【有道云笔记】二十 4.8 过滤器Filter
https://note.youdao.com/s/dSofip3f

一、为什么要使用过滤器

项目开发中，经常会用到重复代码的实现。

1、请求每个servlet都要设置编码

2、判断用户是否登录，只有登录了才有操作权限。

二、过滤器相关Api

interface Filter 过滤器核心接口

1、init(FilterConfig filterConfig) 初始化方法，在服务器启动的时候就执行

2、doFilter(ServletRequest request, ServletResponse response, FilterChain chain) 过滤器拦截的业务逻辑处理

3、destroy() 销毁过滤器实例的时候调用

interface FilterChain 过滤链

doFilter(ServletRequest request, ServletResponse response)

执行下一个过滤器或放行（访问servlet）

三、案例一：用过滤器处理POST请求编码问题

@WebFilter(filterName = "encoding", urlPatterns = "/*") public class EncodingFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { System.out.println("EncodingFilter.doFilter"); HttpServletRequest request = (HttpServletRequest) servletRequest; // 这个method是get还是post String method = request.getMethod(); // 解决post请求乱码问题 if ("post".equalsIgnoreCase(method)) { request.setCharacterEncoding("UTF-8"); } filterChain.doFilter(servletRequest, servletResponse); } @Override public void destroy() { } }

四、案例二、用过滤器完成登录

// /* 拦截所有的请求 @WebFilter(filterName = "login", urlPatterns = "/*") public class LoginFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { Filter.super.init(filterConfig); System.out.println("LoginFilter.init"); } // ServletRequest servletRequest = new HttpServletRequest() @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { System.out.println("LoginFilter.doFilter"); HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; String servletPath = request.getServletPath(); System.out.println("servletPath:" + servletPath); String method = request.getParameter("method"); //这是请求是要去完成登录的，不需要执行后面验证是否登录的流程 if (servletPath.endsWith(".jpg") || servletPath.endsWith(".png") || servletPath.endsWith(".js") || servletPath.endsWith(".css") || servletPath.equals("/login.jsp") || servletPath.equals("/user") && "login".equals(method)) { filterChain.doFilter(servletRequest, servletResponse); return; } HttpSession session = request.getSession(); User user = (User) session.getAttribute("user"); if (user == null) { response.sendRedirect("/login.jsp"); return; } //加了这句话代表方行，继续往后执行， //如果还有filter就访问后面filter，没有filter，就可以访问后台资源 filterChain.doFilter(servletRequest, servletResponse); } @Override public void destroy() { Filter.super.destroy(); System.out.println("LoginFilter.destroy"); } }

五、web.xml配置servlet和过滤器

servlet和filter除了用注解方式配置，还可以使用xml的方式配置

WEB-INF/web.xml是Web项目的核心配置文件

<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd" version="4.0"> <!-- @WebServlet("/student") public class StudentServlet extends HttpServlet { } --> <servlet> <servlet-name>studentServlet</servlet-name> <servlet-class>com.situ.web.controller.StudentServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>studentServlet</servlet-name> <url-pattern>/student</url-pattern> </servlet-mapping> <filter> <filter-name>encoding</filter-name> <filter-class>com.situ.web.filter.EncodingFilter</filter-class> </filter> <filter-mapping> <filter-name>encoding</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter> <filter-name>login</filter-name> <filter-class>com.situ.web.filter.LoginFilter</filter-class> </filter> <filter-mapping> <filter-name>login</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> </web-app>