只有授权的用户才能访问一些页面,如果我们一个一个配置还是太复杂了,所以我们可以用过滤器来进行统一管理页面。我只有过滤器允许的才会到达对应的Servlet,就像一堵墙,而且我们可以设置多层。
示意图

添加过滤器

非常简单,实现Filter接口就好了:

1
2
3
4
5
6
7
@WebFilter("/*")   //路径的匹配规则和Servlet一致,这里表示匹配所有请求
public class TestFilter implements Filter {
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        
    }
}

我们在里面加点东西:

1
2
HttpServletRequest request = (HttpServletRequest) servletRequest;
System.out.println(request.getRequestURL());

我们发现所有请求都要经过这个过滤器,并且都没有相应内容。

那么如何到达Servlet呢?只需要最后面加一句:

1
filterChain.doFilter(servletRequest, servletResponse);

这个是过滤链,它会去第二层过滤器,如果没有的话将会去对应的Servlet

1
2
3
4
5
6
7
8
@WebFilter("/*")
public class TestFilter2 implements Filter {
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        System.out.println("我是2号过滤器");
        filterChain.doFilter(servletRequest, servletResponse);
    }
}

这样的话他会先打印过滤器1,再打印过滤器2,再跳转到Servlet。
示意图
同Servlet一样,Filter也有对应的HttpFilter专用类,它针对HTTP请求进行了专门处理,因此我们可以直接使用HttpFilter来编写:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
public abstract class HttpFilter extends GenericFilter {
    private static final long serialVersionUID = 7478463438252262094L;

    public HttpFilter() {
    }

    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        if (req instanceof HttpServletRequest && res instanceof HttpServletResponse) {
            this.doFilter((HttpServletRequest)req, (HttpServletResponse)res, chain);
        } else {
            throw new ServletException("non-HTTP request or response");
        }
    }

    protected void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException {
        chain.doFilter(req, res);
    }
}

我们只需要实现最下面的doFilter就好,来实现一下不登录访问域下所有Servlet需要过滤:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
@WebFilter("/*")
public class MainFilter extends HttpFilter {
    @Override
    protected void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException {
        String url = req.getRequestURL().toString();
        //判断是否为静态资源
        if(!url.endsWith(".js") && !url.endsWith(".css") && !url.endsWith(".png")){
            HttpSession session = req.getSession();
            User user = (User) session.getAttribute("user");
            //判断是否未登陆
            if(user == null && !url.endsWith("login")){
                res.sendRedirect("login");
                return;
            }
        }
        //交给过滤链处理
        chain.doFilter(req, res);
    }
}

以上。

说些什么吧!

twikoo