1. Filter 是什麼
①. JavaWEB 的一個重要組件, 可以對發送到 Servlet 的請求進行攔截, 並對響應也進行攔截.
②. Filter 是實現了 Filter 接口的 Java 類.
③. Filter 需要在 web.xml 文件中進行配置和映射.
創建一個 Filter
①. 創建一個 Filter 類: 實現 Filter 接口: public class HelloFilter implements Filter
②. 在 web.xml 文件中配置並映射該 Filter. 其中 url-pattern 指定該 Filter 可以攔截哪些資源, 即可以通過哪些 url 訪問到該 Filter
public class HelloFilter implements Filter {
public void init(FilterConfig fConfig) throws ServletException {
System.out.println("init ....");
}
public void destroy() {
System.out.println("destroy .....");
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
System.out.println("doFilter");
chain.doFilter(request, response);
}
}
web.xml配置
<!-- 註冊Filter -->
<filter>
<filter-name>helloFilter</filter-name>
<filter-class>com.filter.HelloFilter</filter-class>
</filter>
<!-- 映射Filter -->
<filter-mapping>
<filter-name>helloFilter</filter-name>
<url-pattern>/test.jsp</url-pattern>
</filter-mapping>
服務器啓動,控制檯打印:init ....
每次訪問/test.jsp ,都打印:doFilter
服務器停止, 打印:destroy .....
所以
過濾器的生命週期:(一定要實現javax.servlet包的Filter接口的三個方法init()、doFilter()、destroy(),空實現也行)
(1)、啓動服務器時加載過濾器的實例,並調用init()方法來初始化實例;
(2)、每一次請求時都只調用方法doFilter()進行處理;
(3)、停止服務器時調用destroy()方法,銷燬實例。
3.Filter 相關的 API
public void init(FilterConfig filterConfig): 類似於 Servlet 的 init 方法. 在創建 Filter 對象(Filter 對象在 Servlet 容器加載當前 WEB 應用時即被創建)後,
立即被調用, 且只被調用一次. 該方法用於對當前的 Filter 進行初始化操作. Filter 實例是單例的.
* FilterConfig 類似於 ServletConfig
* 可以在 web.xml 文件中配置當前 Filter 的初始化參數. 配置方式也和 Servlet 類似。
<filter>
<filter-name>helloFilter</filter-name>
<filter-class>com.filter.HelloFilter</filter-class>
<init-param>
<param-name>name</param-name>
<param-value>root</param-value>
</init-param>
</filter>
public void doFilter(ServletRequest request, ServletResponse response,FilterChain chain):
真正 Filter 的邏輯代碼需要編寫在該方法中. 每次攔截都會調用該方法.
* FilterChain: Filter 鏈. 多個 Filter 可以構成一個 Filter 鏈.
- doFilter(ServletRequest request, ServletResponse response): 把請求傳給 Filter 鏈的下一個 Filter,
若當前 Filter 是 Filter 鏈的最後一個 Filter, 將把請求給到目標 Serlvet(或 JSP)
- 多個 Filter 攔截的順序和 <filter-mapping> 配置的順序有關, 靠前的先被調用.
public class HelloFilter implements Filter {
public void init(FilterConfig fConfig) throws ServletException {
}
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
System.out.println("1.Before HelloFilter's chain.doFilter");
chain.doFilter(request, response);
System.out.println("2.After HelloFilter's chain.doFilter");
}
}
public class SecondFilter implements Filter {
public void init(FilterConfig fConfig) throws ServletException {
}
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
System.out.println("3.Before HelloFilter's chain.doFilter");
chain.doFilter(request, response);
System.out.println("4.After HelloFilter's chain.doFilter");
}
}
<filter>
<filter-name>helloFilter</filter-name>
<filter-class>com.filter.HelloFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>helloFilter</filter-name>
<url-pattern>/test.jsp</url-pattern>
</filter-mapping>
<filter>
<filter-name>secondFilter</filter-name>
<filter-class>com.filter.SecondFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>secondFilter</filter-name>
<url-pattern>/test.jsp</url-pattern>
</filter-mapping>
訪問/test.jsp 打印結果 執行順序:
1.Before HelloFilter's chain.doFilter
3.Before SecondFilter's chain.doFilter
5 .Test JSP
4.After SecondFilter's chain.doFilter
2.After HelloFilter's chain.doFilter
public void destroy(): 釋放當前 Filter 所佔用的資源的方法. 在 Filter 被銷燬之前被調用, 且只被調用一次.
4. <dispatcher> 元素: 指定過濾器所攔截的資源被 Servlet 容器調用的方式,
可以是REQUEST,INCLUDE,FORWARD和ERROR之一,默認REQUEST.
可以設置多個<dispatcher> 子元素用來指定 Filter 對資源的多種調用方式進行攔截
①. REQUEST:當用戶直接訪問頁面時,Web容器將會調用過濾器。
如果目標資源是通過RequestDispatcher的include()或forward()方法訪問時,那麼該過濾器就不會被調用。
通過 GET 或 POST 請求直接訪問。
request.getRequestDispatcher("/test.jsp").forward(request, response);
<jsp:forward page="/test.jsp"></jsp:forward>
<jsp:include page="/test.jsp"></jsp:include>
上面方式訪問/test.jsp Filter 不會攔截
②. FORWARD:如果目標資源是通過RequestDispatcher的forward()方法訪問時,那麼該過濾器將被調用,除此之外,該過濾器不會被調用。
或 <jsp:forward page="/..." /> 或 通過 page 指令的 errorPage 轉發頁面. <%@ page errorPage="test.jsp" %>
<filter-mapping>
<filter-name>secondFilter</filter-name>
<url-pattern>/test.jsp</url-pattern>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
②. INCLUDE:如果目標資源是通過RequestDispatcher的include()方法訪問時,那麼該過濾器將被調用。除此之外,該過濾器不會被調用。
或 <jsp:include file="/..." />
<filter-mapping>
<filter-name>secondFilter</filter-name>
<url-pattern>/test.jsp</url-pattern>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
④. ERROR:如果目標資源是通過聲明式異常處理機制調用時,那麼該過濾器將被調用。除此之外,過濾器不會被調用。在 web.xml 文件中通過 error-page 節點進行聲明:
<error-page>
<exception-type>java.lang.ArithmeticException</exception-type>
<location>/test.jsp</location>
</error-page>
<filter-mapping>
<filter-name>secondFilter</filter-name>
<url-pattern>/test.jsp</url-pattern>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
四種方式都攔截可以配置
<filter-mapping>
<filter-name>secondFilter</filter-name>
<url-pattern>/test.jsp</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
5.Fitler應用
編碼過濾
public class EncodingFilter implements Filter {
private String encoding;
public void init(FilterConfig fConfig) throws ServletException {
encoding = fConfig.getServletContext().getInitParameter("encoding");
}
public void destroy() {
// TODO Auto-generated method stub
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
System.out.println(encoding);
request.setCharacterEncoding(encoding);//統一編碼
chain.doFilter(request, response);
}
}
<context-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</context-param>
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>com.filter.EncodingFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/encoding/*</url-pattern>
</filter-mapping>
<%--
//編寫一個 EncodingFilter
//1. 讀取 web.xml 文件中配置的當前 WEB 應用的初始化參數 encoding
//2. 指定請求的字符編碼爲 1 讀取到的編碼
//3. 調用 chain.doFilter() 方法 "放行" 請求
request.setCharacterEncoding("UTF-8");
--%>
Hello: ${param.name }
過濾器的應用---登錄攔截
public class LoginFilter implements Filter{
//1.從web.xml 文件中獲取userSessionKey,rediretPage,uncheckedUrls
private String sessionKey;
private String redirectUrl;
private String uncheckedUrls;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
ServletContext servletContext = filterConfig.getServletContext();
sessionKey = servletContext.getInitParameter("userSessionKey");
redirectUrl = servletContext.getInitParameter("rediretPage");
uncheckedUrls = servletContext.getInitParameter("uncheckedUrls");
}
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
//1.獲取請求的 servletPath
String servletPath = request.getServletPath();
//2.檢查 1 獲取的servletPath 不需要檢查URL中的其中一個,若是,放行,方法結束
List<String> urls = Arrays.asList(uncheckedUrls.split(","));
if(urls.contains(servletPath)){
filterChain.doFilter(req, resp);
return;
}
//3. 從 session 中獲取 sessionKey 對應的值, 若值不存在, 則重定向到 redirectUrl
Object user = request.getSession().getAttribute(sessionKey);
if(user==null){
response.sendRedirect(request.getContextPath()+redirectUrl);
return;
}
//4.若存在,放行
filterChain.doFilter(req, resp);
}
}
<!-- 用戶信息放入到 session 中的鍵的名字 -->
<context-param>
<param-name>userSessionKey</param-name>
<param-value>USERSESSIONKEY</param-value>
</context-param>
<!-- 若未登錄, 需重定向的頁面 -->
<context-param>
<param-name>rediretPage</param-name>
<param-value>/login/login.jsp</param-value>
</context-param>
<!-- 不需要攔截(或檢查)的 URL 列表 -->
<context-param>
<param-name>uncheckedUrls</param-name>
<param-value>/login/a.jsp,/login/list.jsp,/login/login.jsp,/login/doLogin.jsp,/login/b.jsp</param-value>
</context-param>
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/login/*</url-pattern>
</filter-mapping>
設置沒有緩存的過濾器
public class NoCacheFilter extends HttpFilter {
@Override
public void doFilter(HttpServletRequest request,
HttpServletResponse response, FilterChain filterChain)
throws IOException, ServletException {
System.out.println("cacheFilter's doFilter..");
response.setDateHeader("Expires",-1);
response.setHeader("Cache-Control","no-cache");
response.setHeader("Pragma","no-cache");
filterChain.doFilter(request, response);
}
}