一、字符編碼的過濾器
import
?javax.servlet.
*
;?
import ?java.io.IOException;?
/** ?
*?用于設置?HTTP?請求字符編碼的過濾器,通過過濾器參數encoding指明使用何種字符編碼,用于處理Html?Form請求參數的中文問題?
*/ ?
public ? class ?CharacterEncodingFilter?
implements ?Filter?
{?
protected ?FilterConfig?filterConfig? = ? null ;?
protected ?String?encoding? = ? "" ;?
public ? void ?doFilter(ServletRequest?servletRequest,?ServletResponse?servletResponse,?FilterChain?filterChain)? throws ?IOException,?ServletException?
{?
if (encoding? != ? null )?
servletRequest.setCharacterEncoding(encoding);?
filterChain.doFilter(servletRequest,?servletResponse);?
} ?
public ? void ?destroy()?
{?
filterConfig? = ? null ;?
encoding? = ? null ;?
} ?
public ? void ?init(FilterConfig?filterConfig)? throws ?ServletException?
{?
this .filterConfig? = ?filterConfig;?
this .encoding? = ?filterConfig.getInitParameter( " encoding " );?
} ?
} ?
import ?java.io.IOException;?
/** ?
*?用于設置?HTTP?請求字符編碼的過濾器,通過過濾器參數encoding指明使用何種字符編碼,用于處理Html?Form請求參數的中文問題?
*/ ?
public ? class ?CharacterEncodingFilter?
implements ?Filter?
{?
protected ?FilterConfig?filterConfig? = ? null ;?
protected ?String?encoding? = ? "" ;?
public ? void ?doFilter(ServletRequest?servletRequest,?ServletResponse?servletResponse,?FilterChain?filterChain)? throws ?IOException,?ServletException?
{?
if (encoding? != ? null )?
servletRequest.setCharacterEncoding(encoding);?
filterChain.doFilter(servletRequest,?servletResponse);?
} ?
public ? void ?destroy()?
{?
filterConfig? = ? null ;?
encoding? = ? null ;?
} ?
public ? void ?init(FilterConfig?filterConfig)? throws ?ServletException?
{?
this .filterConfig? = ?filterConfig;?
this .encoding? = ?filterConfig.getInitParameter( " encoding " );?
} ?
} ?
二、使瀏覽器不緩存頁面的過濾器
import
?javax.servlet.
*
;?
import ?javax.servlet.http.HttpServletResponse;?
import ?java.io.IOException;?
/** ?
*?用于的使?Browser?不緩存頁面的過濾器?
*/ ?
public ? class ?ForceNoCacheFilter? implements ?Filter? {?
public ? void ?doFilter(ServletRequest?request,?ServletResponse?response,?FilterChain?filterChain)? throws ?IOException,?ServletException?
{?
((HttpServletResponse)?response).setHeader( " Cache-Control " , " no-cache " );?
((HttpServletResponse)?response).setHeader( " Pragma " , " no-cache " );?
((HttpServletResponse)?response).setDateHeader?( " Expires " ,? - 1 );?
filterChain.doFilter(request,?response);?
} ?
public ? void ?destroy()? {?
} ?
public ? void ?init(FilterConfig?filterConfig)? throws ?ServletException? {?
} ?
} ?
import ?javax.servlet.http.HttpServletResponse;?
import ?java.io.IOException;?
/** ?
*?用于的使?Browser?不緩存頁面的過濾器?
*/ ?
public ? class ?ForceNoCacheFilter? implements ?Filter? {?
public ? void ?doFilter(ServletRequest?request,?ServletResponse?response,?FilterChain?filterChain)? throws ?IOException,?ServletException?
{?
((HttpServletResponse)?response).setHeader( " Cache-Control " , " no-cache " );?
((HttpServletResponse)?response).setHeader( " Pragma " , " no-cache " );?
((HttpServletResponse)?response).setDateHeader?( " Expires " ,? - 1 );?
filterChain.doFilter(request,?response);?
} ?
public ? void ?destroy()? {?
} ?
public ? void ?init(FilterConfig?filterConfig)? throws ?ServletException? {?
} ?
} ?
三、檢測用戶是否登陸的過濾器
import
?javax.servlet.
*
;?
import ?javax.servlet.http.HttpServletRequest;?
import ?javax.servlet.http.HttpServletResponse;?
import ?javax.servlet.http.HttpSession;?
import ?java.util.List;?
import ?java.util.ArrayList;?
import ?java.util.StringTokenizer;?
import ?java.io.IOException;?
/** ?
*?用于檢測用戶是否登陸的過濾器,如果未登錄,則重定向到指的登錄頁面?
*?配置參數?
*?checkSessionKey?需檢查的在?Session?中保存的關鍵字?
*?redirectURL?如果用戶未登錄,則重定向到指定的頁面,URL不包括?ContextPath?
*?notCheckURLList?不做檢查的URL列表,以分號分開,并且?URL?中不包括?ContextPath?
*/ ?
public ? class ?CheckLoginFilter?
implements ?Filter?
{?
protected ?FilterConfig?filterConfig? = ? null ;?
private ?String?redirectURL? = ? null ;?
private ?List?notCheckURLList? = ? new ?ArrayList();?
private ?String?sessionKey? = ? null ;?
public ? void ?doFilter(ServletRequest?servletRequest,?ServletResponse?servletResponse,?FilterChain?filterChain)? throws ?IOException,?ServletException?
{?
HttpServletRequest?request? = ?(HttpServletRequest)?servletRequest;?
HttpServletResponse?response? = ?(HttpServletResponse)?servletResponse;?
HttpSession?session? = ?request.getSession();?
if (sessionKey? == ? null )?
{?
filterChain.doFilter(request,?response);?
return ;?
} ?
if (( ! checkRequestURIIntNotFilterList(request))? && ?session.getAttribute(sessionKey)? == ? null )?
{?
response.sendRedirect(request.getContextPath()? + ?redirectURL);?
return ;?
} ?
filterChain.doFilter(servletRequest,?servletResponse);?
} ?
public ? void ?destroy()?
{?
notCheckURLList.clear();?
} ?
private ? boolean ?checkRequestURIIntNotFilterList(HttpServletRequest?request)?
{?
String?uri? = ?request.getServletPath()? + ?(request.getPathInfo()? == ? null ? ? ? "" ?:?request.getPathInfo());?
return ?notCheckURLList.contains(uri);?
} ?
public ? void ?init(FilterConfig?filterConfig)? throws ?ServletException?
{?
this .filterConfig? = ?filterConfig;?
redirectURL? = ?filterConfig.getInitParameter( " redirectURL " );?
sessionKey? = ?filterConfig.getInitParameter( " checkSessionKey " );?
String?notCheckURLListStr? = ?filterConfig.getInitParameter( " notCheckURLList " );?
if (notCheckURLListStr? != ? null )?
{?
StringTokenizer?st? = ? new ?StringTokenizer(notCheckURLListStr,? " ; " );?
notCheckURLList.clear();?
while (st.hasMoreTokens())?
{?
notCheckURLList.add(st.nextToken());?
} ?
} ?
} ?
} ?
import ?javax.servlet.http.HttpServletRequest;?
import ?javax.servlet.http.HttpServletResponse;?
import ?javax.servlet.http.HttpSession;?
import ?java.util.List;?
import ?java.util.ArrayList;?
import ?java.util.StringTokenizer;?
import ?java.io.IOException;?
/** ?
*?用于檢測用戶是否登陸的過濾器,如果未登錄,則重定向到指的登錄頁面?
*?配置參數?
*?checkSessionKey?需檢查的在?Session?中保存的關鍵字?
*?redirectURL?如果用戶未登錄,則重定向到指定的頁面,URL不包括?ContextPath?
*?notCheckURLList?不做檢查的URL列表,以分號分開,并且?URL?中不包括?ContextPath?
*/ ?
public ? class ?CheckLoginFilter?
implements ?Filter?
{?
protected ?FilterConfig?filterConfig? = ? null ;?
private ?String?redirectURL? = ? null ;?
private ?List?notCheckURLList? = ? new ?ArrayList();?
private ?String?sessionKey? = ? null ;?
public ? void ?doFilter(ServletRequest?servletRequest,?ServletResponse?servletResponse,?FilterChain?filterChain)? throws ?IOException,?ServletException?
{?
HttpServletRequest?request? = ?(HttpServletRequest)?servletRequest;?
HttpServletResponse?response? = ?(HttpServletResponse)?servletResponse;?
HttpSession?session? = ?request.getSession();?
if (sessionKey? == ? null )?
{?
filterChain.doFilter(request,?response);?
return ;?
} ?
if (( ! checkRequestURIIntNotFilterList(request))? && ?session.getAttribute(sessionKey)? == ? null )?
{?
response.sendRedirect(request.getContextPath()? + ?redirectURL);?
return ;?
} ?
filterChain.doFilter(servletRequest,?servletResponse);?
} ?
public ? void ?destroy()?
{?
notCheckURLList.clear();?
} ?
private ? boolean ?checkRequestURIIntNotFilterList(HttpServletRequest?request)?
{?
String?uri? = ?request.getServletPath()? + ?(request.getPathInfo()? == ? null ? ? ? "" ?:?request.getPathInfo());?
return ?notCheckURLList.contains(uri);?
} ?
public ? void ?init(FilterConfig?filterConfig)? throws ?ServletException?
{?
this .filterConfig? = ?filterConfig;?
redirectURL? = ?filterConfig.getInitParameter( " redirectURL " );?
sessionKey? = ?filterConfig.getInitParameter( " checkSessionKey " );?
String?notCheckURLListStr? = ?filterConfig.getInitParameter( " notCheckURLList " );?
if (notCheckURLListStr? != ? null )?
{?
StringTokenizer?st? = ? new ?StringTokenizer(notCheckURLListStr,? " ; " );?
notCheckURLList.clear();?
while (st.hasMoreTokens())?
{?
notCheckURLList.add(st.nextToken());?
} ?
} ?
} ?
} ?
四、資源保護過濾器
package
?catalog.view.util;?
import ?javax.servlet.Filter;?
import ?javax.servlet.FilterConfig;?
import ?javax.servlet.ServletRequest;?
import ?javax.servlet.ServletResponse;?
import ?javax.servlet.FilterChain;?
import ?javax.servlet.ServletException;?
import ?javax.servlet.http.HttpServletRequest;?
import ?java.io.IOException;?
import ?java.util.Iterator;?
import ?java.util.Set;?
import ?java.util.HashSet;?
// ?
import ?org.apache.commons.logging.Log;?
import ?org.apache.commons.logging.LogFactory;?
/** ?
*?This?Filter?class?handle?the?security?of?the?application.?
*?
*?It?should?be?configured?inside?the?web.xml.?
*?
*? @author ?Derek?Y.?Shen?
*/ ?
public ? class ?SecurityFilter? implements ?Filter? {?
// the?login?page?uri?
private ? static ? final ?String?LOGIN_PAGE_URI? = ? " login.jsf " ;?
// the?logger?object?
private ?Log?logger? = ?LogFactory.getLog( this .getClass());?
// a?set?of?restricted?resources?
private ?Set?restrictedResources;?
/** ?
*?Initializes?the?Filter.?
*/ ?
public ? void ?init(FilterConfig?filterConfig)? throws ?ServletException? {?
this .restrictedResources? = ? new ?HashSet();?
this .restrictedResources.add( " /createProduct.jsf " );?
this .restrictedResources.add( " /editProduct.jsf " );?
this .restrictedResources.add( " /productList.jsf " );?
} ?
/** ?
*?Standard?doFilter?object.?
*/ ?
public ? void ?doFilter(ServletRequest?req,?ServletResponse?res,?FilterChain?chain)?
throws ?IOException,?ServletException? {?
this .logger.debug( " doFilter " );?
String?contextPath? = ?((HttpServletRequest)req).getContextPath();?
String?requestUri? = ?((HttpServletRequest)req).getRequestURI();?
this .logger.debug( " contextPath?=? " ? + ?contextPath);?
this .logger.debug( " requestUri?=? " ? + ?requestUri);?
if ?( this .contains(requestUri,?contextPath)? && ? ! this .authorize((HttpServletRequest)req))? {?
this .logger.debug( " authorization?failed " );?
((HttpServletRequest)req).getRequestDispatcher(LOGIN_PAGE_URI).forward(req,?res);?
} ?
else ? {?
this .logger.debug( " authorization?succeeded " );?
chain.doFilter(req,?res);?
} ?
} ?
public ? void ?destroy()? {} ?
private ? boolean ?contains(String?value,?String?contextPath)? {?
Iterator?ite? = ? this .restrictedResources.iterator();?
while ?(ite.hasNext())? {?
String?restrictedResource? = ?(String)ite.next();?
if ?((contextPath? + ?restrictedResource).equalsIgnoreCase(value))? {?
return ? true ;?
} ?
} ?
return ? false ;?
} ?
private ? boolean ?authorize(HttpServletRequest?req)? {?
// 處理用戶登錄?
/* ?UserBean?user?=?(UserBean)req.getSession().getAttribute(BeanNames.USER_BEAN);?
if?(user?!=?null?&&?user.getLoggedIn())?{?
//user?logged?in?
return?true;?
}?
else?{?
return?false;?
} */ ?
} ?
} ?
import ?javax.servlet.Filter;?
import ?javax.servlet.FilterConfig;?
import ?javax.servlet.ServletRequest;?
import ?javax.servlet.ServletResponse;?
import ?javax.servlet.FilterChain;?
import ?javax.servlet.ServletException;?
import ?javax.servlet.http.HttpServletRequest;?
import ?java.io.IOException;?
import ?java.util.Iterator;?
import ?java.util.Set;?
import ?java.util.HashSet;?
// ?
import ?org.apache.commons.logging.Log;?
import ?org.apache.commons.logging.LogFactory;?
/** ?
*?This?Filter?class?handle?the?security?of?the?application.?
*?
*?It?should?be?configured?inside?the?web.xml.?
*?
*? @author ?Derek?Y.?Shen?
*/ ?
public ? class ?SecurityFilter? implements ?Filter? {?
// the?login?page?uri?
private ? static ? final ?String?LOGIN_PAGE_URI? = ? " login.jsf " ;?
// the?logger?object?
private ?Log?logger? = ?LogFactory.getLog( this .getClass());?
// a?set?of?restricted?resources?
private ?Set?restrictedResources;?
/** ?
*?Initializes?the?Filter.?
*/ ?
public ? void ?init(FilterConfig?filterConfig)? throws ?ServletException? {?
this .restrictedResources? = ? new ?HashSet();?
this .restrictedResources.add( " /createProduct.jsf " );?
this .restrictedResources.add( " /editProduct.jsf " );?
this .restrictedResources.add( " /productList.jsf " );?
} ?
/** ?
*?Standard?doFilter?object.?
*/ ?
public ? void ?doFilter(ServletRequest?req,?ServletResponse?res,?FilterChain?chain)?
throws ?IOException,?ServletException? {?
this .logger.debug( " doFilter " );?
String?contextPath? = ?((HttpServletRequest)req).getContextPath();?
String?requestUri? = ?((HttpServletRequest)req).getRequestURI();?
this .logger.debug( " contextPath?=? " ? + ?contextPath);?
this .logger.debug( " requestUri?=? " ? + ?requestUri);?
if ?( this .contains(requestUri,?contextPath)? && ? ! this .authorize((HttpServletRequest)req))? {?
this .logger.debug( " authorization?failed " );?
((HttpServletRequest)req).getRequestDispatcher(LOGIN_PAGE_URI).forward(req,?res);?
} ?
else ? {?
this .logger.debug( " authorization?succeeded " );?
chain.doFilter(req,?res);?
} ?
} ?
public ? void ?destroy()? {} ?
private ? boolean ?contains(String?value,?String?contextPath)? {?
Iterator?ite? = ? this .restrictedResources.iterator();?
while ?(ite.hasNext())? {?
String?restrictedResource? = ?(String)ite.next();?
if ?((contextPath? + ?restrictedResource).equalsIgnoreCase(value))? {?
return ? true ;?
} ?
} ?
return ? false ;?
} ?
private ? boolean ?authorize(HttpServletRequest?req)? {?
// 處理用戶登錄?
/* ?UserBean?user?=?(UserBean)req.getSession().getAttribute(BeanNames.USER_BEAN);?
if?(user?!=?null?&&?user.getLoggedIn())?{?
//user?logged?in?
return?true;?
}?
else?{?
return?false;?
} */ ?
} ?
} ?
五 利用Filter限制用戶瀏覽權限
在一個系統中通常有多個權限的用戶。不同權限用戶的可以瀏覽不同的頁面。使用Filter進行判斷不僅省下了代碼量,而且如果要更改的話只需要在Filter文件里動下就可以。
以下是Filter文件代碼:
import
?java.io.IOException;?
import ?javax.servlet.Filter;?
import ?javax.servlet.FilterChain;?
import ?javax.servlet.FilterConfig;?
import ?javax.servlet.ServletException;?
import ?javax.servlet.ServletRequest;?
import ?javax.servlet.ServletResponse;?
import ?javax.servlet.http.HttpServletRequest;?
public ? class ?RightFilter? implements ?Filter? {?
public ? void ?destroy()? {?
} ?
public ? void ?doFilter(ServletRequest?sreq,?ServletResponse?sres,?FilterChain?arg2)? throws ?IOException,?ServletException? {?
// ?獲取uri地址?
HttpServletRequest?request = (HttpServletRequest)sreq;?
String?uri? = ?request.getRequestURI();?
String?ctx = request.getContextPath();?
uri? = ?uri.substring(ctx.length());?
// 判斷admin級別網頁的瀏覽權限?
if (uri.startsWith( " /admin " ))? {?
if (request.getSession().getAttribute( " admin " ) == null )? {?
request.setAttribute( " message " , " 您沒有這個權限 " );?
request.getRequestDispatcher( " /login.jsp " ).forward(sreq,sres);?
return ;?
} ?
} ?
// 判斷manage級別網頁的瀏覽權限?
if (uri.startsWith( " /manage " ))? {?
// 這里省去?
} ?
} ?
// 下面還可以添加其他的用戶權限,省去。?
} ?
public ? void ?init(FilterConfig?arg0)? throws ?ServletException? {?
} ?
}?
<!-- ?判斷頁面的訪問權限? --> ?
< filter > ?
< filter - name > RightFilter </ filter - name > ?
< filter - class > cn.itkui.filter.RightFilter </ filter - class > ?
</ filter > ?
< filter - mapping > ?
< filter - name > RightFilter </ filter - name > ?
< url - pattern >/ admin /* </url-pattern>?
</filter-mapping>?
<filter-mapping>?
<filter-name>RightFilter</filter-name>?
<url-pattern>/manage/*</url-pattern>?
</filter-mapping>?
在web.xml中加入Filter的配置,如下:?
<filter>?
<filter-name>EncodingAndCacheflush</filter-name>?
<filter-class>EncodingAndCacheflush</filter-class>?
<init-param>?
<param-name>encoding</param-name>?
<param-value>UTF-8</param-value>?
</init-param>?
</filter>?
<filter-mapping>?
<filter-name>EncodingAndCacheflush</filter-name>?
<url-pattern>/*</url-pattern>?
</filter-mapping>?
要傳遞參數的時候最好使用form進行傳參,如果使用鏈接的話當中文字符的時候過濾器轉碼是不會起作用的,還有就是頁面上
http://maqianli.iteye.com/blog/290423
import ?javax.servlet.Filter;?
import ?javax.servlet.FilterChain;?
import ?javax.servlet.FilterConfig;?
import ?javax.servlet.ServletException;?
import ?javax.servlet.ServletRequest;?
import ?javax.servlet.ServletResponse;?
import ?javax.servlet.http.HttpServletRequest;?
public ? class ?RightFilter? implements ?Filter? {?
public ? void ?destroy()? {?
} ?
public ? void ?doFilter(ServletRequest?sreq,?ServletResponse?sres,?FilterChain?arg2)? throws ?IOException,?ServletException? {?
// ?獲取uri地址?
HttpServletRequest?request = (HttpServletRequest)sreq;?
String?uri? = ?request.getRequestURI();?
String?ctx = request.getContextPath();?
uri? = ?uri.substring(ctx.length());?
// 判斷admin級別網頁的瀏覽權限?
if (uri.startsWith( " /admin " ))? {?
if (request.getSession().getAttribute( " admin " ) == null )? {?
request.setAttribute( " message " , " 您沒有這個權限 " );?
request.getRequestDispatcher( " /login.jsp " ).forward(sreq,sres);?
return ;?
} ?
} ?
// 判斷manage級別網頁的瀏覽權限?
if (uri.startsWith( " /manage " ))? {?
// 這里省去?
} ?
} ?
// 下面還可以添加其他的用戶權限,省去。?
} ?
public ? void ?init(FilterConfig?arg0)? throws ?ServletException? {?
} ?
}?
<!-- ?判斷頁面的訪問權限? --> ?
< filter > ?
< filter - name > RightFilter </ filter - name > ?
< filter - class > cn.itkui.filter.RightFilter </ filter - class > ?
</ filter > ?
< filter - mapping > ?
< filter - name > RightFilter </ filter - name > ?
< url - pattern >/ admin /* </url-pattern>?
</filter-mapping>?
<filter-mapping>?
<filter-name>RightFilter</filter-name>?
<url-pattern>/manage/*</url-pattern>?
</filter-mapping>?
在web.xml中加入Filter的配置,如下:?
<filter>?
<filter-name>EncodingAndCacheflush</filter-name>?
<filter-class>EncodingAndCacheflush</filter-class>?
<init-param>?
<param-name>encoding</param-name>?
<param-value>UTF-8</param-value>?
</init-param>?
</filter>?
<filter-mapping>?
<filter-name>EncodingAndCacheflush</filter-name>?
<url-pattern>/*</url-pattern>?
</filter-mapping>?
要傳遞參數的時候最好使用form進行傳參,如果使用鏈接的話當中文字符的時候過濾器轉碼是不會起作用的,還有就是頁面上
http://maqianli.iteye.com/blog/290423
?
更多文章、技術交流、商務合作、聯系博主
微信掃碼或搜索:z360901061
微信掃一掃加我為好友
QQ號聯系: 360901061
您的支持是博主寫作最大的動力,如果您喜歡我的文章,感覺我的文章對您有幫助,請用微信掃描下面二維碼支持博主2元、5元、10元、20元等您想捐的金額吧,狠狠點擊下面給點支持吧,站長非常感激您!手機微信長按不能支付解決辦法:請將微信支付二維碼保存到相冊,切換到微信,然后點擊微信右上角掃一掃功能,選擇支付二維碼完成支付。
【本文對您有幫助就好】元
