一、字符过滤器
(1)Java class编写:
package com.struts2.project.util.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; public class CharacterFilter implements Filter{ private static String character=null; public void destroy() { } public void doFilter(ServletRequest req, ServletResponse res, FilterChain fch) throws IOException, ServletException { req.setCharacterEncoding(character); res.setCharacterEncoding(character); fch.doFilter(req, res); } @SuppressWarnings("static-access") public void init(FilterConfig config) throws ServletException { this.character=config.getInitParameter("character"); if(this.character==null){ throw new RuntimeException("提示:not found parameter named character"); } } }
(2)web.xml文件
<filter> <filter-name>character</filter-name> <filter-class>com.struts2.project.util.filter.CharacterFilter</filter-class> <init-param> <param-name>character</param-name>
<param-value>UTF-8</param-value> </init-param> </filter> <filter-mapping> <filter-name>character</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
(3)jsp页面字符编码:pageEncoding="UTF-8";
二、session过滤器
(1)Java class编写:
publicclass FilterDemo implements Filter{ publicvoid destroy() {} publicvoid doFilter(ServletRequest sreq, ServletResponse response,FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request=(HttpServletRequest)sreq; HttpSession session = request.getSession(false); if(session == null) { //如果是session超时,在此处做处理 } if(request.getRequestURI().endsWith("download.do")) { //此处可以针对不同的请求根据用户是否具有权限来做处理 } request.getRequestDispatcher("/Error.jsp").forward(request,response); } publicvoid init(FilterConfig filterConfig) throws ServletException {} }
然后将新建的Filter添加到web.xml中,部署Filter需要添加两部分:
(2)web.xml文件
filter元素位于部署描述符文件(web.xml)的前部,所有filter-mapping、servlet或servlet-mapping元素之前。
<filter> <filter-name>SessionFilter</filter-name> <filter-class>myPackage.FilterDemo</filter-class> </filter> <filter-mapping> <filter-name>SessionFilter</filter-name> <url-pattern>*.do</url-pattern> </filter-mapping>
以上内容表示所以的请求中以.do结尾的都有首先通过我们这里指定的过滤器:
(3)Servlet来测试:
publicclass DownLoadDemo extends HttpServlet { privatestaticfinallongserialVersionUID = 1L; public DownLoadDemo() { super(); } protectedvoid doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { this.doPost(request, response); } protectedvoid doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.getRequestDispatcher("/DownLoadExcel.jsp"). forward(request, response); } }
在web.xml中部署好该servlet
<servlet> <servlet-name>DownLoadDemo</servlet-name> <servlet-class>com.sinosoft.base.sessiondemo.DownLoadDemo</servlet-class> </servlet> <servlet-mapping> <servlet-name>DownLoadDemo</servlet-name> <url-pattern>/download</url-pattern> </servlet-mapping>
新建jsp来测试index.jsp
<body> <form action="download.do"> <a href = 'DownLoadExcel.jsp'>导出Excel</a> <input type='submit'/> </form> </body>
使用一个是超链接的形式,一个是通过servlet来跳转,当点击提交按钮时会被拦截,而直接点击超链接就不会被拦截,因为我们的Filter中配置的是拦截.do形式的,如果要拦截jsp也可以使用<url-pattern>DownLoadExcel.jsp </url-pattern>
再添加一个错误页面Error.jsp
<body>
<h1>对不起,你没有权限</h1>
</body>
三、用户浏览权限过滤
(1)Java class编写:
import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; public class RightFilter implements Filter { public void destroy() { } public void doFilter(ServletRequest sreq, ServletResponse sres, FilterChain arg2) throws IOException, ServletException { // 获取uri地址 HttpServletRequest request=(HttpServletRequest)sreq; String uri = request.getRequestURI(); String ctx=request.getContextPath(); uri = uri.substring(ctx.length()); //判断admin级别网页的浏览权限 if(uri.startsWith("/admin")) { if(request.getSession().getAttribute("admin")==null) { request.setAttribute("message","您没有这个权限"); request.getRequestDispatcher("/login.jsp").forward(sreq,sres); return; } } //判断manage级别网页的浏览权限 if(uri.startsWith("/manage")) { //这里省去 } } //下面还可以添加其他的用户权限,省去。 } public void init(FilterConfig arg0) throws ServletException { } }
(2)在web.xml中加入Filter的配置,如下:
<!-- 判断页面的访问权限 --> <filter> <filter-name>RightFilter</filter-name> <filter-class>cn.itkui.filter.RightFilter</filter-class> </filter> <filter-mapping> <filter-name>RightFilter</filter-name> <url-pattern>/admin/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>RightFilter</filter-name> <url-pattern>/manage/*</url-pattern> </filter-mapping>