The concept and structure of Servlet Filter

What does Servlet filter mean? What is the structure of the Servlet filter? What is implementation? To start our explanation:

1. What is a Servlet filter?

Servlet filters are small Web Components that intercept requests and responses to view, extract, or operate in some way the data being exchanged between the client and the server. Filters are Web Components that typically encapsulate some functions. These functions are important but not decisive for processing client requests or sending responses. Typical examples include recording data about requests and responses, processing security protocols, and managing session attributes. Filters provide an object-oriented modularization mechanism to encapsulate common tasks into pluggable components that are declared in a configuration file and processed dynamically.

Servlet filters combine many elements to make filters unique, powerful, and modular Web components. That is to say, the Servlet filter is:

◆ Declarative: the filter is declared using the xml tag in the Web deployment descriptor web. XML. This allows you to add and delete filters without modifying any application code or JSP pages.

◆ Dynamic: The Servlet container calls the filter at runtime to intercept and process requests and responses.

◆ Flexible: filters are widely used in Web processing environments and cover many of the most common auxiliary tasks, such as logging and security. Filters are flexible because they can be used to perform preprocessing and post-processing for Direct calls from clients and to process requests scheduled between Web components after the firewall. Finally, you can link the filter to provide the required functions.

◆ Modular: By encapsulating the application processing logic into a single class file, the filter defines modular units that can be easily added or deleted from the request/response chain.

◆ Portable: Like many other aspects of the Java platform, Servlet filters are portable across platforms and containers, further supporting the modularization and reusable nature of Servler filters.

◆ Reusable: thanks to the modular design of the filter implementation class and declarative filter configuration methods, filters can be easily used across different projects and applications.

◆ Transparent: A filter is included in the request/response chain, which is designed to supplement rather than replace in any way) core processing provided by servlet or JSP pages. Therefore, the filter can be added or deleted as needed without damaging the servlet or JSP page.

2. Servlet filter architecture

As its name implies, the Servlet filter is used to intercept incoming requests and/or outgoing responses and monitor, modify, or process the data streams being passed in some way. Filters are self-contained and modular components that can be added to the request/response chain or deleted without affecting other Web Components in the application. Filters are only used to modify the runtime processing of requests and responses. Therefore, they should not be directly embedded into the Web application framework, unless they are implemented through standard interfaces well defined in Servlet APIs.

Web resources can be configured as not associated with a filter, which is the default condition), associated with a single filter, which is a typical case), or even associated with a filter chain. So what exactly does the filter do? Like servlet, it accepts requests and responds to objects. The filter then checks the request object and decides to forward the request to the next component in the chain, or abort the request and send a response directly to the client. If the request is forwarded, it will be passed to another resource filter, servlet, or JSP page in the chain ). After the request is processed by the server through the filter chain, a response will be sent back through the chain in reverse order. This gives each filter the opportunity to process the response object as needed.

When filters are first introduced in the Servlet 2.3 specification, they can only filter content between the Web Client and the specified Web Resource accessed by the client. If the resource then schedules the request to other Web resources, you cannot apply the filter to any requests entrusted by the background. 2.4 The specification eliminates this restriction. Servlet filters can now be applied anywhere in the J2EE Web environment where request and response objects exist. Therefore, the Servlet filter can be applied between the client and servlet, between servlet and servlet or JSP pages, and between each included JSP page. This is what I call powerful capabilities and flexibility!

3. Compile the Servlet Filter Implementation class Program

The filter API contains three simple interfaces which are neatly nested in the javax. servlet package. The three interfaces are Filter, FilterChain, and FilterConfig. From the programming point of view, the Filter class will implement the Filter interface, and then use the FilterChain and FilterConfig interfaces in this Filter class. A reference to the filter class is passed to the FilterChain object, allowing the filter to pass control to the next resource in the chain. The FilterConfig object is provided to the filter by the container to allow access to the initialization data of the filter.

To be consistent with our three-step mode, the Filter must use three methods to fully implement the Filter interface:

Init (): This method is called when the container instantiates a filter. It is mainly designed to prepare the filter for processing. This method accepts an object of the FilterConfig type as input.

DoFilter (): Like servlet's method of having a service () method and calling doPost () or doGet () to process requests, does the filter have a single method used to process requests and responses? D? D doFilter (). This method accepts three input parameters: A ServletRequest, response, and a FilterChain object.

Destroy (): As you imagine, this method performs any cleanup operations that may need to be performed before automatic garbage collection.

 
 

  
  
SessionFilter.java  
  
  
package net.pms.web.filter;  
  
  
 
  
  
import java.io.IOException;  
  
  
 
  
  
import javax.servlet.Filter;  
  
  
import javax.servlet.FilterChain;  
  
  
import javax.servlet.FilterConfig;  
  
  
import javax.servlet.ServletException;  
  
  
import javax.servlet.ServletRequest;  
  
  
import javax.servlet.ServletResponse;  
  
  
import javax.servlet.http.HttpServletRequest;  
  
  
import javax.servlet.http.HttpServletResponse;  
  
  
import javax.servlet.http.HttpServletResponseWrapper;  
  
  
 
  
  
/**  
  
  
* @author jfish  
  
  
* @since 2006.1.12  
  
  
*/  
  
  
public class SessionFilter implements Filter {  
  
  
 
  
  
     public static boolean isContains(String container, String[] regx) {  
  
  
           boolean result = false;  
  
  
 
  
  
           for (int i = 0; i ﹤ regx.length; i++) {  
  
  
                 if (container.indexOf(regx[i]) != -1) {  
  
  
                       return true;  
  
  
                 }  
  
  
           }  
  
  
           return result;  
  
  
     }  
  
  
 
  
  
     public FilterConfig config;  
  
  
 
  
  
     public void setFilterConfig(FilterConfig config) {  
  
  
           this.config = config;  
  
  
     }  
  
  
 
  
  
     public FilterConfig getFilterConfig() {  
  
  
           return config;  
  
  
     }  
  
  
 
  
  
     public void doFilter(ServletRequest request, ServletResponse response,  
  
  
                 FilterChain chain) throws IOException, ServletException {  
  
  
 
  
  
           HttpServletRequest httpreq = (HttpServletRequest) request;  
  
  
           HttpServletResponse httpres = (HttpServletResponse) response;  
  
  
 
  
  
           HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper(  
  
  
                       (HttpServletResponse) response);  
  
  
           String logonStrings = config.getInitParameter("logonStrings");  
  
  
           String includeStrings = config.getInitParameter("includeStrings");  
  
  
           String redirectPath = httpreq.getContextPath()  
  
  
                       + config.getInitParameter("redirectPath");  
  
  
           String disabletestfilter = config.getInitParameter("disabletestfilter");  
  
  
 
  
  
           if (disabletestfilter.toUpperCase().equals("Y")) {  
  
  
                 chain.doFilter(request, response);  
  
  
                 return;  
  
  
           }  
  
  
           String[] logonList = logonStrings.split(";");  
  
  
           String[] includeList = includeStrings.split(";");  
  
  
           Object user = httpreq.getSession().getAttribute("userinfo");  
  
  
           if (user == null) {  
  
  
                 if (!this.isContains(httpreq.getRequestURI(), includeList)) {  
  
  
                       chain.doFilter(request, response);  
  
  
                       return;  
  
  
                 }  
  
  
                 if (this.isContains(httpreq.getRequestURI(), logonList)) {  
  
  
                       chain.doFilter(request, response);  
  
  
                       return;  
  
  
                 }  
  
  
                 wrapper.sendRedirect(redirectPath);  
  
  
 
  
  
           } else {  
  
  
                 chain.doFilter(request, response);  
  
  
           }  
  
  
     }  
  
  
 
  
  
     public void destroy() {  
  
  
           this.config = null;  
  
  
     }  
  
  
 
  
  
     public void init(FilterConfig filterConfig) throws ServletException {  
  
  
           this.config = filterConfig;  
  
  
     }  
  
  
} 
 
 

4. Configure the Servlet Filter

In web. xml:

 
 

  
  
  ﹤filter﹥  
  
  
     ﹤filter-name﹥SessionFilter﹤/filter-name﹥  
  
  
     ﹤filter-class﹥net.pms.web.filter.SessionFilter﹤/filter-class﹥  
  
  
     ﹤init-param﹥  
  
  
           ﹤param-name﹥logonStrings﹤/param-name﹥  
  
  
           ﹤param-value﹥login.jsp﹤/param-value﹥  
  
  
     ﹤/init-param﹥  
  
  
     ﹤init-param﹥  
  
  
           ﹤param-name﹥includeStrings﹤/param-name﹥  
  
  
           ﹤param-value﹥.jsp;.html﹤/param-value﹥  
  
  
     ﹤/init-param﹥  
  
  
     ﹤init-param﹥  
  
  
           ﹤param-name﹥redirectPath﹤/param-name﹥  
  
  
           ﹤param-value﹥/login.jsp﹤/param-value﹥  
  
  
     ﹤/init-param﹥  
  
  
     ﹤init-param﹥  
  
  
           ﹤param-name﹥disabletestfilter﹤/param-name﹥  
  
  
           ﹤param-value﹥N﹤/param-value﹥  
  
  
     ﹤/init-param﹥  
  
  
/filter﹥  
  
  
﹤filter-mapping﹥  
  
  
     ﹤filter-name﹥SessionFilter﹤/filter-name﹥  
  
  
     ﹤url-pattern﹥/*﹤/url-pattern﹥  
  
  
/filter-mapping﹥ 
 
 

The logonStrings parameter is displayed on the logon page.

Descridestrings: Filter page Parameters

RedirectPath, No Logon page

Disabletestfilter: whether the Servlet filter is valid.

1. Servlet and JSP paths
2. Servlet Lifecycle
3. Analysis of form data in JSP Servlet Technology
4. At the beginning of JSP Servlet Development
5. Java Servlet API documentation