javaweb中Filter(過濾器)的常見應(yīng)用

更新時(shí)間：2015年12月25日 17:17:17 作者：孤傲蒼狼

這篇文章主要介紹了javaweb中Filter的常見應(yīng)用，過濾器的使用方法，感興趣的小伙伴們可以參考一下

一、統(tǒng)一全站字符編碼

通過配置參數(shù)charset指明使用何種字符編碼,以處理Html Form請(qǐng)求參數(shù)的中文問題

package me.gacl.web.filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;

/**
* @ClassName: CharacterEncodingFilter
* @Description: 此過濾器用來解決全站中文亂碼問題
*/ 
public class CharacterEncodingFilter implements Filter {

  private FilterConfig filterConfig = null;
  //設(shè)置默認(rèn)的字符編碼
  private String defaultCharset = "UTF-8";

  public void doFilter(ServletRequest req, ServletResponse resp,
      FilterChain chain) throws IOException, ServletException {
    
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) resp;
    String charset = filterConfig.getInitParameter("charset");
    if(charset==null){
      charset = defaultCharset;
    }
    request.setCharacterEncoding(charset);
    response.setCharacterEncoding(charset);
    response.setContentType("text/html;charset="+charset);
    
    MyCharacterEncodingRequest requestWrapper = new MyCharacterEncodingRequest(request);
    chain.doFilter(requestWrapper, response);
  }

  public void init(FilterConfig filterConfig) throws ServletException {
    //得到過濾器的初始化配置信息
    this.filterConfig = filterConfig;
  }
  
  public void destroy() {

  }
}

/*
1.實(shí)現(xiàn)與被增強(qiáng)對(duì)象相同的接口 
2、定義一個(gè)變量記住被增強(qiáng)對(duì)象
3、定義一個(gè)構(gòu)造器，接收被增強(qiáng)對(duì)象
4、覆蓋需要增強(qiáng)的方法
5、對(duì)于不想增強(qiáng)的方法，直接調(diào)用被增強(qiáng)對(duì)象（目標(biāo)對(duì)象）的方法
 */
 
class MyCharacterEncodingRequest extends HttpServletRequestWrapper{
  
  private HttpServletRequest request;
  public MyCharacterEncodingRequest(HttpServletRequest request) {
    super(request);
    this.request = request;
  }
  /* 重寫getParameter方法
   * @see javax.servlet.ServletRequestWrapper#getParameter(java.lang.String)
   */
  @Override
  public String getParameter(String name) {
    
    try{
      //獲取參數(shù)的值
      String value= this.request.getParameter(name);
      if(value==null){
        return null;
      }
      //如果不是以get方式提交數(shù)據(jù)的，就直接返回獲取到的值
      if(!this.request.getMethod().equalsIgnoreCase("get")) {
        return value;
      }else{
        //如果是以get方式提交數(shù)據(jù)的，就對(duì)獲取到的值進(jìn)行轉(zhuǎn)碼處理
        value = new String(value.getBytes("ISO8859-1"),this.request.getCharacterEncoding());
        return value;
      }
    }catch (Exception e) {
      throw new RuntimeException(e);
    }
  }
}

web.xml文件中的配置如下：

<filter>
   <filter-name>CharacterEncodingFilter</filter-name>
   <filter-class>me.gacl.web.filter.CharacterEncodingFilter</filter-class>
   <init-param>
     <param-name>charset</param-name>
     <param-value>UTF-8</param-value>
   </init-param>
 </filter>
 
 <filter-mapping>
   <filter-name>CharacterEncodingFilter</filter-name>
   <url-pattern>/*</url-pattern>
 </filter-mapping>

二、禁止瀏覽器緩存所有動(dòng)態(tài)頁面
　　有3 個(gè)HTTP 響應(yīng)頭字段都可以禁止瀏覽器緩存當(dāng)前頁面，它們?cè)?Servlet 中的示例代碼如下：

response.setDateHeader("Expires",-1);
response.setHeader("Cache-Control","no-cache");
response.setHeader("Pragma","no-cache");

　　并不是所有的瀏覽器都能完全支持上面的三個(gè)響應(yīng)頭，因此最好是同時(shí)使用上面的三個(gè)響應(yīng)頭。

Expires數(shù)據(jù)頭：值為GMT時(shí)間值，為-1指瀏覽器不要緩存頁面
Cache-Control響應(yīng)頭有兩個(gè)常用值：
no-cache指瀏覽器不要緩存當(dāng)前頁面。
max-age:xxx指瀏覽器緩存頁面xxx秒。

package me.gacl.web.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
* @ClassName: NoCacheFilter
* @Description: 禁止瀏覽器緩存所有動(dòng)態(tài)頁面
* @author: 孤傲蒼狼
* @date: 2014-8-31 下午11:25:40
*
*/ 
public class NoCacheFilter implements Filter {


  public void doFilter(ServletRequest req, ServletResponse resp,
      FilterChain chain) throws IOException, ServletException {
    //把ServletRequest強(qiáng)轉(zhuǎn)成HttpServletRequest
    HttpServletRequest request = (HttpServletRequest) req;
    //把ServletResponse強(qiáng)轉(zhuǎn)成HttpServletResponse
    HttpServletResponse response = (HttpServletResponse) resp;
    //禁止瀏覽器緩存所有動(dòng)態(tài)頁面
    response.setDateHeader("Expires", -1);
    response.setHeader("Cache-Control", "no-cache");
    response.setHeader("Pragma", "no-cache");
    
    chain.doFilter(request, response);
  }

  public void init(FilterConfig filterConfig) throws ServletException {

  }
  
  public void destroy() {
    
  }
}

web.xml文件中的配置如下：

<filter>
   <filter-name>NoCacheFilter</filter-name>
   <filter-class>me.gacl.web.filter.NoCacheFilter</filter-class>
 </filter>
 
 <filter-mapping>
   <filter-name>NoCacheFilter</filter-name>
    <!--只攔截Jsp請(qǐng)求-->
   <servlet-name>*.jsp</servlet-name>
 </filter-mapping>

三、控制瀏覽器緩存頁面中的靜態(tài)資源

　　有些動(dòng)態(tài)頁面中引用了一些圖片或css文件以修飾頁面效果，這些圖片和css文件經(jīng)常是不變化的，所以為減輕服務(wù)器的壓力，可以使用filter控制瀏覽器緩存這些文件，以提升服務(wù)器的性能。

package me.gacl.web.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
* @ClassName: CacheFilter
* @Description: 控制緩存的filter
*/ 
public class CacheFilter implements Filter {

  private FilterConfig filterConfig;

  public void doFilter(ServletRequest req, ServletResponse resp,
      FilterChain chain) throws IOException, ServletException {
  
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) resp;
    
    //1.獲取用戶想訪問的資源
    String uri = request.getRequestURI(); 
    
    //2.得到用戶想訪問的資源的后綴名
    String ext = uri.substring(uri.lastIndexOf(".")+1);
    
    //得到資源需要緩存的時(shí)間
    String time = filterConfig.getInitParameter(ext);
    if(time!=null){
      long t = Long.parseLong(time)*3600*1000;
      //設(shè)置緩存
      response.setDateHeader("expires", System.currentTimeMillis() + t);
    }
    
    chain.doFilter(request, response);

  }

  public void init(FilterConfig filterConfig) throws ServletException {
    this.filterConfig = filterConfig;
  }
  
  public void destroy() {
    
  }
}

web.xml文件中的配置如下：

<!-- 配置緩存過濾器 -->
  <filter>
   <filter-name>CacheFilter</filter-name>
   <filter-class>me.gacl.web.filter.CacheFilter</filter-class>
    <!-- 配置要緩存的web資源以及緩存時(shí)間，以小時(shí)為單位 -->
   <init-param>
     <param-name>css</param-name>
     <param-value>4</param-value>
   </init-param>
   <init-param>
     <param-name>jpg</param-name>
     <param-value>1</param-value>
   </init-param>
   <init-param>
     <param-name>js</param-name>
     <param-value>4</param-value>
   </init-param>
   <init-param>
     <param-name>png</param-name>
     <param-value>4</param-value>
   </init-param>
 </filter>
 <!-- 配置要緩存的web資源的后綴-->
 <filter-mapping>
   <filter-name>CacheFilter</filter-name>
   <url-pattern>*.jpg</url-pattern>
 </filter-mapping>
 
 <filter-mapping>
   <filter-name>CacheFilter</filter-name>
   <url-pattern>*.css</url-pattern>
 </filter-mapping>
 
 <filter-mapping>
   <filter-name>CacheFilter</filter-name>
   <url-pattern>*.js</url-pattern>
 </filter-mapping>
  <filter-mapping>
   <filter-name>CacheFilter</filter-name>
   <url-pattern>*.png</url-pattern>
 </filter-mapping>

四、實(shí)現(xiàn)用戶自動(dòng)登陸

思路是這樣的：

　　1、在用戶登陸成功后，發(fā)送一個(gè)名稱為user的cookie給客戶端，cookie的值為用戶名和md5加密后的密碼。
　　2、編寫一個(gè)AutoLoginFilter，這個(gè)filter檢查用戶是否帶有名稱為user的cookie來，如果有，則調(diào)用dao查詢cookie的用戶名和密碼是否和數(shù)據(jù)庫匹配，匹配則向session中存入user對(duì)象（即用戶登陸標(biāo)記），以實(shí)現(xiàn)程序完成自動(dòng)登陸。

核心代碼如下：

處理用戶登錄的控制器：LoginServlet

package me.gacl.web.controller;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import me.gacl.dao.UserDao;
import me.gacl.domain.User;
import me.gacl.util.WebUtils;

public class LoginServlet extends HttpServlet {

  public void doGet(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {

    String username = request.getParameter("username");
    String password = request.getParameter("password");
    
    UserDao dao = new UserDao();
    User user = dao.find(username, password);
    if(user==null){
      request.setAttribute("message", "用戶名或密碼不對(duì)??！");
      request.getRequestDispatcher("/message.jsp").forward(request, response);
      return;
    }
    request.getSession().setAttribute("user", user);
    //發(fā)送自動(dòng)登陸cookie給客戶端瀏覽器進(jìn)行存儲(chǔ)
    sendAutoLoginCookie(request,response,user);
    request.getRequestDispatcher("/index.jsp").forward(request, response);
  }

  /**
  * @Method: sendAutoLoginCookie
  * @Description: 發(fā)送自動(dòng)登錄cookie給客戶端瀏覽器
  * @param request
  * @param response
  * @param user
  */ 
  private void sendAutoLoginCookie(HttpServletRequest request, HttpServletResponse response, User user) {
    if (request.getParameter("logintime")!=null) {
      int logintime = Integer.parseInt(request.getParameter("logintime"));
      //創(chuàng)建cookie,cookie的名字是autologin，值是用戶登錄的用戶名和密碼，用戶名和密碼之間使用.進(jìn)行分割，密碼經(jīng)過md5加密處理
      Cookie cookie = new Cookie("autologin",user.getUsername() + "." + WebUtils.md5(user.getPassword()));
      //設(shè)置cookie的有效期
      cookie.setMaxAge(logintime);
      //設(shè)置cookie的有效路徑
      cookie.setPath(request.getContextPath());
      //將cookie寫入到客戶端瀏覽器
      response.addCookie(cookie);
    }
  }
  
  public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {

    doGet(request, response);
  }

}

處理用戶自動(dòng)登錄的過濾器：AutoLoginFilter

package me.gacl.web.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import me.gacl.dao.UserDao;
import me.gacl.domain.User;
import me.gacl.util.WebUtils;

public class AutoLoginFilter implements Filter {

  public void doFilter(ServletRequest req, ServletResponse resp,
      FilterChain chain) throws IOException, ServletException {
    
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) resp;
    //如果已經(jīng)登錄了，就直接chain.doFilter(request, response)放行
    if(request.getSession().getAttribute("user")!=null){
      chain.doFilter(request, response);
      return;
    }
    
    //1.得到用戶帶過來的authlogin的cookie
    String value = null;
    Cookie cookies[] = request.getCookies();
    for(int i=0;cookies!=null && i<cookies.length;i++){
      if(cookies[i].getName().equals("autologin")){
        value = cookies[i].getValue();
      }
    }
    
    //2.得到 cookie中的用戶名和密碼 
    if(value!=null){
      String username = value.split("\\.")[0];
      String password = value.split("\\.")[1];
      
      //3.調(diào)用dao獲取用戶對(duì)應(yīng)的密碼
      UserDao dao = new UserDao();
      User user = dao.find(username);
      String dbpassword = user.getPassword();
      
      //4.檢查用戶帶過來的md5的密碼和數(shù)據(jù)庫中的密碼是否匹配,如匹配則自動(dòng)登陸
      if(password.equals(WebUtils.md5(dbpassword))){
        request.getSession().setAttribute("user", user);
      }
    }
    
    chain.doFilter(request, response);
  }
  
  public void destroy() {
    
  }

  public void init(FilterConfig filterConfig) throws ServletException {

  }
}

如果想取消自動(dòng)登錄，那么可以在用戶注銷時(shí)刪除自動(dòng)登錄cookie，核心代碼如下：

package me.gacl.web.controller;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class CancelAutoLoginServlet extends HttpServlet {

  public void doGet(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    //移除存儲(chǔ)在session中的user
    request.getSession().removeAttribute("user");
    //移除自動(dòng)登錄的cookie
    removeAutoLoginCookie(request,response);
    //注銷用戶后跳轉(zhuǎn)到登錄頁面
    request.getRequestDispatcher("/login.jsp").forward(request, response);
  }

  /**
  * @Method: removeAutoLoginCookie
  * @Description: 刪除自動(dòng)登錄cookie，
  * JavaWeb中刪除cookie的方式就是新創(chuàng)建一個(gè)cookie，新創(chuàng)建的cookie與要?jiǎng)h除的cookie同名，
  * 設(shè)置新創(chuàng)建的cookie的cookie的有效期設(shè)置為0，有效路徑與要?jiǎng)h除的cookie的有效路徑相同
  * @param request
  * @param response
  */ 
  private void removeAutoLoginCookie(HttpServletRequest request, HttpServletResponse response) {
    //創(chuàng)建一個(gè)名字為autologin的cookie
    Cookie cookie = new Cookie("autologin","");
     //將cookie的有效期設(shè)置為0，命令瀏覽器刪除該cookie
    cookie.setMaxAge(0);
    //設(shè)置要?jiǎng)h除的cookie的path
    cookie.setPath(request.getContextPath());
    response.addCookie(cookie);
  }
  
  public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    doGet(request, response);
  }
}

以上就是過濾器的幾個(gè)常見應(yīng)用場(chǎng)景，希望對(duì)大家的學(xué)習(xí)有所幫助。

您可能感興趣的文章: