Filter, filter, that is, the filtering and preprocessing process of data, etc.
Why import it?
b. Check the HttpServletRequest as needed, and also modify the HTTPServletRequest header and data;
c. Call the doFilter method in the filter to release the request . After the request arrives at the servlet, the request is processed and HttpServletResponse is generated and sent to the client;
d. Before the HTTPServletResponse reaches the client, the filter intercepts the HTTPServletResponse;
e. Check the HTTPServletResponse as needed, and modify the HTTPServletResponse header and data;
of Filter (1) There are three important methods in the Filter interface:
① init() method: initialization parameters, which are automatically called when the Filter is created. When we need to set the initialization parameters, we can write it in this method;
②doFilter() method: When the request to be executed is intercepted, doFilter will be executed. Write our processing of requests and responses here;
③destory() method: automatically called when the interceptor is destroyed;
(2) the declaration cycle
of Filter The creation and destruction of Filter are controlled by the web server.
①When the server starts, the web server creates an instance object of the filter and calls the init method to complete the initialization function of the object. The filter object will only be created once, and the init method will only be executed once;
②When the request is intercepted, execute the doFilter method. It can be executed multiple times;
③When the server is shut down, the web server destroys the instance object of Filter;
①String getFilterName(): Get the name of the filter;
②String getInitParameter(String name): Return the value of the initialization parameter with the specified name in the deployment description. If it does not exist, it will return null;
③Enumeration getInitParameterNames(): Returns an enumeration set of the names of all initialization parameters of the filter;
④public ServletContext getServletContext(): Returns the reference of the Servlet context object; PS: context-param, what does the context parameter do? ? Used to initialize some parameter values in the web container for global use. What is the difference with init-param in servlet? One is global and the other is local. That is, the parent class and the subclass. The subclass can access the configuration information in the parent class, but the parent class cannot access the configuration information of the subclass. Pay attention to which configuration files are loaded into parent and child classes!
Why import it?
It is used to replace the sensitive request information with the * character, that is, the filter has processed the information; at the same time, the filter can preprocess the response returned by the server, which can greatly reduce the pressure on the server.
2. Applicable occasions: Implement URL-level permission access control, filter sensitive words, compress response information, etc.
3. How the filter implements interception
a. When the client sends a request, before the HttpServletRequest reaches the servlet, the filter intercepts the client's HttpServletRequest;b. Check the HttpServletRequest as needed, and also modify the HTTPServletRequest header and data;
c. Call the doFilter method in the filter to release the request . After the request arrives at the servlet, the request is processed and HttpServletResponse is generated and sent to the client;
d. Before the HTTPServletResponse reaches the client, the filter intercepts the HTTPServletResponse;
e. Check the HTTPServletResponse as needed, and modify the HTTPServletResponse header and data;
f. Finally, the httpServletResponse arrives at the client;
4. Filter interface : The Servlet API provides a Filter interface, and the written filter must implement this interface;
5. The declaration cycleof Filter (1) There are three important methods in the Filter interface:
① init() method: initialization parameters, which are automatically called when the Filter is created. When we need to set the initialization parameters, we can write it in this method;
②doFilter() method: When the request to be executed is intercepted, doFilter will be executed. Write our processing of requests and responses here;
③destory() method: automatically called when the interceptor is destroyed;
(2) the declaration cycle
of Filter The creation and destruction of Filter are controlled by the web server.
①When the server starts, the web server creates an instance object of the filter and calls the init method to complete the initialization function of the object. The filter object will only be created once, and the init method will only be executed once;
②When the request is intercepted, execute the doFilter method. It can be executed multiple times;
③When the server is shut down, the web server destroys the instance object of Filter;
6.Filter object--FilterConfig
When configuring the filter, the user can use <init-param> to configure some initialization parameters for the filter. When the web container instantiates the Filter object and calls its init method, the filterConfig object that encapsulates the filter initialization parameters will be passed in. Therefore, when writing a filter, you can obtain it through the method of the filterConfig object:①String getFilterName(): Get the name of the filter;
②String getInitParameter(String name): Return the value of the initialization parameter with the specified name in the deployment description. If it does not exist, it will return null;
③Enumeration getInitParameterNames(): Returns an enumeration set of the names of all initialization parameters of the filter;
④public ServletContext getServletContext(): Returns the reference of the Servlet context object; PS: context-param, what does the context parameter do? ? Used to initialize some parameter values in the web container for global use. What is the difference with init-param in servlet? One is global and the other is local. That is, the parent class and the subclass. The subclass can access the configuration information in the parent class, but the parent class cannot access the configuration information of the subclass. Pay attention to which configuration files are loaded into parent and child classes!