过滤器Filter--登录案例

使用@WebFilter过滤器中设置例外URL的一种方式

request.getRequestURI()、getRequestURL()、getContextPath()、getServletPath()区别

http://www.imooc.com/video/4479

本例采用注解方式：

@LoginFilter

@WebFilter(dispatcherTypes = {DispatcherType.REQUEST }
, urlPatterns = "/*" ,initParams={
@WebInitParam(name="EXCLUDE_PAGE",value="login.jsp;LoginServlet;failure.jsp")})
public class LoginFilter implements Filter {//注意上面注解中,@WebInitparam中value值的大小写,如LoginServlet

private FilterConfig config;

public void destroy() {
}

public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession();
System.out.println(req.getServletPath());
System.out.println(req.getRequestURI());

//该部分可以考虑封装为一个方法
String string = config.getInitParameter("EXCLUDE_PAGE");
if(string != null) {
String[] strArray = string.split(";");//注意是分号;
for (int i = 0; i < strArray.length; i++) {
System.out.println("..."+strArray[i]);

if(strArray[i]==null && "".equals(strArray[i]))continue;//严谨判断

if(req.getRequestURI().indexOf(strArray[i])!=-1) {
chain.doFilter(request, response);
return;//没有的这句话,chain.doFilter()方法执行完,控制权返回本过滤器,还会往下执行呀,记得加上!
}
}
}

/*if(req.getRequestURI().indexOf("login.jsp")!=-1 ||
req.getRequestURI().indexOf("LoginServlet")!=-1)  {
chain.doFilter(request, response);
return;//没有的这句话,上面执行完后,还会往下执行呀,记得加上!
}*/
if(session.getAttribute("username")!=null) {
chain.doFilter(request, response);
} else {
res.sendRedirect(req.getContextPath()+"/login.jsp");//
}

}

public void init(FilterConfig fConfig) throws ServletException {
this.config = fConfig;
}

}

@LoginServlet

@WebServlet("/servlet/LoginServlet")
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}

protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

String username = request.getParameter("username");
String password = request.getParameter("password");
if("admin".equals(username)&&"123456".equals(password)) {
//检验通过
HttpSession session = request.getSession();
session.setAttribute("username", username);
request.getRequestDispatcher("/success.jsp").forward(request, response);
} else {
//检验失败
request.getRequestDispatcher("/failure.jsp").forward(request, response);

}

}

}

@login.jsp

<%@page pageEncoding="utf-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>登录页面</title>
</head>
<body>

<%
String path=request.getContextPath();
%>

<form action="<%=path%>/servlet/LoginServlet" method="post">
用户名：  <input type="text" name="username"/>
密码：<input type="password" name="password"/>
<input type="submit" value="提交"/>
</form>
</body>
</html>

@failure.jsp

<%@page pageEncoding="utf-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>登录页面</title>
</head>
<body>

登录失败，请检查用户名或密码
</body>
</html>

@success.jsp

<%@page pageEncoding="utf-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>登录页面</title>
</head>
<body>

恭喜${username }，登录成功
</body>
</html>

2.登录案例采用web.xml配置的部分关键内容：

<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.lyt.filter.LoginFilter</filter-class>
<init-param>
<param-name>EXCLUDE_PAGE</param-name>
<param-value>failure.jsp;login.jsp;LoginServlet</param-value>
</init-param>

</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>