版权声明:https://blog.csdn.net/Dream_Weave https://blog.csdn.net/Dream_Weave/article/details/83145538
- 简介
- 应用场景
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" id="WebApp_ID" version="3.1"> <display-name>FilterDemo</display-name> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> <!-- 字符集编码过滤器配置 --> <filter> <filter-name>characterEncodingFilter</filter-name> <filter-class>filter.CharacterEncodingFilter</filter-class> <init-param> <param-name>charset</param-name> <param-value>UTF-8</param-value> </init-param> </filter> <filter-mapping> <filter-name>characterEncodingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <!-- 用户登录安全控制过滤器配置 --> <filter> <filter-name>sessionFilter</filter-name> <filter-class>filter.SessionFilter</filter-class> </filter> <filter-mapping> <filter-name>sessionFilter</filter-name> <url-pattern>/message.jsp</url-pattern> </filter-mapping> </web-app>
◆ Web资源权限访问控制(如:登录系统)package filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * 用户登录安全控制过滤器 */ public class SessionFilter implements Filter { @Override public void destroy() { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest hrequest = (HttpServletRequest) request;// 涉及到HTTP请求处理,转型处理 HttpServletResponse hresponse = (HttpServletResponse) response;// 涉及到HTTP请求处理,转型处理 String loginUser = (String) hrequest.getSession().getAttribute("loginUser");// 判断用户是否完成了登录操作,session中是否存储用户名 if (loginUser == null) { hresponse.sendRedirect(hrequest.getContextPath() + "/index.jsp?flag=1");// 未登录,系统强制重定向至登录页面 return; } else { chain.doFilter(hrequest, hresponse); return; } } @Override public void init(FilterConfig config) throws ServletException { } }
◆ 请求字符集编码处理package filter; /** * 字符集编码过滤器 */ import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; public class CharacterEncodingFilter implements Filter { private FilterConfig config; @Override public void destroy() { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { request.setCharacterEncoding(config.getInitParameter("charset")); // 根据过滤器配置字符集,设置请求字符集编码 // System.out.println("characterEncodingFilter 请求预处理"); // 测试过滤器(链)工作流程使用 chain.doFilter(request, response); // 通知web服务器已经完成,或请求下一个过滤器 // System.out.println("characterEncodingFilter 响应后处理"); // 测试过滤器(链)工作流程使用 } @Override public void init(FilterConfig config) throws ServletException { this.config = config; } public FilterConfig getConfig() { return config; } public void setConfig(FilterConfig config) { this.config = config; } }
◆ 内容敏感字符词汇过滤
◆ 响应信息压缩
◆ 404 错误页面
◆ 在过滤器中执行触发新的过滤器
◆ 重定向(REQUEST)
◆ 多个 dispatcher 子元素的配置 - 过滤器 web.xml 配置步骤(类似Servlet的web.xml配置)
1、注册过滤器
2、拦截映射配置 - 过滤器配置
Ps:只有当 url-pattern 和 dispatcher 都满足时,才触发过滤器。 - 过滤器——转发与重定向(死循环)
@Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { System.out.println("Filter 开始》》》》》》》》》》》》》》"); /*filterChain.doFilter(servletRequest, servletResponse);*/ System.out.println("首次监听启动"); servletRequest.getRequestDispatcher("main.jsp").forward(servletRequest, servletResponse); // 重定向省略... System.out.println("Filter 结束》》》》》》》》》》》》》》"); }<filter> <filter-name>SimpleFilter</filter-name> <filter-class>SimpleFilter</filter-class> </filter> <filter-mapping> <filter-name>SimpleFilter</filter-name> <url-pattern>/index.jsp</url-pattern> </filter-mapping> <filter-mapping> <filter-name>SimpleFilter</filter-name> <url-pattern>/main.jsp</url-pattern> </filter-mapping>1)对于请求转发;forward跳转到main.jsp url不变,因此过滤器只过滤一次/index.jsp的访问;当然这是针对dispatcher类型是默认的REQUEST而言,如果将dispatcher类型改为FORWARD,那么即使url不变,也可以过滤Forward跳转行为,然后就会死循环访问main.jsp。
2)对于请求重定向,url一直变,然后一直过滤,一直死循环。
- 待更新...
