Java Web---登录验证和字符编码过滤器
什么是过滤器?
在Java Web中,过滤器即Filter。Servlet API中提供了一个Filter接口(javax.servlet.Filter)。开发web应用时,假设编写的Java类实现了这个接口,则把这个Java类称之为过滤器Filter。
通过Filter技术,开发者能够实现用户在訪问某个目标资源之前,对訪问的请求和响应进行拦截。简单说。就是能够实现web容器对某资源的訪问前截获进行相关的处理,还能够在某资源向web容器返回响应前进行截获进行处理。
创建一个Filter的步骤
1.创建一个Filter处理类(实现javax.servlet.Filter接口)
2.在web.xml文件里配置Filter
Filter运行流程
1.Filter对用户的请求进行预处理
2.处理好后将请求交给Servlet处理并生成响应
3.最后Filter再对server响应进行后处理
字符编码过滤器
CharacterFilter.java
package org.LabReserve.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
public class CharacterFilter implements Filter { //实现Filter接口
private String character; //保存字符编码的类型
@Override
public void destroy() { //在Filter销毁前。完毕某些资源的回收
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
FilterChain filterChain) throws IOException, ServletException {
servletRequest.setCharacterEncoding("utf-8"); //能够直接设置编码
servletResponse.setCharacterEncoding(character); //也能够读取初始化的參数character
filterChain.doFilter(servletRequest, servletResponse); //转到下一个过滤器
}
@Override
public void init(FilterConfig fc) throws ServletException { //完毕Filter的初始化
//读取web.xml中Filter配置的初始化參数
character = fc.getInitParameter("character");
}
}
web.xml文件里的配置
<!-- 定义一个Filter -->
<filter>
<!-- Filter的名字 -->
<filter-name>CharacterFilter</filter-name>
<!-- Filter的实现类 -->
<filter-class>org.LabReserve.filter.CharacterFilter</filter-class>
<!-- 初始化參数 -->
<init-param>
<!-- 參数名 -->
<param-name>character</param-name>
<!-- 參数值,编码为utf-8 -->
<param-value>utf-8</param-value>
</init-param>
</filter>
<!-- 定义Filter要拦截的url地址 -->
<filter-mapping>
<!-- Filter的名字 -->
<filter-name>CharacterFilter</filter-name>
<!-- 要拦截的url,这里是所有拦截 -->
<url-pattern>/*</url-pattern>
</filter-mapping>登录验证过滤器
LoginFilter.java
package org.LabReserve.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginFilter implements Filter {
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest servletRequest,
ServletResponse servletResponse, FilterChain filterChain)
throws IOException, ServletException {
// 转换为HTTP请求对象
HttpServletRequest request = (HttpServletRequest) servletRequest;
// 转化为HTTP响应对象
HttpServletResponse response = (HttpServletResponse) servletResponse;
// 获得请求相应的session对象
HttpSession session = request.getSession();
// 获得用户请求的URI
String path = request.getRequestURI();
// 不用验证登录过滤的页面
String[] noCheckPages = { "index.jsp","findPassword.jsp",
"LoginServlet","UserServlet",
"css","images","js"};
// int indexOf(int ch) 返回指定字符在此字符串中第一次出现处的索引。没找到则返回-1
for (int i = 0; i < noCheckPages.length; ++i) {
if (path.indexOf(noCheckPages[i]) > -1) {
// 转到下一个过滤器
filterChain.doFilter(servletRequest, servletResponse);
return; //不再过滤,防止页面重定向循环
}
}
// 假设session为null,说明用户是第一次訪问
if (session.getAttribute("userId") != null
|| session.getAttribute("teacherId") != null
|| session.getAttribute("adminId") != null) {
// 转到下一个过滤器
filterChain.doFilter(request, response);
} else {
// 又一次定向到首页
response.sendRedirect("index.jsp");
return; //不再过滤,防止页面重定向循环
}
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}
web.xml文件配置
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>org.LabReserve.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>參考链接:http://lavasoft.blog.51cto.com/62575/275586/
http://www.cnblogs.com/lyp3314/archive/2012/11/03/2752097.html
