标签:javaweb
Filter(过滤器):Web三大组件之一,就是对目标资源进行请求前或请求后.
Filter也称之为过滤器,它是Servlet技术中最激动人心的技术,WEB开发人员通过Filter技术,对web服务器管理的所有web资源:例如Jsp, Servlet, 静态图片文件或静态 html 文件等进行拦截,从而实现一些特殊的功能。例如实现URL级别的权限访问控制、过滤敏感词汇、压缩响应信息等一些高级功能。
实际中:过滤器就相当于山大王,作用就是拦截,拦截不拦截,山大王说的算
查看java Servlet文档去查看Filter解释
作用? 实例: 1、动态资源不缓存 2、静态资源缓存 3、中文乱码集中处理 4、特殊字符过滤 5、全站压缩(选做) 6、脚本过滤
写法?
1、写类:
类 implements Filter
init(FilterConfig)
doFilter(ServletRequest,ServletResponse,FilterChain)
destory()
在其他里寻找Filter类型的文件来新建,因为这样web.xml可以自动配置,和Servlet一样。
在新建栏里有初始化参数栏(encoding:UTF-8) 还有一个映射栏(filter mappings: /*:代表过滤所有资源),或者在里面写具体的资源,那么就只拦截具体的资源
配置web.xml:由于在新建选择了新建Filter类型的文件,MyEclipse会自动配置web.xml
在服务器启动时,filter已经实例化了,证明filter的生命周期比servlet长,不要直接访问过滤器。
在IE里尝试访问index.jsp
通过web.xml里的设置,会在访问index.jsp里导致filter里的方法执行。
2、在web.xml中进行配置.
格式!!
3、对于Filter中的doFilter与FilterChain中的doFilter的比较?
a、个数不同
Filter接口doFilter是3个参数ServletRequset,ServletResponse,FilterChain
FilterChain参数2个:ServletRequset,ServletResponse
b、作用不同
Filter接口doFilter拦截作用
FilterChain接口中的doFilter起放行作用。
1、过滤器一般就是起拦截作用的,不要直接访问过滤器
2、生命周期
1、容器启动时,Filter就会进行实例化(构造方法),初始化(init)--->只有一次机会
2、以后每次访问目标资源时,在符合条件的情况下,过滤器执行doFilter()进行拦截。
3、当应用被卸载或服务停止时,destory()被执行---->只有一次机会
3、拦截的顺序问题?
有多个过滤器就会形成一个(过滤器链),先执行第一个过滤器,再执行第二个过滤器
顺序取决于在web.xml中配置的顺序,看filter-mapping先后顺序,filter-mapping前先过滤。
<filter-mapping>
<filter-name>CharacterEncodingFilter</filter-name>
<url-pattern>/a</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>DirtyWordsFilter</filter-name>
<url-pattern>/b</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>HtmlFilter</filter-name>
<url-pattern>/c</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>GzipFilter</filter-name>
<url-pattern>/d</url-pattern>
</filter-mapping>
比如上面的web.xml配置文件所配置的Filter执行顺序是:CharacterEncodingFilter-->DirtyWordsFilter-->HtmlFilter-->GzipFilter
1、配置时
1、/路径名/* (/*)
2、*.扩展名 (*.jsp)
3、具体路径 (/add.jsp)
2、一个过滤器可以有多个过滤路径
<filter-mapping>
<filter-name>filterDemo1</filter-name>
<url-pattern>/add.jsp</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>filterDemo1</filter-name>
<url-pattern>/login.jsp</url-pattern>
</filter-mapping>
3、对于初始化参数的配置及读取(FliterConfig)
/*
<init-param>
<param-name>encoding</param-name>
<param-value>GBK</param-value>
</init-param>
*/
//得到一个参数
/*String value = config.getInitParameter("encoding");
System.out.println(value);
chain.doFilter(request, response);*/
//得到多个参数
Enumeration<String> enums = config.getInitParameterNames();
while(enums.hasMoreElements()){
String paramName = enums.nextElement();
String paramValue = config.getInitParameter(paramName);
System.out.println(paramName+":"+paramValue);
filter讲解:
filterChain讲解
项目:day1900filter
项目架构:
FilterDemo1.java.
package com.itheima.filter;
import java.io.IOException;
import java.util.Enumeration;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
public class FilterDemo1 implements Filter {
private FilterConfig config;//用于读取初始化参数 <init-param>中的值
public FilterDemo1() {
System.out.println("FilterDemo1被实例化了");
}
public void destroy() {
System.out.println("FilterDemo1被销毁了");
}
//拦截,放行
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
/*
* <init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
String value = config.getInitParameter("encoding");
System.out.println(value);
*/
Enumeration<String> enumss = config.getInitParameterNames();//取到所有参数名称 <param-name>encoding</param-name>
while(enumss.hasMoreElements()){
String paramName = enumss.nextElement();
String value = config.getInitParameter(paramName);
System.out.println(value);
}
System.out.println("FilterDemo1放行前");
response.getWriter().write("FilterDemo1放行前前");
chain.doFilter(request, response);//放行
System.out.println("FilterDemo1放行后");
}
public void init(FilterConfig fConfig) throws ServletException {
this.config = fConfig;
System.out.println("初始化了");
}
}
FilterDemo2.java
package com.itheima.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
/**
* Servlet Filter implementation class FilterDemo2
*/
public class FilterDemo2 implements Filter {
/**
* Default constructor.
*/
public FilterDemo2() {
// TODO Auto-generated constructor stub
}
/**
* @see Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
System.out.println("FilterDemo2放行前");
chain.doFilter(request, response);
System.out.println("FilterDemo2放行后");
}
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
// TODO Auto-generated method stub
}
}
index.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="http://blog.163.com/faith_yee/blog/<%=basePath%>">
<title>My JSP ‘index.jsp‘ starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="http://blog.163.com/faith_yee/blog/styles.css">
-->
</head>
<body>
This is my JSP page. <br>
<%
System.out.println("目标资源:JSP");
%>
</body>
</html>
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
<display-name></display-name>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<filter>
<filter-name>FilterDemo1</filter-name>
<filter-class>com.itheima.filter.FilterDemo1</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>name</param-name>
<param-value>AJ</param-value>
</init-param>
</filter>
<filter>
<display-name>FilterDemo2</display-name>
<filter-name>FilterDemo2</filter-name>
<filter-class>com.itheima.filter.FilterDemo2</filter-class>
</filter>
<filter-mapping>
<filter-name>FilterDemo2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>FilterDemo1</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
测试:
总结:在filter里如何获得web.xml配置文件的属性值:
由于之前例子发现filter在服务器启动时就已经进行配置文件初始化了,所以自然会执行filter的构造函数和init的方法,该方法的参数是FilterConfig类型,init()方法会读取配置文件给该filter进行初始化,所以我们可以从该方法入手获取FilterConfig类型变量,首先我们定义一个FilterConfig类型的全局变量,然后通过init()方法进行传值到全局变量,然后全局变量就可以获得FilterConfig类型的对象,然后可以执行对象中的方法getInitParameterNames()或getInitParameter()去获取配置文件的属性名或属性值。
三个示例:
1、编码过滤
2、动态资源无缓存
3、静态资源缓存
实例 servlet解决乱码:
1、取名
2、输出回jsp,测试有没有乱码
用filter解决编码的问题(集中问题解决)
思考:以后执行servlet时,都通过filter过滤,那么就可以都解决编码乱码的问题了
总结:如果要集中解决问题:用过滤器
过滤器解决post的乱码
待会再讲解get提交的代码
在dofilter里对强转request和response成HttpServlet的 //以上的技巧叫调包!!在过滤器里经常使用
开始设置不缓存
response.setHeader("Expirse","-1");
response.setHeader("Cache-Control","no-cache");
response.setHeader("pragma","no-cache");
测试:在IE里访问addcustomer.jsp
在IE设置里查看缓存,找到目标后查看文件的过期时间!!对比本地时间去判断!
以此实现动态资源不缓存
然后在过滤器里进一步筛选
在该过滤器的配置器里加参数属性进行筛选 配置文件
思路:
1、因为静态资源过多,所以配置成/**/,但为了只过滤静态资源,所以考虑用参数来区分
2、读取初始化参数,
{
那么我们怎么知道客户端访问的路径是什么?
2、得到用户访问的资源(主要取它的类型,而文件类型由扩展名决定,然后把调包方式复制过来),用来获取后缀名
}
读取初始化参数,以找到这个类型的资源缓存时间
3、设置缓存时间
response.setDateHeader("Expires",System.currentTimeMillis()+Integer.parseInt(time)+60*60*1000);
测试:在测试前准备一些静态资源: 访问index.html-->里面会访问静态资源: 然后去IE设置文件里查看缓存过期时间
项目:day1901filterExample:CharacterEncodingFilter
项目架构:
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
<display-name></display-name>
<servlet>
<servlet-name>UserRegistServlet</servlet-name>
<servlet-class>com.itheima.servlet.UserRegistServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>CustomerRegistServlet</servlet-name>
<servlet-class>com.itheima.servlet.CustomerRegistServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>UserRegistServlet</servlet-name>
<url-pattern>/servlet/UserRegistServlet</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>CustomerRegistServlet</servlet-name>
<url-pattern>/servlet/CustomerRegistServlet</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<filter>
<display-name>CharacterEncodingFilter</display-name>
<filter-name>CharacterEncodingFilter</filter-name>
<filter-class>com.itheima.filter.CharacterEncodingFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CharacterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<display-name>DyncSourceNoNeedCache</display-name>
<filter-name>DyncSourceNoNeedCache</filter-name>
<filter-class>com.itheima.filter.DyncSourceNoNeedCache</filter-class>
</filter>
<filter-mapping>
<filter-name>DyncSourceNoNeedCache</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>DyncSourceNoNeedCache</filter-name>
<url-pattern>/servlet/*</url-pattern>
</filter-mapping>
<filter>
<display-name>StaticSourceNeedCache</display-name>
<filter-name>StaticSourceNeedCache</filter-name>
<filter-class>com.itheima.filter.StaticSourceNeedCache</filter-class>
<init-param>
<param-name>html</param-name>
<param-value>1</param-value><!-- 小时 -->
</init-param>
<init-param>
<param-name>css</param-name>
<param-value>2</param-value><!-- 小时 -->
</init-param>
<init-param>
<param-name>js</param-name>
<param-value>3</param-value><!-- 小时 -->
</init-param>
</filter>
<filter-mapping>
<filter-name>StaticSourceNeedCache</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
CharacterEncodingFilter.java
package com.itheima.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
/**
* Servlet Filter implementation class CharacterEncodingFilter
*/
public class CharacterEncodingFilter implements Filter {
/**
* Default constructor.
*/
public CharacterEncodingFilter() {
}
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
request.setCharacterEncoding("UTF-8");//post提交有效
response.setCharacterEncoding("UTF-8");//响应结果的编码
response.setContentType("text/html;charset=UTF-8");//告诉浏览器用什么编码,它也有上一行代码的功能
chain.doFilter(request, response);
}
public void init(FilterConfig fConfig) throws ServletException {
}
}
DyncSourceNoNeedCache.java
package com.itheima.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Servlet Filter implementation class DyncSourceNoNeedCache
*/
public class DyncSourceNoNeedCache implements Filter {
/**
* Default constructor.
*/
public DyncSourceNoNeedCache() {
// TODO Auto-generated constructor stub
}
/**
* @see Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request ;
HttpServletResponse response;
try {
request = (HttpServletRequest) req;
response = (HttpServletResponse) resp;
//调包
response.setHeader("Expires", "-1");
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Pragma", "no-cache");
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException("non-http request or response");
}
chain.doFilter(request, response);
}
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
// TODO Auto-generated method stub
}
}
StaticSourceNeedCache.java
package com.itheima.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class StaticSourceNeedCache implements Filter {
private FilterConfig config;
public StaticSourceNeedCache() {
}
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
//1.因为静态资源过多,所以配置成/*,但为了只过滤静态资源,所以考虑用参数来区分
HttpServletRequest request ;
HttpServletResponse response;
try {
request = (HttpServletRequest) req;
response = (HttpServletResponse) resp;
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException("non-http request or response");
}
//2.得到用户访问的资源(主要取它的类型,而文件类型由扩展名决定)
String path = request.getRequestURI();//资源名 /dsfdsfsdfds/dsfdsfs/a.html
String extensionName = path.substring(path.lastIndexOf(".")+1);//得到扩展名
//3.读取初始化参数,以找到这个类型的资源缓存时间
String time ="0";
String time1 = config.getInitParameter(extensionName);
if(time1!=null){
time = time1;
}
//4.设置缓存时间
response.setDateHeader("Expires", System.currentTimeMillis()+Integer.parseInt(time)*60*60*1000);//单位:毫秒
chain.doFilter(request, response);
}
public void init(FilterConfig fConfig) throws ServletException {
this.config = fConfig;
}
}
CustomerRegistServlet.java
package com.itheima.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class CustomerRegistServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
/*request.setCharacterEncoding("UTF-8");//post提交有效
response.setCharacterEncoding("UTF-8");//响应结果的编码
response.setContentType("text/html;charset=UTF-8");//告诉浏览器用什么编码,它也有上一行代码的功能
*/
String value = request.getParameter("name");
response.getWriter().write(value);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doGet(request, response);
}
}
UserRegistServlet.java
package com.itheima.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class UserRegistServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
/* request.setCharacterEncoding("UTF-8");//post提交有效
response.setCharacterEncoding("UTF-8");//响应结果的编码
response.setContentType("text/html;charset=UTF-8");//告诉浏览器用什么编码,它也有上一行代码的功能
*/
String value = request.getParameter("name");
response.getWriter().write(value);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doGet(request, response);
}
}
addCustomer.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>客户注册</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<!--
<link rel="stylesheet" type="text/css" href="http://blog.163.com/faith_yee/blog/styles.css">
-->
</head>
<body>
<form action="${pageContext.request.contextPath}/servlet/CustomerRegistServlet" method="post">
<input name="name"/><input type="submit" value="保存"/>
</form>
</body>
</html>
addUser.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>用户注册</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<!--
<link rel="stylesheet" type="text/css" href="http://blog.163.com/faith_yee/blog/styles.css">
-->
</head>
<body>
<form action="${pageContext.request.contextPath}/servlet/UserRegistServlet" method="post">
<input name="name"/><input type="submit" value="保存"/>
</form>
</body>
</html>
index.html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>index.html</title>
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="this is my page">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="http://blog.163.com/faith_yee/blog/css/main.css">
<script type="text/javascript" src="http://blog.163.com/faith_yee/blog/js/1.js"></script>
</head>
<body>
hello ,good morning.
</body>
</html>
index.jsp
<%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="http://blog.163.com/faith_yee/blog/<%=basePath%>">
<title>My JSP ‘index.jsp‘ starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="http://blog.163.com/faith_yee/blog/styles.css">
-->
</head>
<body>
This is my JSP page. <br>
</body>
</html>
测试addCustomer
测试addUser
测试 DyncSourceNoNeedCache
测试 StaticSourceNeedCache
示例4、自动登录
分析资料:
项目:day1902autoLogin
项目架构:
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
<display-name></display-name>
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>com.itheima.servlet.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/servlet/LoginServlet</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<filter>
<display-name>CharacterEncodingFilter</display-name>
<filter-name>CharacterEncodingFilter</filter-name>
<filter-class>com.itheima.filter.CharacterEncodingFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CharacterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<display-name>AutoLoginFilter</display-name>
<filter-name>AutoLoginFilter</filter-name>
<filter-class>com.itheima.filter.AutoLoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AutoLoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
User.java
package com.itheima.domain;
import java.io.Serializable;
public class User implements Serializable {
private String username;
private String password;
public User(String username, String password) {
super();
this.username = username;
this.password = password;
}
public User() {
super();
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
UserDB.java
package com.itheima.domain;
import java.util.ArrayList;
import java.util.List;
public class UserDB {
private static List<User> users = new ArrayList<User>();
static{
users.add(new User("郭女士","123"));
users.add(new User("丁先生","123"));
users.add(new User("fj","123"));
}
public static User findUser(String username,String password){
for(User u:users){
if(username.equals(u.getUsername())&&password.equals(u.getPassword())){
return u;
}
}
return null;
}
public static User findUser(String username){
for(User u:users){
if(username.equals(u.getUsername())){
return u;
}
}
return null;
}
}
AutoLoginFilter.java
package com.itheima.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.itheima.domain.User;
import com.itheima.domain.UserDB;
import com.itheima.util.Base64Util;
import com.itheima.util.Md5Util;
/**
* Servlet Filter implementation class AutoLoginFilter
*/
public class AutoLoginFilter implements Filter {
/**
* Default constructor.
*/
public AutoLoginFilter() {
// TODO Auto-generated constructor stub
}
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
//读取session中的值
User u = (User)request.getSession().getAttribute("user");
if(u==null){
//2.没有登录,可以读Cookie
Cookie cs [] = request.getCookies();
//3.遍历
if(cs==null){
return ;
}
Cookie userCookie = null;
if(cs!=null && cs.length>0){
for (int i = 0; i < cs.length; i++) {
Cookie c = cs[i];
if("userinfo".equals(c.getName())){
//如果找到了你想的cookie
userCookie = c;
break;
}
}
}
//4.说明存在要找的Cookie
if(userCookie!=null){
String username_pwd = userCookie.getValue();
String b64username = username_pwd.split("_")[0];//取b64编码后的用户名
String md5pwd = username_pwd.split("_")[1];//取md5加密后的密码
//5.还原用户名
String trueUsername = Base64Util.decode(b64username);
//6.根据用户名,到UserDB中查找,得到一个User对象
User uu = UserDB.findUser(trueUsername);
if(uu!=null){
if(md5pwd.equals(Md5Util.encode(uu.getPassword()))){
request.getSession().setAttribute("user", uu);
}
}
}
}
chain.doFilter(request, response);
}
public void init(FilterConfig fConfig) throws ServletException {
}
}
CharacterEncodingFilter.java
package com.itheima.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
/**
* Servlet Filter implementation class CharacterEncodingFilter
*/
public class CharacterEncodingFilter implements Filter {
/**
* Default constructor.
*/
public CharacterEncodingFilter() {
}
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
request.setCharacterEncoding("UTF-8");//post提交有效
response.setCharacterEncoding("UTF-8");//响应结果的编码
response.setContentType("text/html;charset=UTF-8");//告诉浏览器用什么编码,它也有上一行代码的功能
chain.doFilter(request, response);
}
public void init(FilterConfig fConfig) throws ServletException {
}
}
LoginServlet.java
package com.itheima.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.itheima.domain.User;
import com.itheima.domain.UserDB;
import com.itheima.util.Base64Util;
import com.itheima.util.Md5Util;
public class LoginServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
//1.获取参数
String username = request.getParameter("username");
String password = request.getParameter("password");
String expires = request.getParameter("expires");
//2.验证用户的合法性
User u = UserDB.findUser(username, password);
//3.判断是非法用户,直接返回到登录页
if(u==null){
response.getWriter().write("登录失败,2秒后请重新登录");
response.setHeader("Refresh", "2;URL="+request.getContextPath()+"/login.jsp");
return;
}
//4.合法用户,将用户信息存入session
request.getSession().setAttribute("user", u);
//5.产生一个Cookie,用于保存登录用户的用户名_密码 (base64username_md5password)
Cookie c = new Cookie("userinfo",Base64Util.encode(u.getUsername())+"_"+Md5Util.encode(u.getPassword()));
//6.设置cookie的path路径
c.setPath(request.getContextPath());//代表当前应用请求时,cookie信息都发送给服务器
//7.设置cookie的存活时间
if("never".equals(expires)){
c.setMaxAge(0);
}else if("month".equals(expires)){
c.setMaxAge(30*24*60*60);//秒
}else if("year".equals(expires)){
c.setMaxAge(365*24*60*60);
}else if("forever".equals(expires)){
c.setMaxAge(Integer.MAX_VALUE);
}
//8.发送给浏览器
response.addCookie(c);
//9重定向到index.jsp
response.sendRedirect(request.getContextPath()+"/index.jsp");
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doGet(request, response);
}
}
Base64Util.java
package com.itheima.util;
import java.io.IOException;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
public class Base64Util {
//编码
public static String encode(String oldStr){
BASE64Encoder b64Encoder = new BASE64Encoder();
return b64Encoder.encode(oldStr.getBytes());
}
//解码
public static String decode(String oldStr){
try {
BASE64Decoder b64Decoder = new BASE64Decoder();
byte []newStr = b64Decoder.decodeBuffer(oldStr);
return new String(newStr);
} catch (IOException e) {
e.printStackTrace();
throw new RuntimeException(e);
}
}
}
Md5Util.java
package com.itheima.util;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import sun.misc.BASE64Encoder;
public class Md5Util {
public static String encode(String oldStr){
try {
MessageDigest md5 = MessageDigest.getInstance("md5");
byte [] newStr = md5.digest(oldStr.getBytes());
BASE64Encoder b64 = new BASE64Encoder();
return b64.encode(newStr);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
throw new RuntimeException(e);
}
}
public static void main(String[] args) {
for(int i=1;i<20;i++){
String newString = Md5Util.encode("abc"+i);
System.out.println(newString);
}
}
}
bbs.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title></title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
</head>
<body>
${sessionScope.user.username}
</body>
</html>
index.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>XX网站</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="http://blog.163.com/faith_yee/blog/styles.css">
-->
</head>
<body>
<c:if test="${sessionScope.user==null}">
<a href="http://blog.163.com/faith_yee/blog/${pageContext.request.contextPath}/login.jsp">登录</a>
</c:if>
<c:if test="${sessionScope.user!=null}">
欢迎您:${user.username}<a href="http://blog.163.com/faith_yee/blog/#">注销</a>
</c:if>
<hr/>
XX网站
<a href="http://blog.163.com/faith_yee/blog/${pageContext.request.contextPath}/bbs.jsp">帖子</a>
</body>
</html>
login.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title></title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
</head>
<body>
<form action="${pageContext.request.contextPath}/servlet/LoginServlet" method="post">
用户名:<input type="text" name="username"/><br/>
密码:<input type="password" name="password"/><br/>
登录有效期:<input type="radio" name="expires" value="never" checked="checked">无
<input type="radio" name="expires" value="month">一个月
<input type="radio" name="expires" value="year">一年
<input type="radio" name="expires" value="forever">永久<br/>
<input type="submit" value="登录"/>
</form>
</body>
</html>
测试:
util-->Base64Util
//编码
public static String encode(oldStr){
BASE64Encoder b64Encode = new BASE64Encoder();
return b64Encoder.encode(oldStr.getBytes());
}
//解码
public static String decode(String oldStr){
BASE64Decoder b64Decoder = new BASE64Decoder();
byte []newStr = b64Decoder.decodeBuffer(oldStr);//stream类型
return new String(newStr);
}
该工具类把用户名编码进行编码传输!
util--->Md5Util
Md5不可逆
public static String encode (String oldStr){
MessageDigest md5 = MessageDigest.getInstance("md5");
byte[] newStr = md5.digest(oldStr.getBytes());
//return new String (newStr);
//以上这种加密不好使,会产生一些无厘头的中文,所以为了传输这md5产生的加密文件,所以结合上面的Base64util来给加密文件都进行编码!!传输到另一方进行解码!!
}
测试工具类
以上主要是为了通过客户端发来用户名和密码,发送给客户端,通过md5把密码加密后传输到服务器端,服务器端经过匹配md5加密后的密码去取出数据库中的用户资料,这个传输过程使用base64编码解码进行传输。。
Base64Util是3字节变成4字节
1、全站编码过滤器
问题是,我们输入的那么多jsp,怎么弄一个功能更强大的filter去解决get/post的乱码问题
在web.xml里加上<init-param>属性配置
改进CHaracterEncodingFilter
把代码写活,适用型强
调包-->新类MyHttpServletRequset(内部类):!!!调包后换了一个功能更强大的
包装设计模式
2、包装设计模式解释
包装设计模式
MyBufferReader extends BufferdReader{
private BufferedReader reader ;
public MyBufferedReader(Reader in){
super(in);
this.reader =(BufferedReader)in;
}
public String readLine() throws IOException{
String content = reader.readLine();
if(content!=null)
return (i++)+content;
return super.readLine();
}
}
//包装模式包装的是对象(本身就是一个包装类,此时可以简化写法)
在super()完以前的继承类后,就改写要加强的方法就OK
3、脏话过滤器
首先要有一个脏话数据库 在filter--->DirtyWordsFilter--->过滤路径:全部
在doFilter
{
String woeds[]={"叫兽","禽兽","FUCK"};
调包
形成过滤器链
目的:改写方法
}
4、html过滤器
写Html过滤器filter-->HtmlFilter
在tomcat里的example里找一个Html的filter去复制里面的代码
替换-->令标签代码无效
以下的所有示例都是换包再发送出去,这就是包装设计模式
项目:day1903advanceExample-->CharacterEncodingFilter
项目架构:
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
<display-name></display-name>
<servlet>
<servlet-name>UserRegistServlet</servlet-name>
<servlet-class>com.itheima.servlet.UserRegistServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>GzipDemo1</servlet-name>
<servlet-class>com.itheima.servlet.GzipDemo1</servlet-class>
</servlet>
<servlet>
<servlet-name>GzipDemo2</servlet-name>
<servlet-class>com.itheima.servlet.GzipDemo2</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>UserRegistServlet</servlet-name>
<url-pattern>/servlet/UserRegistServlet</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>GzipDemo1</servlet-name>
<url-pattern>/servlet/GzipDemo1</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>GzipDemo2</servlet-name>
<url-pattern>/servlet/GzipDemo2</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<filter>
<display-name>CharacterEncodingFilter</display-name>
<filter-name>CharacterEncodingFilter</filter-name>
<filter-class>com.itheima.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encode</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CharacterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<display-name>DirtyWordsFilter</display-name>
<filter-name>DirtyWordsFilter</filter-name>
<filter-class>com.itheima.filter.DirtyWordsFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>DirtyWordsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<display-name>HtmlFilter</display-name>
<filter-name>HtmlFilter</filter-name>
<filter-class>com.itheima.filter.HtmlFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>HtmlFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<display-name>GzipFilter</display-name>
<filter-name>GzipFilter</filter-name>
<filter-class>com.itheima.filter.GzipFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>GzipFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
CharacterEncodingFilter.java
package com.itheima.filter;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
public class CharacterEncodingFilter implements Filter {
private FilterConfig config;
public CharacterEncodingFilter() {
}
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
String encode = "UTF-8";
String paramValue = config.getInitParameter("encode");
if(paramValue!=null){
encode =paramValue;
}
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
request.setCharacterEncoding(encode);//post提交有效
response.setCharacterEncoding(encode);//响应结果的编码
response.setContentType("text/html;charset="+encode);//告诉浏览器用什么编码,它也有上一行代码的功能
//调包
MyHttpServletRequest myrequest = new MyHttpServletRequest(request);
chain.doFilter(myrequest, response);
}
public void init(FilterConfig fConfig) throws ServletException {
this.config = fConfig;
}
//包装设计模式
public class MyHttpServletRequest extends HttpServletRequestWrapper {
public MyHttpServletRequest(HttpServletRequest request) {
super(request);
}
@Override
public String getParameter(String name) {
String value = super.getParameter(name);
String method = super.getMethod();//得到请求的类型 get/post
if("get".equalsIgnoreCase(method)){
try {
value = new String(value.getBytes("iso-8859-1"),super.getCharacterEncoding());
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
}
return value;
}
}
}
DirtyWordsFilter.java
package com.itheima.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
public class DirtyWordsFilter implements Filter {
public DirtyWordsFilter() {
}
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
//调包,这样下一层在用时,就会使用重写之后的getParameter()方法
MyHttpServletRequestDirtyWords mydirtywordsrequest= new MyHttpServletRequestDirtyWords(request);
chain.doFilter(mydirtywordsrequest, response);
}
public void init(FilterConfig fConfig) throws ServletException {
}
public class MyHttpServletRequestDirtyWords extends HttpServletRequestWrapper{
public MyHttpServletRequestDirtyWords(HttpServletRequest request) {
super(request);
}
@Override
public String getParameter(String name) {
String words []= {"叫兽","禽兽","FUCK"};
String oldParam = super.getParameter(name);
if(oldParam!=null)
for(String word:words){
oldParam =oldParam.replace(word, "***");//只替换脏话
}
return oldParam;
}
}
}
HtmlFilter.java
package com.itheima.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
/**
* Servlet Filter implementation class HtmlFilter
*/
public class HtmlFilter implements Filter {
/**
* Default constructor.
*/
public HtmlFilter() {
// TODO Auto-generated constructor stub
}
/**
* @see Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
//< < > >
MyHttpServletHtmlRequest htmlRequest = new MyHttpServletHtmlRequest(request);
chain.doFilter(htmlRequest, response);
}
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
// TODO Auto-generated method stub
}
public class MyHttpServletHtmlRequest extends HttpServletRequestWrapper {
public MyHttpServletHtmlRequest(HttpServletRequest request) {
super(request);
}
@Override
public String getParameter(String name) {
String value = super.getParameter(name);
return filter(value);
}
public String filter(String message) {
if (message == null)
return (null);
char content[] = new char[message.length()];
message.getChars(0, message.length(), content, 0);
StringBuffer result = new StringBuffer(content.length + 50);
for (int i = 0; i < content.length; i++) {
switch (content[i]) {
case ‘<‘:
result.append("<");
break;
case ‘>‘:
result.append(">");
break;
case ‘&‘:
result.append("&");
break;
case ‘"‘:
result.append(""");
break;
default:
result.append(content[i]);
}
}
return (result.toString());
}
}
}
UserRegistServlet.java
package com.itheima.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class UserRegistServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String name = request.getParameter("name");
//name = new String(name.getBytes("iso-8859-1"),"UTF-8");
System.out.println(name);
response.getWriter().write(name);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doGet(request, response);
}
}
addCustomer.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>客户注册</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<!--
<link rel="stylesheet" type="text/css" href="http://blog.163.com/faith_yee/blog/styles.css">
-->
</head>
<body>
<form action="${pageContext.request.contextPath}/servlet/CustomerRegistServlet" method="post">
<input name="name"/><input type="submit" value="保存"/>
</form>
</body>
</html>
addUser.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>用户注册</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<!--
<link rel="stylesheet" type="text/css" href="http://blog.163.com/faith_yee/blog/styles.css">
-->
</head>
<body>
<form action="${pageContext.request.contextPath}/servlet/UserRegistServlet" method="post">
<input name="name"/><input type="submit" value="保存"/>
</form>
</body>
</html>
总结:
CharacterEncodingFilter.java
DirtyWordsFilter.java
HtmlFilter.java
都是使用了包装设计模式:在filter里使用了自定义的内部类,利用子父类的关系把request发给继承了子类的自定义类去进行包装增强功能,并返回一个实现了自己新的功能方法的返回给新的自定义类,最后放行的时候就返回新的包装后的对象。提供给servlet去使用。
标签:javaweb
原文地址:http://blog.csdn.net/faith_yee/article/details/44835627