1、概念
当访问服务器的资源时,Filter过滤器可以将请求拦截下来,完成一些特殊的功能。
通常都是用来拦截request进行处理的,也可以对返回的response进行拦截处理。
一般用于完成通用的操作。如:登录验证、统一编码处理、敏感字符过滤...
2、功能
它使用户可以改变一个request和修改一个response. Filter 不是一个servlet,它不能产生一个response,它能够在一个request到达servlet之前预处理request,也可以在response离开servlet时处理response。
3、拦截路径配置
1. 具体资源路径: /index.jsp 只有访问index.jsp资源时,过滤器才会被执行
2. 拦截目录: /user/* 访问/user下的所有资源时,过滤器都会被执行
3. 后缀名拦截: *.jsp 访问所有后缀名为jsp资源时,过滤器都会被执行
4. 拦截所有资源:/* 访问所有资源时,过滤器都会被执行
4、过滤器链执行顺序
1. 注解配置:按照类名的字符串比较规则比较,值小的先执行
2. web.xml配置: <filter-mapping>谁先定义,谁先执行。
5、Filter执行过程
6、完整案例
Filter1
public class Filter1 implements Filter {
//在服务器启动后,会创建Filter对象,然后调用init方法。只执行一次。用于加载资源
public void init(FilterConfig filterConfig) throws ServletException {
}
//每一次请求被拦截资源时,会执行。执行多次
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException, IOException {
String token = request.getParameter("token");
token = token == null ? "" : token;
if (token.equals("202")) {
System.out.println("Filter1 有请求进来了,并且token认证成功 ");
chain.doFilter(request, response);
response.getWriter().write("<br/> 凤凰新媒体版权所有");
System.out.println("Filter1 对应的后续链路执行完成,马上要返回结果了 ");
} else {
System.out.println("Filter1 有请求进来了,token非法,返回401 ");
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "令牌不正确");
}
}
//在服务器正常关闭后,Filter对象被销毁
public void destroy() {
}
}
Filter2
@WebFilter(filterName="filter2", urlPatterns = "/pages/*")
public class Filter2 implements Filter {
private String[] validityTokens;
//服务启动后,会创建当前Filter1对象。然后调用init方法,只执行一次,用于加载资源.
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("Filter2 我初始化中....");
//validityTokens = [];
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
String sex = request.getParameter("sex");
sex = sex == null ? "" : sex;
if (sex.equals("女")) {
System.out.println("Filter2 有请求【女的】进来了,并且性别认证成功 ");
chain.doFilter(request, response);
System.out.println("Filter2 对应的后续链路执行完成,马上要返回结果了 ");
} else {
System.out.println("Filter2 有男的过来,滚犊子。。。 ");
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "不是女的");
}
}
@Override
public void destroy() {
System.out.println("Filter1 destroy");
}
}
xml配置
<filter>
<filter-name>MyFilter1</filter-name>
<filter-class>com.beiyou.filter.Filter1</filter-class>
</filter>
<filter>
<filter-name>MyFilter2</filter-name>
<filter-class>com.beiyou.filter.Filter2</filter-class>
</filter>
<filter-mapping>
<filter-name>MyFilter2</filter-name>
<!-- 拦截路径 -->
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>MyFilter1</filter-name>
<!-- 拦截路径 -->
<url-pattern>/*</url-pattern>
</filter-mapping>
@WebServlet(name = "CServlet", value = "/pages/c", loadOnStartup=0)
public class CServlet extends HttpServlet {
public void init() {
System.out.println("CServlet 初始化");
}
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
response.setCharacterEncoding("utf-8");
response.setHeader("Content-Type","text/html;charset=utf-8");
PrintWriter writer = response.getWriter();
writer.println("I 老虎油。");
}
public void destroy() {
}
}
7、通过注解
@WebFilter(filterName="filter1", urlPatterns = "/pages/*")