过滤器----张国亮总结第三季之Filter常见应用

1、禁止浏览器缓存所有动态页面的过滤器:

1)有 3 HTTP 响应头字段都可以禁止浏览器缓存当前页面,它们在 Servlet 中的示例代码如下:

response.setDateHeader("Expires",-1);

Expires数据头:值为GMT时间值,为-1指浏览器不要缓存页面

response.setHeader("Cache-Control","no-cache");

Cache-Control响应头有两个常用值:

no-cache指浏览器不要缓存当前页面。

max-age:xxx指浏览器缓存页面xxx秒。

response.setHeader("Pragma","no-cache");

2)所有的浏览器都能完全支持上面的三个响应头,因此最好是同时使用上面的三个响应头。

3)代码:

//禁止浏览器缓存所有动态页面的过滤器

publicclassNoCacheFilter implements Filter {

publicvoiddestroy() { }

publicvoiddoFilter(ServletRequest request, ServletResponse response,

FilterChainchain) throws IOException,ServletException {

//转换成HttpServlet

HttpServletRequestreq=(HttpServletRequest) request;

HttpServletResponseresp=(HttpServletResponse) response;

//3http响应头

//过期时间,-1为不缓存页面

resp.setDateHeader("expires",-1);

//没有缓存控制,nochche为没有缓存

resp.setHeader("Cache-Control","no-cache");

//也相当于无缓存

resp.setHeader("Pragma","no-cache");

//过滤器链 ,寻找目标资源

chain.doFilter(req,resp);

}

publicvoidinit(FilterConfig filterConfig) throws ServletException {}

}

2、控制浏览器缓存页面中的静态资源的过滤器:

有些动态页面中引用了一些图片或css文件以修饰页面效果,这些图片和css文件经常是不变化的,所以为减轻服务器的压力,可以使用filter控制浏览器缓存这些文件,以提升服务器的性能。

代码:

//控制浏览器缓存页面中的静态资源过滤器

publicclassExpiresFilter implements Filter {

FilterConfigconfig;

publicvoiddestroy() {}

publicvoiddoFilter(ServletRequest request, ServletResponse response,

FilterChainchain) throws IOException,ServletException {

HttpServletRequestreq=(HttpServletRequest) request;

HttpServletResponseresp=(HttpServletResponse) response;

//获取请求的URl

Stringuri=req.getRequestURI();

//判断是什么结尾

if(uri.endsWith(".css")){

longtime=Integer.parseInt(config.getInitParameter("css"))*1000;

resp.setDateHeader("expires",System.currentTimeMillis()+time);

}elseif(uri.endsWith(".js")){

longtime=Integer.parseInt(config.getInitParameter("js"))*1000;

resp.setDateHeader("expires",System.currentTimeMillis()+time);

}elseif(uri.endsWith(".jpg")){

longtime=Integer.parseInt(config.getInitParameter("jpg"))*1000;

resp.setDateHeader("expires",System.currentTimeMillis()+time);

}

chain.doFilter(req,resp);

}

publicvoid init(FilterConfig filterConfig) throws ServletException {

// 获取参数值

this.config =filterConfig;

}

}

3、实现用户自动登陆的过滤器

题目:

1)在用户登陆成功后,发送一个名称为usercookie给客户端,cookie的值为用户名和md5加密后的密码。

2)编写一个AutoLoginFilter,这个filter检查用户是否带有名称为usercookie来,如果有,则调用dao查询cookie的用户名和密码是否和数据库匹配,匹配则向session中存入user对象(即用户登陆标记),以实现程序完成自动登陆。

代码:

publicclassAutoLoginFilter implements Filter {

publicvoiddestroy() { }

publicvoid doFilter(ServletRequestrequest, ServletResponse response,

FilterChainchain) throws IOException,ServletException {

HttpServletRequestreq = (HttpServletRequest) request;

HttpServletResponseresp = (HttpServletResponse) response;

//1.检查用户是否登录

Useruser = (User) req.getSession().getAttribute("user");

if(user!=null){

chain.doFilter(req,resp);

return;

}

//2.检查用户是否带cookie

Stringusername = null;

Stringpassword = null;

Cookie[]cookies = req.getCookies();

for(inti=0;cookies!=null &&i<cookies.length;i++){

if(cookies[i].getName().equals("username")){

username= cookies[i].getValue();

}

if(cookies[i].getName().equals("password")){

password= cookies[i].getValue();

}

}

if(username==null&& password==null){

chain.doFilter(req,resp);

return;

}

UserDaodao = new UserDao();

Useruser1 = dao.find(username);

Stringsave_password = user1.getPassword();

if(!password.equals(save_password)){

chain.doFilter(req,resp);

return;

}

req.getSession().setAttribute("user",user1);

chain.doFilter(req,resp);

}

publicvoidinit(FilterConfig filterConfig) throws ServletException { }

}

publicclass LoginServletextends HttpServlet {

publicvoiddoGet(HttpServletRequest request, HttpServletResponse response)

throwsServletException, IOException {

Stringusername = request.getParameter("username");

Stringpassword = request.getParameter("password");

IntautoLoginTime=Integer.parseInt(request.getParameter("autoLoginTime"));

UserDaodao = new UserDao();

Useruser = dao.find(username, password);

if(user!=null){

request.getSession().setAttribute("user",user);

//Stringpassword1 = user.getPassword();

//Stringmd5password = md5(password1);

//System.out.println(md5password);

Cookiecookie1 = new Cookie("username",user.getUsername());

Cookiecookie2 = new Cookie("password",user.getPassword());

//Cookiecookie2 = new Cookie("password",md5password);

cookie1.setMaxAge(autoLoginTime);

cookie2.setMaxAge(autoLoginTime);

cookie1.setPath("/FilterDemo");

cookie2.setPath("/FilterDemo");

response.addCookie(cookie1);

response.addCookie(cookie2);

response.sendRedirect("/FilterDemo/welcome.jsp");

}else{

request.setAttribute("message","用户名密码错");

request.getRequestDispatcher("/message.jsp").forward(request,response);

}

}

privateString md5(String input){

try {

MessageDigest md = MessageDigest.getInstance("md5");

byte[] result =md.digest(input.getBytes());

BASE64Encoderencoder = new BASE64Encoder();

returnencoder.encode(result);

}catch (NoSuchAlgorithmException e) {

thrownewRuntimeException();

}

}

publicvoiddoPost(HttpServletRequest request, HttpServletResponse response)

throwsServletException, IOException {

doGet(request,response);

}

}

posted @ 2012-12-05 15:24  流-星-追-月  阅读(122)  评论(0编辑  收藏  举报