JavaWeb -- Servlet Filter 过滤器
1. Servlet API中提供了一个Filter接口,开发web应用时,如果编写的Java类实现了这个接口,则把这个java类称之为过滤器Filter。通过Filter技术,开发人员可以实现用户在访问某个目标资源之前,对访问的请求和响应进行拦截,如下所示:
)
对资源的多种调用方式进行拦截。
<filter>
<filter-name>testFitler</filter-name>
<filter-class>org.test.TestFiter</filter-class>
<init-param>
<param-name>word_file</param-name>
<param-value>/WEB-INF/word.txt</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>testFilter</filter-name>
<url-pattern>/test.jsp</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>testFilter</filter-name>
<url-pattern>/index.jsp</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
Form请求参数的中文问题
public class EncodingFilter implements Filter { private FilterConfig filterConfig; @Override
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
} @Override
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res; String charset = this.filterConfig.getInitParameter("charset");
request.setCharacterEncoding(charset);
response.setCharacterEncoding(charset);
response.setContentType("text/html;charset="+ charset); MyCharacterEncodingRequest myrequest = new MyCharacterEncodingRequest(request); chain.doFilter(myrequest, response);
} @Override
public void destroy() {
}
} /*
* 装饰者模式
1.实现与被增强对象相同的接口
2、定义一个变量记住被增强对象
3、定义一个构造器,接收被增强对象
4、覆盖需要增强的方法
5、对于不想增强的方法,直接调用被增强对象(目标对象)的方法
*/ class MyCharacterEncodingRequest extends HttpServletRequestWrapper
{
private HttpServletRequest request = null; public MyCharacterEncodingRequest(HttpServletRequest request) {
super(request);
this.request = request;
} @Override
public String getParameter(String name) { try
{
String value = this.request.getParameter(name);
if(value==null)
return null;
if(request.getMethod().equalsIgnoreCase("post"))
return value;
value = new String( value.getBytes("ISO8859-1"), this.request.getCharacterEncoding());
return value;
}
catch(Exception e)
{
throw new RuntimeException(e);
}
}
<filter>
<filter-name>EncodingFilter</filter-name>
<filter-class>com.kevin.web.EncodingFilter</filter-class>
<init-param>
<param-name>charset</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter> <filter-mapping>
<filter-name>EncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
public class servlet1 extends HttpServlet {
private static final long serialVersionUID = 1L; /**
* @see HttpServlet#HttpServlet()
*/
public servlet1() {
super();
// TODO Auto-generated constructor stub
} /**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.getWriter().write("servlet1中国");
String param1 = request.getParameter("param1");
String param2 = request.getParameter("param2");
System.out.println("Param1: " + param1);
System.out.println("Param2: " + param2); } /**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
} }
<%@ page language="java" import="java.util.*" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title> </title>
</head>
<body>
<!-- get方式 测试参数乱码问题 -->
<c:url value="/servlet1" scope="page" var="encodingTest">
<c:param name="param1" value="中国param1"></c:param>
</c:url>
<a href="${encodingTest}">encodingTest get方式测试</a> <!-- post方式 测试参数乱码问题 -->
<form action="${pageContext.request.contextPath}/servlet1" method="post">
输入<input type="text" name="param2">
提交<input type="submit" value="提交">
</form>
</body>
</html>
Filter常见应用(2) -- 不缓存
public class NoCacheFilter implements Filter { public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp; response.setDateHeader("Expires", -1);
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Pragma", "no-cache"); chain.doFilter(request, response);
} public void init(FilterConfig filterConfig) throws ServletException {
} public void destroy() {
}
}
public class ExpiresFilter implements Filter { private FilterConfig filterConfig; @Override
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
} @Override
public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp; //1.获取用户想访问的资源
String uri = request.getRequestURI(); //2.得到用户想访问的资源的后缀名
String ext = uri.substring( uri.lastIndexOf(".")+1 ); //3.得到资源需要缓存的时间
String time = filterConfig.getInitParameter(ext);
if(time!=null)
{
long t = Long.parseLong(time) * 3600 * 1000;
response.setDateHeader("expires", System.currentTimeMillis() + t);
}
chain.doFilter(request, response);
} @Override
public void destroy() {
// TODO Auto-generated method stub } }
<filter>
<filter-name>ExpiresFilter</filter-name>
<filter-class>com.kevin.web.ExpiresFilter</filter-class>
<init-param>
<param-name>css</param-name>
<param-value>4</param-value>
</init-param>
<init-param>
<param-name>jpg</param-name>
<param-value>1</param-value>
</init-param>
<init-param>
<param-name>js</param-name>
<param-value>4</param-value>
</init-param>
</filter> <filter-mapping>
<filter-name>ExpiresFilter</filter-name>
<url-pattern>*.css</url-pattern>
</filter-mapping> <filter-mapping>
<filter-name>ExpiresFilter</filter-name>
<url-pattern>*.jpg</url-pattern>
</filter-mapping> <filter-mapping>
<filter-name>ExpiresFilter</filter-name>
<url-pattern>*.js</url-pattern>
</filter-mapping>
Filter常见应用(4)
public class AutoLoginFilter implements Filter { public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp; if(request.getSession().getAttribute("user")!=null){
chain.doFilter(request, response);
return;
} //1.得到用户带过来的authlogin的cookie,
String value = null;
Cookie cookies[] = request.getCookies();
for(int i=0;cookies!=null && i<cookies.length;i++){
if(cookies[i].getName().equals("autologin")){
value = cookies[i].getValue();
}
} //2.得到 cookie中的用户名和密码
if(value!=null){
String username = value.split("\\.")[0];
String password = value.split("\\.")[1]; //3.调用dao获取用户对应的密码
UserDao dao = new UserDao();
User user = dao.find(username);
String dbpassword = user.getPassword(); //4.检查用户带过来的md5的密码和数据库中的密码是否匹配,如匹配则自动登陆
if(password.equals(WebUtils.md5(dbpassword))){
request.getSession().setAttribute("user", user);
}
} chain.doFilter(request, response);
} public void destroy() {
// TODO Auto-generated method stub
} public void init(FilterConfig filterConfig) throws ServletException {
// TODO Auto-generated method stub }
}
public class LoginServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException { String username = request.getParameter("username");
String password = request.getParameter("password"); UserDao dao = new UserDao();
User user = dao.find(username, password);
if(user==null){
request.setAttribute("message", "用户名或密码不对!!");
request.getRequestDispatcher("/message.jsp").forward(request, response);
return;
} request.getSession().setAttribute("user", user);
request.setAttribute("message", "恭喜,登陆成功!!"); //发送自动登陆cookie
sendAutoLoginCookie(request,response,user);
request.getRequestDispatcher("/message.jsp").forward(request, response);
} private void sendAutoLoginCookie(HttpServletRequest request, HttpServletResponse response, User user) { int logintime = Integer.parseInt(request.getParameter("logintime"));
Cookie cookie = new Cookie("autologin",user.getUsername() + "." + WebUtils.md5(user.getPassword()));
cookie.setMaxAge(logintime);
cookie.setPath("/day18");
response.addCookie(cookie);
} public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException { doGet(request, response);
}
}
接口中的所有方法,但这些方法的内部实现都是仅仅调用了一下所包装的的 request对象的对应方法)以避免用户在对request对象进行增强时需要实现request接口中的所有方法。
//脏话过滤器
public class DirtyFilter implements Filter { public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
DirtyRequest dirtyrequest = new DirtyRequest(request); chain.doFilter(dirtyrequest, response);
} public void init(FilterConfig filterConfig) throws ServletException {
} public void destroy() {
}
} class DirtyRequest extends HttpServletRequestWrapper{ private List<String> dirtyWords = Arrays.asList("傻B","操蛋","畜生");
private HttpServletRequest request;
public DirtyRequest(HttpServletRequest request) {
super(request);
this.request = request;
}
@Override
public String getParameter(String name) { String value = this.request.getParameter(name);
if(value==null){
return null;
} for(String dirtyWord : dirtyWords){
if(value.contains(dirtyWord)){
value = value.replace(dirtyWord, "****");
}
}
return value;
}
}
------------------------ HTML 过滤器 ------------------------------
//html转义过滤器
public class HtmlFilter implements Filter { public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp; MyHtmlRequest myrequest = new MyHtmlRequest(request);
chain.doFilter(myrequest, response);
} public void destroy() {
// TODO Auto-generated method stub
} public void init(FilterConfig filterConfig) throws ServletException {
// TODO Auto-generated method stub
}
} class MyHtmlRequest extends HttpServletRequestWrapper{ private HttpServletRequest request; public MyHtmlRequest(HttpServletRequest request) {
super(request);
this.request = request;
} @Override
public String getParameter(String name) { String value = this.request.getParameter(name);
if(value==null){
return null;
}
return filter(value);
} public String filter(String message) { if (message == null)
return (null); char content[] = new char[message.length()];
message.getChars(0, message.length(), content, 0);
StringBuffer result = new StringBuffer(content.length + 50);
for (int i = 0; i < content.length; i++) {
switch (content[i]) {
case '<':
result.append("<");
break;
case '>':
result.append(">");
break;
case '&':
result.append("&");
break;
case '"':
result.append(""");
break;
default:
result.append(content[i]);
}
}
return (result.toString()); }
}
4. response对象的增强
//解决全站压缩
public class GzipFilter implements Filter { public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp; BufferResponse myresponse = new BufferResponse(response); chain.doFilter(request, myresponse); //拿出缓存中的数据,压缩后再打给浏览器
byte out[] = myresponse.getBuffer();
System.out.println("原始大小:" + out.length); ByteArrayOutputStream bout = new ByteArrayOutputStream();
GZIPOutputStream gout = new GZIPOutputStream(bout);
gout.write(out);
gout.close(); byte gzip[] = bout.toByteArray();
System.out.println("压缩后的大小:" + gzip.length); response.setHeader("content-encoding", "gzip");
response.setContentLength(gzip.length);
response.getOutputStream().write(gzip);
} public void destroy() {
} public void init(FilterConfig filterConfig) throws ServletException {
}
} class BufferResponse extends HttpServletResponseWrapper{ private ByteArrayOutputStream bout = new ByteArrayOutputStream(); private PrintWriter pw;
private HttpServletResponse response;
public BufferResponse(HttpServletResponse response) {
super(response);
this.response = response;
}
@Override
public ServletOutputStream getOutputStream() throws IOException {
return new MyServletOutputStream(bout);
}
@Override
public PrintWriter getWriter() throws IOException {
pw = new PrintWriter(new OutputStreamWriter(bout,this.response.getCharacterEncoding())); //PrintWriter.write(中国) <br>
return pw;
} public byte[] getBuffer(){
try{
if(pw!=null){
pw.close();
}
if(bout!=null){
bout.flush();
return bout.toByteArray();
} return null;
}catch (Exception e) {
throw new RuntimeException(e);
}
}
} class MyServletOutputStream extends ServletOutputStream{ private ByteArrayOutputStream bout;
public MyServletOutputStream(ByteArrayOutputStream bout){
this.bout = bout;
} @Override
public void write(int b) throws IOException {
this.bout.write(b);
}
}
------------------------------- 案例: 缓存数据到内存 -------------------------------
//缓存数据到内存
public class CachedFilter implements Filter { private Map<String,byte[]> map = new HashMap<String,byte[]>(); public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp; //1.得到用户请求的uri
String uri = request.getRequestURI(); //2.看缓存中有没有uri对应的数据
byte b[] = map.get(uri); //3.如果缓存中有,直接拿缓存的数据打给浏览器,程序返回
if(b!=null){
response.getOutputStream().write(b);
return;
} //4.如果缓存没有,让目标资源执行,并捕获目标资源的输出
BufferResponse1 myresponse = new BufferResponse1(response);
chain.doFilter(request, myresponse);
byte out[] = myresponse.getBuffer(); //5.把资源的数据以用户请求的uri为关键字保存到缓存中
map.put(uri, out); //6.把数据打给浏览器
response.getOutputStream().write(out);
} public void init(FilterConfig filterConfig) throws ServletException {
} public void destroy() {
}
} class BufferResponse1 extends HttpServletResponseWrapper{ private ByteArrayOutputStream bout = new ByteArrayOutputStream(); //捕获输出的缓存 private PrintWriter pw; private HttpServletResponse response;
public BufferResponse1(HttpServletResponse response) {
super(response);
this.response = response;
}
@Override
public ServletOutputStream getOutputStream() throws IOException { return new MyServletOutputStream1(bout);
}
@Override
public PrintWriter getWriter() throws IOException {
pw = new PrintWriter(new OutputStreamWriter(bout,this.response.getCharacterEncoding()));
return pw;
} public byte[] getBuffer(){
try{
if(pw!=null){
pw.close();
}
return bout.toByteArray();
}catch (Exception e) {
throw new RuntimeException(e);
}
}
} class MyServletOutputStream1 extends ServletOutputStream{ private ByteArrayOutputStream bout;
public MyServletOutputStream1(ByteArrayOutputStream bout){ //接收数据写到哪里
this.bout = bout;
} @Override
public void write(int b) throws IOException {
bout.write(b);
} }
JavaWeb -- Servlet Filter 过滤器的更多相关文章
- JavaWeb之Filter过滤器
原本计划这一篇来总结JSP,由于JSP的内容比较多,又想着晚上跑跑步减减肥,所以今天先介绍Filter以及它的使用举例,这样的话还有些时间可以锻炼锻炼.言归正传,过滤器从字面理解她的话有拦网.过滤的功 ...
- 【JavaWeb】Filter 过滤器
Filter 过滤器 简介 Filter 过滤器是 JavaWeb 三大组件之一 Filter 过滤器是 JavaEE 的规范,也就是接口 Filter 过滤器的作用是 拦截请求,过滤响应 拦截请求的 ...
- javaweb之Filter过滤器详解
快速入门 1.新建一个类,实现Filter接口 2.实现doFilter()方法,打印一句话,来证明能够进行拦截 3.在web.xml中进行配置(参照Servlet配置) 4.访问一个页面,看看能不能 ...
- [JavaWeb] Servlet Filter
作用: Servlet 过滤器可以动态地拦截请求和响应,以变换或使用包含在请求或响应中的信息. 可以将一个或多个 Servlet 过滤器附加到一个 Servlet 或一组 Servlet.Servle ...
- Servlet Filter 过滤器
Filter也称之为过滤器,它是Servlet技术中最激动人心的技术,WEB开发人员通过Filter技术,对web服务器管理的所有web资源: 例如Jsp, Servlet, 静态图片文件或静态 ht ...
- Servlet Filter 过滤器 对指定页面不拦截
package niit.dxs.controller; import javax.servlet.*; import javax.servlet.http.HttpServletRequest; i ...
- javaweb的Filter过滤器设置全站编码
FIlter配置全站编码有一种方法是重写getParameter方法,也就是继承HttpServletRequestWrapper在重写getParameter方法,还有一种就是如下: public ...
- Introduction of Servlet Filter(介绍javaweb组件之一过滤器filter)
javaweb的三大组件都需要交给web服务器运行,都需要在web.xml文件中配置. ①Servlet:javax.servlet.Servlet通过http协议接受客户端的请求,并作出响应的Jav ...
- javaweb学习总结(四十六)——Filter(过滤器)常见应用
一.统一全站字符编码 通过配置参数charset指明使用何种字符编码,以处理Html Form请求参数的中文问题 1 package me.gacl.web.filter; 2 3 import ja ...
随机推荐
- python学习【第四篇】python函数 (一)
一.函数的介绍 函数是组织好的,可重复使用的,用来实现单一,或相关联功能的代码段. 函数能提高应用的模块性,和代码的重复利用率.你已经知道Python提供了许多内建函数,比如print().但你也可以 ...
- 【穿插】Python基础之文件、文件夹的创建,对上一期代码进行优化
在上一期妹子图的爬虫教程中,我们将图片都保存在了代码当前目录下,这样并不便于浏览,我们应该将同一个模特的图片都放在一个文件夹中. 今天我们就简单讲一下Python下如何创建文件.文件夹,今后就可以用上 ...
- ehcarts之toolbox,工具栏
toolbox 工具栏.内置有导出图片,数据视图,动态类型切换,数据区域缩放,重置五个工具. feature各工具配置项.具体显示功能 1.saveAsImage 保存为图片. 2.restore 还 ...
- CAS 源码编译
准备 :gradle idea 第一次用Idea 还是有点不熟悉呀,还是eclipse 顺手! 哈哈 下载源码 :我的是4.2.7 解压 导入idea 重点: 调试时候在写 .没时间
- ASIHttprequest 报错
(void)requestReceivedResponseHeaders:(NSMutableDictionary *)newResponseHeaders { if ([self error] || ...
- SqlProfiler的替代品-ExpressProfiler
可以用来跟踪执行的sql语句.安装SqlServer之后SqlServerManagementStudio自带一个SqlProfiler,但是如果安装的SqlExpress,那就没有了. 项目的主页在 ...
- HDU1950-Bridging signals-最长上升子序列
Description 'Oh no, they've done it again', cries the chief designer at the Waferland chip factory. ...
- excel同时冻结首行和首列怎么操作
之前ytkah只知道excel可以冻结首行或首列,但还不清楚如何同时冻结excel首行和首列,后面看到小C的报表,问了他才明白怎么操作. 首先,我们先把选中B2单元格,点击导航菜单的“视图” - “冻 ...
- 001infor record 计划时间取值增强-20150622
ZMD_MRP_PARAMETERS 3000公司下工厂跑MRP时,如果为外购则通过外挂表取infor record计划交期. METHOD if_ex_md_mrp_parameters~adjus ...
- 使用idea2016导出web项目war包
第一步配置Web Application:Exploded(已经配置的可以跳到第二步): 打开project structure(默认的快捷键是Ctrl+Alt+Shift+S),依次选择Artifa ...