javaweb 过滤器

来源：互联网发布：js定义二维数组编辑：程序博客网时间：2024/05/15 11:09

编码格式过滤器

每写一个servlet都要设置编码格式是很繁琐的。编码格式过滤器可以很好的解决这个问题，只需在过滤器里设置一次就可以了；

 1. 在web.xml中配置过滤器拦截全部 2. 在filter里强制转换对象（实现javax.servlet.Filter接口） 3. 设置编码格式

xml配置

  <filter>    <filter-name>encode</filter-name>    <filter-class>com.oes.filter.EncodingFilter</filter-class>    <init-param>        <param-name>encode</param-name>        <param-value>UTF-8</param-value>    </init-param>  </filter>  <filter-mapping>    <filter-name>encode</filter-name>    <url-pattern>/*</url-pattern>  </filter-mapping>

EcodingFilter

public class EncodingFilter implements Filter {    private String encode = null;    @Override    public void destroy() {    }    @Override    public void doFilter(ServletRequest request, ServletResponse response,            FilterChain chain) throws IOException, ServletException {        // 把request和response对象强制转换为http的请求和响应对象        HttpServletRequest httpRequest = (HttpServletRequest) request;        HttpServletResponse httpResponse = (HttpServletResponse) response;        // 设置请求和响应对象的编码格式        httpRequest.setCharacterEncoding(encode);        httpResponse.setCharacterEncoding(encode);        httpResponse.setContentType("text/html;charset=" + encode);        // 把请求和响应对象传递到下一个过滤器或者页面进行响应        chain.doFilter(request, response);    }    @Override    public void init(FilterConfig config) throws ServletException {        this.encode = config.getInitParameter("encode");    }}

权限过滤器

做好一个网页项目过后，用户可以不通过登录界面直接用地址强行进入其他重要的界面，这是很不安全的。所以可以用权限过滤器来拦截，只有成功登录后才能进行其他的操作； 1. 定义一个不需要过滤的列表 2. 强制转换对象 3. 获取请求路径 4. 判断请求路径是否需要过滤 5. 查询session中是否存有用户名（在登录成功后会把用户名存入session中，如果没有值表示没有成功登录，强强制跳转到登录界面。）

xml配置

 <filter>    <filter-name>permission</filter-name>    <filter-class>com.oes.filter.PermissionFilter</filter-class>  </filter>  <filter-mapping>    <filter-name>permission</filter-name>    <url-pattern>/*</url-pattern>  </filter-mapping>

PermissionFilter

import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;public class PermissionFilter implements Filter {    @Override    public void destroy() {    }    @Override    public void doFilter(ServletRequest request, ServletResponse response,            FilterChain chain) throws IOException, ServletException {        // 定义一个不需要进行过滤的列表        String[] noFilters = { "login.jsp", "doLoginServlet" };        // 把request和response对象强制转换为http的请求和响应对象        HttpServletRequest httpRequest = (HttpServletRequest) request;        HttpServletResponse httpResponse = (HttpServletResponse) response;        // 获取被过滤的请求路径        String path = httpRequest.getRequestURI();        path = path.substring(path.lastIndexOf("/") + 1);        for (String url : noFilters) {            if (url.equals(path)) {                chain.doFilter(httpRequest, httpResponse);                return;            }        }        // 获取session中存储用户名        Object obj = httpRequest.getSession().getAttribute("username");        if (obj != null) {            chain.doFilter(request, response);        } else {            httpResponse.sendRedirect(httpRequest.getContextPath()                    + "/login.jsp");        }    }    @Override    public void init(FilterConfig arg0) throws ServletException {    }}

0 0