读书笔记--过滤器filter

Filter和Lister是Servlet规范里面的两个高级特性。不同于Servlet,他们不用处理客户请求,只用于对request和response进行修改或者对context、session、request事件进行监听。

Filter概述

滤镜链(FilterChain):多个Filter

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
package javax.servlet;

import java.io.IOException;

public interface Filter2 {

	/**
	 * web 程序启动时调用此方法, 用于初始化该 Filter
	 * 
	 * @param config
	 *            可以从该参数中获取初始化参数以及ServletContext信息等
	 * @throws ServletException
	 */
	public void init(FilterConfig config) throws ServletException;

	/**
	 * 客户请求服务器时会经过
	 * 
	 * @param request
	 *            客户请求
	 * @param response
	 *            服务器响应
	 * @param chain
	 *            滤镜链, 通过 chain.doFilter(request, response) 将请求传给下个 Filter 或
	 *            Servlet
	 * @throws ServletException
	 * @throws IOException
	 */
	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws ServletException, IOException;

	/**
	 * web 程序关闭时调用此方法, 用于销毁一些资源
	 */
	public void destroy();

}

Filter配置

1
2
3
4
5
6
7
8
9
10
11
12
13
<filter>
	<filter-name>logFilter</filter-name>
	<filter-class>com.helloweenvsfei.filter.LogFilter</filter-class>
	<init-param>
		<param-name>waterMarkFile</param-name>
		<param-value>/WEB-INF/logo.png</param-value>
	</init-param>
</filter>
<filter-mapping>
	<filter-name>logFilter</filter-name>
	<url-pattern>/*</url-pattern>
	<dispatcher>REQUEST</dispatcher>
</filter-mapping>

dispatcher配置到达Servlet的方式(request/forward/include/error)

Filter经典案例

防盗链Filter 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
public class ImageRedirectFilter implements Filter {

	public void init(FilterConfig config) throws ServletException {
	}

	public void doFilter(ServletRequest req, ServletResponse res,
			FilterChain chain) throws IOException, ServletException {

		HttpServletRequest request = (HttpServletRequest) req;
		HttpServletResponse response = (HttpServletResponse) res;

		// 禁止缓存
		response.setHeader("Cache-Control", "no-store");
		response.setHeader("Pragrma", "no-cache");
		response.setDateHeader("Expires", 0);

		// 链接来源地址
		String referer = request.getHeader("referer");

		if (referer == null || !referer.contains(request.getServerName())) {

			/**
			 * 如果 链接地址来自其他网站,则返回错误图片
			 */
			request.getRequestDispatcher("/error.gif").forward(request,
					response);

		} else {

			/**
			 * 图片正常显示
			 */
			chain.doFilter(request, response);
		}

	}

	public void destroy() {
	}
}
1
2
3
4
5
6
7
8
9
10
11
<filter>
	<filter-name>imageRedirectFilter</filter-name>
	<filter-class>
		com.helloweenvsfei.filter.ImageRedirectFilter
	</filter-class>
</filter>
<filter-mapping>
	<filter-name>imageRedirectFilter</filter-name>
	<url-pattern>/images/*</url-pattern>
	<url-pattern>/upload/images/*</url-pattern>
</filter-mapping>

字符编码Filter 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
public class CharacterEncodingFilter implements Filter {

	private String characterEncoding;
	private boolean enabled;

	@Override
	public void init(FilterConfig config) throws ServletException {

		characterEncoding = config.getInitParameter("characterEncoding");

		enabled = "true".equalsIgnoreCase(characterEncoding.trim())
				|| "1".equalsIgnoreCase(characterEncoding.trim());
	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {

		if (enabled || characterEncoding != null) {
			request.setCharacterEncoding(characterEncoding);
			response.setCharacterEncoding(characterEncoding);
		}

		chain.doFilter(request, response);
	}

	@Override
	public void destroy() {
		characterEncoding = null;
	}
}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
<filter>
	<filter-name>characterEncodingFilter</filter-name>
	<filter-class>
		com.helloweenvsfei.filter.CharacterEncodingFilter
	</filter-class>
	<init-param>
		<param-name>characterEncoding</param-name>
		<param-value>UTF-8</param-value>
	</init-param>
	<init-param>
		<param-name>enable</param-name>
		<param-value>true</param-value>
	</init-param>
</filter>
<filter-mapping>
	<filter-name>characterEncodingFilter</filter-name>
	<url-pattern>/*</url-pattern>
</filter-mapping>

日志记录filter 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
public class LogFilter implements Filter {

	private Log log = LogFactory.getLog(this.getClass());

	private String filterName;

	public void init(FilterConfig config) throws ServletException {

		// 获取 Filter 的 name,配置在 web.xml 中
		filterName = config.getFilterName();

		log.info("启动 Filter: " + filterName);

	}

	public void doFilter(ServletRequest req, ServletResponse res,
			FilterChain chain) throws IOException, ServletException {

		HttpServletRequest request = (HttpServletRequest) req;
		HttpServletResponse response = (HttpServletResponse) res;

		long startTime = System.currentTimeMillis();
		String requestURI = request.getRequestURI();

		requestURI = request.getQueryString() == null ? requestURI
				: (requestURI + "?" + request.getQueryString());

		chain.doFilter(request, response);

		long endTime = System.currentTimeMillis();

		log.info(request.getRemoteAddr() + " 访问了 " + requestURI + ", 总用时 "
				+ (endTime - startTime) + " 毫秒。");

	}

	public void destroy() {
		log.info("关闭 Filter: " + filterName);
	}

}

异常捕获filter 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
public class ExceptionHandlerFilter implements Filter {

	public void destroy() {
	}

	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {

		try {
			chain.doFilter(request, response);
		} catch (Exception e) {

			Throwable rootCause = e;

			while (rootCause.getCause() != null) {
				rootCause = rootCause.getCause();
			}

			String message = rootCause.getMessage();

			message = message == null ? "异常:" + rootCause.getClass().getName()
					: message;

			request.setAttribute("message", message);
			request.setAttribute("e", e);

			if (rootCause instanceof AccountException) {
				request.getRequestDispatcher("/accountException.jsp").forward(
						request, response);
			} else if (rootCause instanceof BusinessException) {
				request.getRequestDispatcher("/businessException.jsp").forward(
						request, response);
			} else {
				request.getRequestDispatcher("/exception.jsp").forward(request,
						response);
			}
		}
	}

	public void init(FilterConfig arg0) throws ServletException {
	}
}

权限验证filter 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
public class PrivilegeFilter implements Filter {

	private Properties pp = new Properties();

	public void init(FilterConfig config) throws ServletException {

		// 从 初始化参数 中获取权 限配置文件 的位置
		String file = config.getInitParameter("file");
		String realPath = config.getServletContext().getRealPath(file);
		try {
			pp.load(new FileInputStream(realPath));
		} catch (Exception e) {
			config.getServletContext().log("读取权限控制文件失败。", e);
		}
	}

	public void doFilter(ServletRequest req, ServletResponse res,
			FilterChain chain) throws IOException, ServletException {

		HttpServletRequest request = (HttpServletRequest) req;

		// 获取访问的路径,例如:admin.jsp
		String requestURI = request.getRequestURI().replace(
				request.getContextPath() + "/", "");

		// 获取 action 参数,例如:add
		String action = req.getParameter("action");
		action = action == null ? "" : action;

		// 拼接成 URI。例如:log.do?action=list
		String uri = requestURI + "?action=" + action;

		// 从 session 中获取用户权限角色。
		String role = (String) request.getSession(true).getAttribute("role");
		role = role == null ? "guest" : role;

		boolean authentificated = false;
		// 开始检查该用户角色是否有权限访问 uri
		for (Object obj : pp.keySet()) {
			String key = ((String) obj);
			// 使用正则表达式验证 需要将 ? . 替换一下,并将通配符 * 处理一下
			if (uri.matches(key.replace("?", "\\?").replace(".", "\\.")
					.replace("*", ".*"))) {
				// 如果 role 匹配
				if (role.equals(pp.get(key))) {
					authentificated = true;
					break;
				}
			}
		}
		if (!authentificated) {
			throw new RuntimeException(new AccountException(
					"您无权访问该页面。请以合适的身份登陆后查看。"));
		}
		// 继续运行
		chain.doFilter(req, res);
	}

	public void destroy() {
		pp = null;
	}
}

内容替换filter

gzip压缩filter

内容替换filter

图片水印Filter

缓存Filter

xslt转化Filter

文件上传Filter

谢谢打赏

支付宝
微信
javaweb

扫一扫,分享到微信

微信分享二维码

tag:

    缺失模块。
    1、在博客根目录(注意不是yilia根目录)执行以下命令:
    npm i hexo-generator-json-content --save

    2、在根目录_config.yml里添加配置: 

      jsonContent:
    meta: false
    pages: false
    posts:
      title: true
      date: true
      path: true
      text: true
      raw: false
      content: false
      slug: false
      updated: false
      comments: false
      link: false
      permalink: false
      excerpt: false
      categories: false
      tags: true