Javafilter过滤器在项目开发中的应用

1、过滤器在项目开发中的应用javaee过滤器在项目怒开发中通常有三种应用：应用一：统一项目的字符编码：我们新建一个名为encode.java的文件，内容是: package filter;import java.ioioexception;import javax.servletfilter;import javaxservletfilterchain;import javax.servletfilterconfig; import javax.servletservletexception;import javax.servletservletrequest;import javaxservl

2、etservletresponse;public class encode implements filter public void destroy ()/ todo auto-germ吕ted method stubpublic void dofilter(servletrequest request, servletresponse response,filterchain chain) throws ioexception, servletexception requestsetcharacterencoding(nutf-8n);response setcharacterencodi

3、ng (lfutf-8,f);chain.dofilter(requesresponse);public void init(filterconfig argo) throws servletexception / todo auto-generated method stub程序在dofilter的方法中设置了request和response的编码为utf-8,这样便可以解决开发 屮的乱码问题，配置文件web.xml这样写：<filter><filter-name>encoding</filter-name><fiiter-class>filt

4、erencode</filter-class></filter<filter-mapping><filter-name>encoding</filter-name><url-pattern>/*</url-pattern></filter-mupping应用二：限制所有未经登陆的用户通过地址直接请求资源。 我们的项目文件结构如图：mulan chi dsrc田 filterjt) bosscheck.java tj emzode .java 0 qj unlogin.java9田 javabean.dates

5、javabean.mysql.login javabean.partpages "屈 login java ee 5 libraries味 referen匚ed libraries业 jre system library jdkl.7.0 年 webroot& meta-inf齡 pages accounteri& css& images& picture(> usermanage j* a匚匚ounterindex.jsp bossindex.jsp/ error .jsp j" login.jsp loginerrorjsp j&q

6、uot; saleindex.jsp& picture & web-infdlib 吋 web.xml所有的页面文件都在pages的文件夹下（包括第一个登陆页面）。 先建一个unlogin,java,内容为：package filter;防止未登录访问页面的过滤器import java.iooexception;import javax.servlet.filter;import javax.servlet. filterchain;import javax.servlet.filterconfig;import javax.servlet. requestdispatcher

7、;import javax.servlet.servletexcepti on;import javax.servlet.servletrequest;import javax.servlet.servletresp on se;import javax.servlet.http.httpservletrequest;import javax.servlet.http. httpservletresp onse;import javax.servlet.http.httpsessio n;public class un login impleme nts filter public void

8、destroy() / todo auto-generated method stub public void dofilter(servletrequest request, servletresponse response,filterchain chain) throws loexception, servletexception requestdispatcherdispatcher=request.getrequestdispatcher(n/pages/login.jsp");/ 这里设置如果没有登陆将要转发到 的页面httpservletrequest req = (h

9、ttpservletrequest) request;httpservletresponse res = (httpservletresponse) response;httpsession session = req.getsession(true);排除登陆贝面不被过滤stri ngrequest_uri = req.getrequesturi();string ctx_path =req.getc on textpath();这里假设是排除登陆页面login.jsp 。排除文件夹是一样的，例如排除 admin 文件夹：/adminif(request_uri.substring(ctx_

10、pathength().equals( vpages/loginjsp")chai n.dofilter(request,resp on se);return;/从session里収的用户名信息string username = (string) session.getattributername”);/这里获収 session,为 了检查session里有没有保存用户信息，没有的话回转发到登陆页面system.out.pri ntln (username);/判断如果没有取到用户信息，就跳转到登陆页面if (username = = null | | ,h.equals(usern

11、ame)/跳转到登陆页面dispatcher.forward(request,resp on se);/ system.out.println("用户没有登陆，不允许操作”)； res.setheader(ucache-c on trol"/no-store“)； res.setdateheader(,expires,o);res.setheader(,pragma，7, no-cache");else/已经登陆,继续此次请求chai n.dofilter(request,response);/system.out.println("ffl户已经登陆，允

12、许操作”)；public void init(filterconfig argo) throws servletexception / todo auto-generated method stub注意在dofilter方法屮先进行了对象的强制转换。设置好未登录将被转发到的请求页 面，然后排除login.jsp不被过滤，注意这种用法，也可用于排除某个冃录不被过滤。 web.xml这样配置：<filter><filter-name>unlogin</filter-name<filter-class>filter.unlogin</filter-cl

13、ass></filter><filter-mapping><filter-name>unlogin</filter-name><url-pattern>/pages/*</url-pattern></filter-mapping>表示所有对pages下的页面请求都会接受过滤。应用三：防止已经登陆的用户越权访问不该自己访问的目录。新建一个bosscheck, java,用于拦截普通用户强行访问管理员的页面。管理员的页面在 pages/usermanage文件夹下，内容如下：package filter;im

14、port java.iooexception;import javax.servlet.filter;import javax.servlet.filterchai n;import javax.servlet.filterc on fig;import javax.servlet. requestdispatcher;import javax.servlet.servletexception;import javax.servlet.servletrequest;import javax.servlet.servletresponse;import javax.servlet.http. h

15、ttpservletrequest;import javax.servlet.http.httpservletresp onse;import javax.servlet.http.httpsessi on;public class bosscheck implements filter public void destroy!) / todo auto-generated method stubpublic void dofilter(servletrequest request, servletresponse response, filterchain chain) throws loe

16、xception, servletexception httpservletrequest req = (httpservletrequest) request; httpservletresponse res = (httpservletresponse) response; httpsessi on sessio n 二 req.getsessi on (true);string user=(string)session.getattribute(nusertypeh)； if(,boss,.equals(user)chai n.d ofilter(request,response);return;requestdispat