/html;charset=utf-8"); System.out.println("進入編碼過濾器......"); chain.doFilter(request, response); System.out.println("退出編碼過濾器......"); } /** * @see Filter#init(FilterConfig) */ public void init(FilterConfig fConfig) throws ServletException { // TODO Auto-generated method stub } }
對用戶登錄權限的過濾:
package com.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.annotation.WebFilter; import javax.servlet.annotation.WebInitParam; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * Servlet Filter implementation class LoginServlet */ @WebFilter(filterName="LoginFilter", urlPatterns="/*", initParams= { @WebInitParam(name="noFilterUrl",value="login.jsp,LoginSErvlet") })//設置適用的范圍,排除登錄權限的過濾 public class LoginFilter implements Filter { private String[] noFilter; /** * Default constructor. */ public LoginFilter() { // TODO Auto-generated constructor stub } /** * @see Filter#destroy() */ public void destroy() { // TODO Auto-generated method stub } /** * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain) */ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { // TODO Auto-generated method stub //首先強制轉換request,response HttpServletRequest req=(HttpServletRequest) request; HttpServletResponse res=(HttpServletResponse) response; //獲取sessionz中的數值 HttpSession session=req.getSession(); String username=(String)req.getAttribute("username"); //判斷是否登錄 if(username!=null) { //已登錄繼續執行 chain.doFilter(request, response); }else { //未登錄,頁面跳轉 String url=req.getRequestURI();//獲取用戶地址 for(String temp:noFilter) { if(url.indexOf(temp)!=-1) { chain.doFilter(request, response);//直接放行 return; } } res.sendRedirect("login.jsp"); } } /** * @see Filter#init(FilterConfig) */ public void init(FilterConfig fConfig) throws ServletException { //排除相關幾年的過濾,以便正常運行 // TODO Auto-generated method stub noFilter=fConfig.getInitParameter("noFilerUrl").split(",");//將數組noFilerUrl用","進行分割 } }
servlet:
package com.servlet; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * Servlet implementation class FilterServlet */ @WebServlet("/FilterServlet") public class FilterServlet extends HttpServlet { private static final long serialVersionUID = 1L; /** * @see HttpServlet#HttpServlet() */ public FilterServlet() { super(); // TODO Auto-generated constructor stub } /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // TODO Auto-generated method stub System.out.println("進入servlet......"); //接受用戶登錄信息 String username=request.getParameter("username"); String password=request.getParameter("password"); //然后輸出 response.getWriter().print("用戶名:"+username); response.getWriter().print("<br/>"); response.getWriter().print("密碼:"+password); //將用戶信息放入到session中 HttpSession session=request.getSession(); session.setAttribute("username", username); //設置session的有效時間為10秒 session.setMaxInactiveInterval(10); System.out.println("退出servlet......"); } /** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // TODO Auto-generated method stub doGet(request, response); } }
運行項目跟蹤的測試順序截圖:
遇到的問題:
原因:當設置用戶登錄權限的過濾器時,沒有排除非不必過濾的代碼和訪問頁面,從而造成了頁面的死循環
解決方法:在LoginFilter進行排除不該受權限的內容
1.
2.
3.
解決時間:由於初次學Filter,所以解決的時間有點長,大約20分鍾。通過查閱相關資料說,這種死循環錯誤在登錄用戶過濾器中是很常見的問題。特別注意。