版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/lv_yishi/article/details/79757907
过滤器执行流程
过滤器执行流程过滤器相关Api
|-- interface Filter 过滤器核心接口
Void init(filterConfig); 初始化方法,在服务器启动时候执行
Void doFilter(request,response,filterChain); 过滤器拦截的业务处理方法
Void destroy(); 销毁过滤器实例时候调用
|-- interface FilterConfig 获取初始化参数信息
对指定的请求拦截
/* 表示拦截所有的请求
<filter-mapping>
<filter-name>hello_filter2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
拦截指定类型:
默认拦截的类型:(直接访问或者重定向)
<dispatcher>REQUEST</dispatcher>
拦截转发:
<dispatcher>FORWARD</dispatcher>
拦截包含的页面(RequestDispatcher.include(/page.jsp); 对page.jsp也执行拦截)
<dispatcher>INCLUDE</dispatcher>
拦截声明式异常信息:
<dispatcher>ERROR</dispatcher>
<!-- 配置第二个过滤器 -->
<!-- 演示: 拦截指定的请求 -->
<filter>
<filter-name>hello_filter2</filter-name>
<filter-class>cn.itcast.a_filter_hello.HelloFilter2</filter-class>
</filter>
<filter-mapping>
<filter-name>hello_filter2</filter-name>
<!-- 1. 拦截所有
<url-pattern>/*</url-pattern>
-->
<!-- 2. 拦截指定的jsp
<url-pattern>/index.jsp</url-pattern>
<url-pattern>/list.jsp</url-pattern>
-->
<!-- 拦截所有的jsp
<url-pattern>*.jsp</url-pattern>
-->
<!-- 3. 根据servlet的内部名称拦截
<servlet-name>IndexServlet</servlet-name> //只拦截这个servlet
-->
<!-- 拦截指定的servlet (servlet名是index)
<url-pattern>/index</url-pattern>
-->
<!-- 4. 指定拦截指定的类型 -->
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>过滤器-编码统一处理代码展示:
显示jsp页面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My JSP 'index.jsp' starting page</title>
</head>
<body>
<form action="${pageContext.request.contextPath}/login" method="post" >
用户名:<input type="text" name="username"><br>
<input type="submit" value="post提交"><br>
</form>
<form action="${pageContext.request.contextPath}/login" method="get" >
用户名:<input type="text" name="username"><br>
<input type="submit" value="get提交"><br>
</form>
</body>
</html>public class LoginServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String name=request.getParameter("username");
System.out.println("用户名是: "+name);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doGet(request, response);
}
}package cn.itcast.encod;
import java.io.IOException;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class EncodingFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
// TODO Auto-generated method stub
//转换类型
final HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
//处理post提交的编码
request.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
/*
* 出现GET中文乱码,是因为在request.getParameter方法内部没有进行提交方式判断并处理。
* String name = request.getParameter("userName");
*
* 解决:对指定接口的某一个方法进行功能扩展,可以使用代理!
* 对request对象(目标对象),创建代理对象!
*/
HttpServletRequest proxy =(HttpServletRequest)Proxy.newProxyInstance(
request.getClass().getClassLoader(),
new Class[]{HttpServletRequest.class},
new InvocationHandler() {
@Override
public Object invoke(Object proxy, Method method, Object[] args)
throws Throwable {
// 定义方法返回值
Object returnValue = null;
//获取方法的名字,比如getParameter
String methodName = method.getName();
//// 判断:对getParameter方法进行GET提交中文处理
if ("getParameter".equals(methodName)) {
// 获取请求数据值【 <input type="text" name="userName">】
String value = request.getParameter(args[0].toString()); // 调用目标对象的方法
//String values = request.getParameter("username"); value的值等同于values
// 获取提交方式
String methodSubmit = request.getMethod(); // 直接调用目标对象的方法
// 判断如果是GET提交,需要对数据进行处理 (POST提交已经处理过了)
if ("GET".equals(methodSubmit)) {
if (value != null && !"".equals(value.trim())){
// 处理GET中文
value = new String(value.getBytes("ISO8859-1"),"UTF-8");
}
}
return value;
}else{
returnValue = method.invoke(request, args);
}
return returnValue;
}
});
chain.doFilter(proxy, response);
}
@Override
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
}
@Override
public void destroy() {
// TODO Auto-generated method stub
}
}public static Object newProxyInstance(ClassLoader loader, Class<?>[] interfaces, InvocationHandler h) throws IllegalArgumentException loader: 一个ClassLoader对象,定义了由哪个ClassLoader对象来对生成的代理对象进行加载 interfaces: 一个Interface对象的数组,表示的是我将要给我需要代理的对象提供一组什么接口, 如果我提供了一组接口给它,那么这个代理对象就宣称实现了该接口(多态),这样我就能调用这组接口中的方法了 h: 一个InvocationHandler对象,表示的是当我这个动态代理对象在调用方法的时候,会关联到哪一个InvocationHandler对象上
Object invoke(Object proxy, Method method, Object[] args) throws Throwable
proxy: 指代我们所代理的那个真实对象 相当于request
method: 指代的是我们所要调用真实对象的某个方法的Method对象 相当于getParameter
args: 指代的是调用真实对象某个方法时接受的参数 相当于userName
java.lang.Object中getClass()方法的用途:可以获取一个类的定义信息,然后使用反射去访问其全部信息(包括函数和字段)
ClassLoader主要对类的请求提供服务,当JVM需要某类时,它根据名称向ClassLoader要求这个类,
然后由ClassLoader返回这个类的class对象。
HttpServletRequest.class ::HttpServletRequest提供接口实例化
实际上java的每个类被编译成.class文件的时候,java虚拟机(叫jvm)会自动为这个类生成一个类对象,
这个对象保存了这个类的所有信息(成员变量,方法,构造器等),以后这个类要想实例化(也就是创建类的实例或创建类的对象)
那么都要以这个class对象为蓝图(或模版)来创建这个类的实例。
扫描二维码关注公众号,回复:
4006000 查看本文章
new Class[]{HttpServletRequest.class} ---》new Class[]
Class类的实例代表一个运行java应用程序的类和接口。
枚举是一种阶级和注释是一种接口。每一个数组也属于一个类,
该类被反映为一个类对象,该对象由所有具有相同元素类型和维数的数组共享。
psot和get编码:
指定后可以通过getParameter()则直接获得正确的字符串,如果不指定,则默认使用iso8859-1编码。值得注意的是在执行setCharacterEncoding()之前,不能执行任何getParameter()。而且,该指定只对POST方法有效,对GET方法无效。分析原因,应该是在执行第一个getParameter()的时候,Java将会按照编码分析所有的提交内容,
而后续的getParameter()不再进行分析,所以setCharacterEncoding()无效。而对于GET方法提交表单是, 提交的内容在URL中,一开始就已经按照编码分析提交内容,setCharacterEncoding()自然就无效。
使用post提交则按照setCharacterEncoding()分析所有的提交内容
但是get方法提交表单是,提交的内容在URL中 get方式url会经过一些规则经行编码的! 一开始就已经按照编码分析提交内容,setCharacterEncoding()自然就无效。
String.getBytes(String decode)
String.getBytes(String decode)方法会根据指定的decode编码返回某字符串在该编码下的byte数组表示
而与getBytes相对的,可以通过new String(byte[], decode)的方式来还原这个“中”字时,
这个new String(byte[], decode)实际是使用decode指定的编码来将byte[]解析成字符串。
类的加载:
getClass():取得当前对象所属的Class对象
getClassLoader():取得该Class对象的类装载器
每个编写的”.java”拓展名类文件都存储着需要执行的程序逻辑,这些”.java”文件经过Java编译器编译成拓展名为”.class”的文件,”.class”文件中保存着Java代码经转换后的虚拟机指令,当需要使用某个类时,虚拟机将会加载它的”.class”文件,并创建对应的class对象,将class文件加载到虚拟机的内存,这个过程称为类加载
额外:
<!-- 过滤器配置 -->
<filter>
<!-- filter 内部名称 -->
<filter-name>hello_filter</filter-name>
<!-- 过滤器类的全名 -->
<filter-class>cn.itcast.a_filter_hello.HelloFilter</filter-class>
</filter>
<filter-mapping>
<!-- filter 内部名称 -->
<filter-name>hello_filter</filter-name>
<!-- 拦截所有的资源 -->
<url-pattern>/index.jsp</url-pattern>
</filter-mapping>
服务器启动的时候创建实例和调用init()方法
chain.doFilter(request, response);
如果第一个过滤器没有这个方法,则进不了第二个过滤器
如果第二个过滤器没有这个方法,则进不了servlet里面
一般来说在doFilter里面必须要有chain.doFilter(request, response);
<!-- 拦截一个jsp -->
<filter-mapping>
<!-- filter内部名称 -->
<filter-name>hello_filter</filter-name>
<!-- 拦截所有资源 -->
<url-pattern>/index.jsp</url-pattern>
</filter-mapping>
<!-- 拦截两个jsp -->
<filter-mapping>
<!-- filter内部名称 -->
<filter-name>hello_filter</filter-name>
<!-- 拦截所有资源 -->
<url-pattern>/index.jsp</url-pattern>
<url-pattern>/list.jsp</url-pattern>
</filter-mapping>
<!-- 拦截多个jsp -->
<filter-mapping>
<!-- filter内部名称 -->
<filter-name>hello_filter</filter-name>
<!-- 拦截所有资源 -->
<url-pattern>*.jsp</url-pattern>
</filter-mapping>加载时过滤器的顺序:
**********第一次
1111111111
(1) 执行实例
(2) 开始调用的方法
(5) 准备拦截过滤
进入第二个拦截器
(4) 执行servlet
222
333333
停止运行
**************第二次
1111111111
(1) 执行实例
(2) 开始调用的方法
进入第二个拦截器
(5) 准备拦截过滤
(4) 执行servlet
执行sevlet之后返回
222
333333
停止运行
说明在.xml里面配置filter先后顺序并不影响过滤的先后顺序
加载配置信息:
<filter>
<filter-name>file_hello</filter-name>
<filter-class>cn.itcast.B_filter_hello.HelloFilters2</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>path</param-name>
<param-value>c:/...</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>file_hello</filter-name>
<url-pattern>/IndexsServlet</url-pattern>
</filter-mapping>过滤器_无效数据过滤
在jsp里面引入ckeditor使得里面输入的更加方便
https://blog.csdn.net/lv_yishi/article/details/79768320(当导入之后里面出现小红叉的解决方法)
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<!-- 引入ckeditor组件(给用户输入提供方便) -->
<script src="${pageContext.request.contextPath }/ckeditor/ckeditor.js"></script>
<link rel="stylesheet" href="${pageContext.request.contextPath }/ckeditor/samples/sample.css">
</head>
<body>
${requestScope.content }
<form name="frmDis" action="${pageContext.request.contextPath }/DisServlet" method="post">
发表评论: <textarea class="ckeditor" rows="6" cols="30" name="content"></textarea>
<br/>
<input type="submit" value="评论" >
</form>
</body>
</html> <filter>
<filter-name>data_filter</filter-name>
<filter-class>cn.itcast.b_filter_data.DateFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>data_filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>package cn.itcast.b_filter_data;
import java.io.IOException;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class DateFilter implements Filter{
/**
* 初始化要过滤的无效数据
*/
private List<String> dirtyData;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
//模拟数据库中的数据
dirtyData = new ArrayList<String>();
dirtyData.add("NND");
dirtyData.add("吃屎");
dirtyData.add("你大爷");
}
/**
* 过滤器业务处理方法:处理公用的业务逻辑操作
*/
@Override
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
//转型
final HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse)res;
/**
* 1.处理公用的逻辑业务
*/
HttpServletRequest requestProxy =(HttpServletRequest)Proxy.newProxyInstance(
request.getClass().getClassLoader(),// 定义代理对象类的类加载器。负责加载类的对象
new Class[]{HttpServletRequest.class}, //代理类要实现的接口列表
new InvocationHandler(){ // 当调用目标对象对象方法的时候, 自动触发事务处理器
@Override
public Object invoke(Object proxy, Method method,
Object[] args) throws Throwable {
//定义方法返回值
Object returnValue = null;
//当前执行方法的方法名
String methodName = method.getName();
//判断:对getParameter方法进行处理
if("getParameter".equals(methodName)){
//获取请求数据的值
String parameterValue = request.getParameter(args[0].toString());//调用目标对象的方法
//如果parameterValue中出现dirtyData中的数据,用**替换
for(String data : dirtyData){
//判断当前输入数据中是否包含无效数据
if(parameterValue.contains(data)){
parameterValue = parameterValue.replace(data, "**");
}
}
//返回处理完无效数据后的正确数据
return parameterValue;//返回getParameter方法的返回值
}else{
returnValue = method.invoke(request, args);//调用目标对象request的其它方法
return returnValue;//返回返回值
}
}
}
);
//2.放行(进入下一个过滤器或者进入Servlet)
chain.doFilter(requestProxy, response);//传入request代理对象requestProxy
}
@Override
public void destroy() {
// TODO Auto-generated method stub
}
}package cn.itcast.b_filter_data;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class DisServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// 获取请求数据
String content = request.getParameter("content");
System.out.println("Content"+content);
// 保存到request
request.setAttribute("content", "Content:" + content);
// 转发
request.getRequestDispatcher("/dis.jsp").forward(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doGet(request, response);
}
}
can登陆权限判断
登陆 ,提交到登陆Servlet处理其业务!
- 登陆成功, 跳转到首页,显示欢迎信息 + 列表信息
- 登陆失败,跳转到登陆!
要求:
只有登陆后,才可以访问首页, 显示列表
如果没有登陆,直接访问首页列表,要跳转到登陆
登录之显示列表页面list.jsp需要先进入inde
需要的jar包:
c3p0-0.9.1.2.jar
commons-dbutils-1.6.jar
mysql-connector-java-5.1.12-bin.jar
代码展示:
(1)基层类:Admin 和Employee
package cn.itcast.entity;
public class Employee {
private int empId;
/**
* @return the empId
*/
public int getEmpId() {
return empId;
}
/**
* @param empId the empId to set
*/
public void setEmpId(int empId) {
this.empId = empId;
}
/**
* @return the deptName
*/
public String getDeptName() {
return deptName;
}
/**
* @param deptName the deptName to set
*/
public void setDeptName(String deptName) {
this.deptName = deptName;
}
/**
* @return the dept_id
*/
public int getDept_id() {
return dept_id;
}
/**
* @param dept_id the dept_id to set
*/
public void setDept_id(int dept_id) {
this.dept_id = dept_id;
}
private String deptName;
private int dept_id;
}
package cn.itcast.entity;
public class Admin {
private int id;
/**
* @return the id
*/
public int getId() {
return id;
}
/**
* @param id the id to set
*/
public void setId(int id) {
this.id = id;
}
/**
* @return the userName
*/
public String getUserName() {
return userName;
}
/**
* @param userName the userName to set
*/
public void setUserName(String userName) {
this.userName = userName;
}
/**
* @return the pwd
*/
public String getPwd() {
return pwd;
}
/**
* @param pwd the pwd to set
*/
public void setPwd(String pwd) {
this.pwd = pwd;
}
private String userName;
private String pwd;
}
package cn.itcast.utils;
import javax.sql.DataSource;
import org.apache.commons.dbutils.QueryRunner;
import com.mchange.v2.c3p0.ComboPooledDataSource;
public class JdbcUtils {
private static DataSource dataSource;
static{
dataSource = new ComboPooledDataSource();
}
public static QueryRunner getQueryRunner(){
return new QueryRunner(dataSource);
}
}
Admin接口:
package cn.itcast.dao;
import cn.itcast.entity.Admin;
public interface IAdminDao {
//查询
Admin findByNameAndPwd(Admin admin);
}Employee接口:
package cn.itcast.dao;
import java.util.List;
import cn.itcast.entity.Employee;
public interface IEmployeeDao {
List<Employee> getAll();
}package cn.itcast.dao.impl;
import org.apache.commons.dbutils.QueryRunner;
import org.apache.commons.dbutils.handlers.BeanHandler;
import cn.itcast.dao.IAdminDao;
import cn.itcast.entity.Admin;
import cn.itcast.utils.JdbcUtils;
public class AdminDao implements IAdminDao {
@Override
public Admin findByNameAndPwd(Admin admin) {
String sql = "SELECT * FROM admin WHERE userName=? AND pwd=?";
try {
QueryRunner qr = JdbcUtils.getQueryRunner();
String username = admin.getUserName();
String pwd = admin.getPwd();
Admin ad=qr.query(sql, new BeanHandler<Admin>(Admin.class),username,pwd);
return ad;
} catch (Exception e) {
// TODO Auto-generated catch block
throw new RuntimeException(e);
}
}
}Employee接口实现:
package cn.itcast.dao.impl;
import java.util.List;
import org.apache.commons.dbutils.QueryRunner;
import org.apache.commons.dbutils.handlers.BeanListHandler;
import cn.itcast.dao.IEmployeeDao;
import cn.itcast.entity.Employee;
import cn.itcast.utils.JdbcUtils;
public class EmployeeDao implements IEmployeeDao {
@Override
public List<Employee> getAll() {
String sql = "SELECT * FROM employee";
try {
QueryRunner qr = JdbcUtils.getQueryRunner();
List<Employee> list = qr.query(sql, new BeanListHandler<Employee>(Employee.class));
return list;
} catch (Exception e) {
// TODO Auto-generated catch block
throw new RuntimeException(e);
}
}
}
package cn.itcast.service;
import cn.itcast.entity.Admin;
public interface IAdminService {
Admin findByNameAndPwd(Admin admin);
}package cn.itcast.service;
import java.util.List;
import cn.itcast.entity.Employee;
public interface IEmployeeService {
List<Employee> getAll();
}
package cn.itcast.service.impl;
import cn.itcast.dao.IAdminDao;
import cn.itcast.dao.impl.AdminDao;
import cn.itcast.entity.Admin;
import cn.itcast.service.IAdminService;
public class AdminService implements IAdminService {
private IAdminDao adminDao = new AdminDao();
@Override
public Admin findByNameAndPwd(Admin admin) {
// TODO Auto-generated method stub
return adminDao.findByNameAndPwd(admin);
}
}IEmployeeService接口实现EmployeeService:
package cn.itcast.service.impl;
import java.util.List;
import cn.itcast.dao.IEmployeeDao;
import cn.itcast.dao.impl.EmployeeDao;
import cn.itcast.entity.Employee;
import cn.itcast.service.IEmployeeService;
public class EmployeeService implements IEmployeeService {
private IEmployeeDao imployeeDao = new EmployeeDao();
@Override
public List<Employee> getAll() {
// TODO Auto-generated method stub
return imployeeDao.getAll();
}
}
package cn.itcast.servlet;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import cn.itcast.entity.Admin;
import cn.itcast.service.IAdminService;
import cn.itcast.service.impl.AdminService;
public class LoginServlet extends HttpServlet {
private IAdminService adminService = new AdminService();
private String uri;
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("UTF-8");
//获取输入的参数
String userName = request.getParameter("username");
String pwd = request.getParameter("pwd");
//将获取到的参数封装
Admin admin = new Admin();
admin.setUserName(userName);
admin.setPwd(pwd);
try {
//调用service里面查询业务,返回的是查询的结果,如果咩有返回null
Admin loginInfo = adminService.findByNameAndPwd(admin);
//判断
if(loginInfo==null){ //登录失败,从新返回登录的页面
uri="/login.jsp";
}else{//登录成功,将登录的信息封装到session域里面保存
request.getSession().setAttribute("loginInfo", loginInfo);
uri="/index";//跳转到列表页面
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
uri="/index.jsp";
}
request.getRequestDispatcher(uri).forward(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doGet(request, response);
}
}
package cn.itcast.servlet;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import cn.itcast.entity.Employee;
import cn.itcast.service.IEmployeeService;
import cn.itcast.service.impl.EmployeeService;
public class IndexServlet extends HttpServlet {
private IEmployeeService employeeService = new EmployeeService();
private String uri;
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
try {
//调用service查询所有,将查询的所有封装到list里面
List<Employee> list = employeeService.getAll();
//将list存储到requset域中,以便以后取
request.setAttribute("listEmp", list);
uri="/list.jsp";
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
uri="/index.jsp";
}
request.getRequestDispatcher(uri).forward(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doGet(request, response);
}
}
package cn.itcast.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginFilter implements Filter{
private String path=null;
@Override
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
//转换
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
//读取URL,一遍找到访问的是哪个页面好进行拦截获取放行
String uri = request.getRequestURI();
//System.out.println(uri+"00000000000");//测试返回的URL的值:/day21_dl/login.jsp00000000000
//截取
String requsetPath = uri.substring(uri.lastIndexOf("/")+1, uri.length());
//System.out.println(requsetPath+"1111111111");//测试截取是否成功:login.jsp1111111111
//判断
if("login".equals(requsetPath)||"login.jsp".equals(requsetPath)){ //如果是登录页面就直接放行
chain.doFilter(request, response);
}else{ //如果不是登录页面,判断session里面是否存有用户名密码
/*/
获取session里面的所有的对象
HttpServletRequest.getSession(ture) 等同于 HttpServletRequest.getSession(),没有session就创建一个新的
HttpServletRequest.getSession(false) 等同于 如果当前Session没有就为null;不创建新的
*/
HttpSession session=request.getSession(false);
//判断session里面是否有值
if(session!=null){
//获取存储的loginInfo的对象
Object obj = session.getAttribute("loginInfo");
if(obj!=null){
//如果是从list.jsp开始跳转回转向index
if("list.jsp".equals(requsetPath)){
// System.out.println("测试list.jsp是否执行");
path="/index";
}else{
//清除上一次保存的path的值,不清楚的话会继续执行会出现Cannot forward after response has been committed
path=null;
chain.doFilter(request, response);
}
}else{
path="/login.jsp";
}
}else{
path="/login.jsp";
}
/*这句话有必要添加上:因为如果没有过滤器的情况下,在index(IndexServlet)直接进行转发时候直接转到
* list.jsp页面里面了
* 但是有过滤器的情况下,也进行转发,但是转发到list.jsp页面之前先进入到过滤器里面,在执行到46行的时候chain.doFilter(request, response);
* 进行放行,但是下面request.getRequestDispatcher(path).forward(request, response);还要经过,不管path里面是否
* 为空他都要执行,就是执行这个放行之后,他的后面还有代码没有执行,既然跳转了页面,原页面的代码没有终止,一定会出错
* Cannot forward after response has been committed。,所以后面加上条件判断是否执行
* */
if(path!=null){
request.getRequestDispatcher(path).forward(request, response);
}
}
}
@Override
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
}
@Override
public void destroy() {
// TODO Auto-generated method stub
}
}
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body>
<form action="${pageContext.request.contextPath }/login" name="Login" method="post">
<table align="center" border="1">
<tr>
<td>
用戶名
</td>
<td>
<input type="text" name="username">
</td>
</tr>
<tr>
<td>
密码
</td>
<td>
<input type="password" name="pwd">
</td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" name="登陆">
</td>
</tr>
</table>
</form>
</body>
</html>
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!-- 引入jstl核心标签库 -->
<%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body>
<h1>欢迎你,${sessionScope.loginInfo.userName }</h1>
<!-- 列表展示数据 -->
<table align="center" border="1" width="80%" cellpadding="3" cellspacing="0">
<tr>
<td>序号</td>
<td>编号</td>
<td>员工名称</td>
</tr>
<c:if test="${not empty requestScope.listEmp}">
<c:forEach var="emp" items="${requestScope.listEmp}" varStatus="vs">
<tr>
<td>${vs.count }</td>
<td>${emp.deptName }</td>
<td>${emp.dept_id}</td>
</tr>
</c:forEach>
</c:if>
</table>
</body>
</html>
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name></display-name>
<filter>
<filter-name>login_filter</filter-name>
<filter-class>cn.itcast.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>login_filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>cn.itcast.servlet.LoginServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>IndexServlet</servlet-name>
<servlet-class>cn.itcast.servlet.IndexServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>IndexServlet</servlet-name>
<url-pattern>/index</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>