First, what is the filter? What do you got?
1, filter belongs to the servlet specification, from the 2.3 version began to have.
2, filter is the content of the access to filter (interception). Filter requests and responses using filters
Ii. preparation of steps and implementation process
1. Coding steps:
A, write a class: Implement Javax.servlet.Filter interface
public class FilterDemo1 implements Filter {public FilterDemo1 () {System.out.println ("default constructor method called");} Each time a user accesses a filtered resource, the method is called by the server to implement filtering public void DoFilter (ServletRequest request, Servletresponse Response,filterchain Chain) throws IOException, servletexception {System.out.println ("FilterDemo1 before Filtering");//interception of requests, code written in this chain.dofilter ( request, response);//release//intercept the response, the code is written in this System.out.println ("FilterDemo1 after performing the filter");} public void Destroy () {System.out.println ("Call Destruction Method");} public void init (Filterconfig filterconfig) throws Servletexception {System.out.println ("Call initialization Method");}}
B. Configure Web. XML to specify the resources that need to be filtered. (Quite similar to the configuration of the servlet)
2, the implementation process of the filter (life cycle)
Life cycle:
Birth: An instance of a filter is instantiated and initialized when the application is loaded.
Survival: Consistent with the life cycle of the application. In memory is a singleton. For access to resources within the interception range, each access calls void DoFIlter (Request,response.chain) for interception.
Death: The app is uninstalled.
Third, Series filter
One filter followed by another filter. Order of execution according to the order of Web. xml
Discretionary access will be directly FilterDemo2 to perform FILTERDEMO3.
Will output:
FilterDemo2 ago
FilterDemo3 ago
Execute content
After FilterDemo3
After FilterDemo2
Iv. case: 1. Garbled filter to resolve request parameters (POST) and response output
Filter to resolve POST request parameters and response encoding issues public class Setcharacterencodingfilter implements filter {private Filterconfig Filterconfig ;p ublic void init (Filterconfig filterconfig) throws servletexception {this.filterconfig = Filterconfig;} public void DoFilter (ServletRequest request, Servletresponse Response,filterchain chain) throws IOException, servletexception {String encoding = filterconfig.getinitparameter ("encoding");//The user may have forgotten to configure the parameter if (encoding==null) { encoding = "UTF-8";//Default code}request.setcharacterencoding (encoding);// Can only solve the Chinese problem of Post request parameter response.setcharacterencoding (encoding);//output stream encoding Response.setcontenttype ("text/html;charset=" + encoding);//output stream encoding, notifying the client should use the encoding Chain.dofilter (request, response);} public void Destroy () {}}
Write the encoding type in the filter parameter
2, dynamic resources do not cache the filter
SERVLET/JSP: Do not cache dynamic resources.
Here's how to convert ServletRequest and servletresponse to HttpServlet to avoid errors
HttpServletRequest request = null; HttpServletResponse response = null;try{Request = (httpservletrequest) req; Response = (httpservletresponse) resp;
}catch (Exception e) {throw new RuntimeException ("Not-http Request or Response");}
Control dynamic resource do not cache filter public class Nocachefilter implements filter {public void init (Filterconfig filterconfig) throws servletexception {}public void DoFilter (ServletRequest req, servletresponse resp,filterchain chain) throws IOException, servletexception {//httpservletrequest request = (httpservletrequest) req;//httpservletresponse response = ( HttpServletResponse) resp; Do not use this method httpservletrequest request = null; HttpServletResponse response = Null;try{request = (httpservletrequest) Req;response = (HttpServletResponse) resp;} catch (Exception e) {throw new RuntimeException ("Not-http Request or Response");} Response.setheader ("Expires", "1"), Response.setheader ("Cache-control", "No-cache"), Response.setheader ("Pragma", "No-cache"); Chain.dofilter (request, response);} public void Destroy () {}}
Dynamically filters out Servlets and JSPs
3, static resources to control the cache time filter
Control cache time for static resources public class Staticresourcesneedcachefilter implements Filter {private Filterconfig Filterconfig;public void init (Filterconfig filterconfig) throws servletexception {this.filterconfig = Filterconfig;} public void DoFilter (ServletRequest req, servletresponse resp,filterchain chain) throws IOException, Servletexception { HttpServletRequest request = null; HttpServletResponse response = Null;try{request = (httpservletrequest) Req;response = (HttpServletResponse) resp;} catch (Exception e) {throw new RuntimeException ("Not-http Request or Response");} Long time = 0;//cached//suffix according to the URI address requested by the User:/day19_00_filter/1.htmlstring uri = Request.getrequesturi (); String exname = uri.substring (Uri.lastindexof (".") +1); if ("html". Equals (Exname)) {String value = filterconfig.getinitparameter ("html");//hour time = Long.parselong (value) *60*60*1000;} if ("CSS". Equals (Exname)) {String value = Filterconfig.getinitparameter ("CSS");//hour time = Long.parselong (value) *60*60 *1000;} if ("JS". Equals (Exname)) {String value = FilTerconfig.getinitparameter ("JS");//hour time = Long.parselong (value) *60*60*1000;} Response.setdateheader ("Expires", System.currenttimemillis () +time); Expires Control Time Chain.dofilter (request, response);} public void Destroy () {}}
4,//* user Automatic login filter:
Use of MD5 encryption
BASE64 encoding: Very Important
Write
Automatic login filter public class Autologinfilter implements filter {private Businessservice s = new Businessserviceimpl ();p ublic voi D init (Filterconfig filterconfig) throws servletexception {}public void DoFilter (ServletRequest req, servletresponse Resp,filterchain chain) throws IOException, servletexception {httpservletrequest request = null; HttpServletResponse response = Null;try{request = (httpservletrequest) Req;response = (HttpServletResponse) resp;} catch (Exception e) {throw new RuntimeException ("Not-http Request or Response");} HttpSession session = Request.getsession ();//Determine if the user has logged in: Just do not login user Suser = (user) Session.getattribute ("User"); Suser==null) {//Find Logininfo Cookie: Just find the cookie cs[] = request.getcookies (); for (int i=0;cs!=null&&i< cs.length;i++) {if ("Logininfo". Equals (Cs[i].getname ())) {//Solve the user name (BASE64) and password (MD5) String Usernamepassword = Cs[i]. GetValue (); String username = Usernamepassword.split ("_") [0];//base64 encoded string password = Usernamepassword.split ("_") [1];// MD5 after encryption//call service againThe second authentication is correct for user user = S.login (securityutil.base64decode (username), password);//via: Login. Set the login token if (user!=null) {session.setattribute ("user", user) in HttpSession;}}} Chain.dofilter (request, response);} public void Destroy () {}}
Five, the filter configuration details
Vi. consolidation of decorative design patterns
First, decoration
1. Write a class that implements the same interface as the wrapper class (the database-driven implementation of connection). (Enables the same behavior for this class and the drive implementation of the database)
2. Define a variable that references the instance of the wrapped class.
3. Define the constructor method and pass in the instance of the wrapped class.
4, for the method to rewrite, write your own code can.
5. For methods that do not require rewriting, call the corresponding method of the original object.
Second, the decorative variant (BufferedReader itself is the packaging class, the packaging of reader. LineNumberReader, the packaging of BufferedReader, or his sub-category)
1, write a class, inheritance is already a wrapper class class.
2. Define a variable that references the instance of the wrapped class.
3. Define the constructor method and pass in the instance of the wrapped class.
4, covering the need to rewrite the method
Vii. case: 1, solve the whole station Chinese garbled filter
Solved the problem of post garbled problem here add get
1. Define a class encodinghttpservletrequest inherit httpservletrequestwrapper before the wrapper to get the method you want
2. Rewrite the Httpservletrequestwrapper getparameter method.
3. Use the super.getcharacterencoding () encoding to return the value of the get passed in
You can get the proper encoding if you use the Get method
public class Setcharacterencodingfilter implements Filter {private filterconfig filterconfig;public void Init ( Filterconfig filterconfig) throws servletexception {this.filterconfig = Filterconfig;} public void DoFilter (ServletRequest req, servletresponse resp,filterchain chain) throws IOException, Servletexception { HttpServletRequest request; HttpServletResponse response;try{request = (httpservletrequest) Req;response = (HttpServletResponse) resp;} catch (Exception e) {throw new RuntimeException ("Non-http Request or Response");} String encoding = filterconfig.getinitparameter ("encoding");//The user may have forgotten to configure the parameter if (encoding==null) {encoding = "UTF-8";// The default encoding}request.setcharacterencoding (encoding),//can only resolve the POST request parameters of the Chinese Problem response.setcharacterencoding (encoding); Output stream encoding Response.setcontenttype ("text/html;charset=" +encoding);//output stream encoding notifies the client of the encoding that should be used Encodinghttpservletrequest Erequest = new Encodinghttpservletrequest (request); Chain.dofilter (erequest, response);} public void Destroy () {}}class encodinghttpservletrequest exTends Httpservletrequestwrapper{public encodinghttpservletrequest (HttpServletRequest request) {super (request); public string GetParameter (string name) {String value = Super.getparameter (name); if (value==null) return value;// Just get the way if ("get". Equalsignorecase (Super.getmethod ())) {try {value = new String (value.getbytes ("iso-8859-1"), Super.getcharacterencoding ());} catch (Unsupportedencodingexception e) {e.printstacktrace ();}} return value;}}
2, filter dirty words filter
1. New Dwhttpservletrequest class inherits Httpservletrequestwrapper,
2. Packaging GetParameter Hair Method filter Dirty Words
3. When the content is executed, the request is dwhttpservletrequest, so the method used is Dwhttpservletrequest getparameter.
public class Dirtywordsfilter implements Filter {public void init (filterconfig Filterconfig) throws servletexception {}public void DoFilter (ServletRequest req, servletresponse resp,filterchain chain ) throws IOException, servletexception {httpservletrequest request; HttpServletResponse response;try{request = (httpservletrequest) Req;response = (HttpServletResponse) resp;} catch (Exception e) {throw new RuntimeException ("Non-http Request or Response");} Dwhttpservletrequest dwrequest = new Dwhttpservletrequest (request); Chain.dofilter (dwrequest, response);} public void Destroy () {}}class dwhttpservletrequest extends httpservletrequestwrapper{private string[] STRs = {"Beast", "Beast" , "Silly B", "Zhang Yinpeng"};p ublic dwhttpservletrequest (HttpServletRequest request) {super (request); public string GetParameter (string name) {String value = Super.getparameter (name); if (value==null) return value;for ( String s:strs) {value = Value.replace (S, "* *");} return value;}}
3. HTML tag Filter
Methods and the first 2 kinds of similar
public class Htmlfilter implements Filter {public void init (Filterconfig filterconfig) throws servletexception {}public vo ID DoFilter (servletrequest req, servletresponse resp,filterchain chain) throws IOException, Servletexception { HttpServletRequest request; HttpServletResponse response;try{request = (httpservletrequest) Req;response = (HttpServletResponse) resp;} catch (Exception e) {throw new RuntimeException ("Non-http Request or Response");} Htmlhttpservletrequest hrequest = new Htmlhttpservletrequest (request); Chain.dofilter (hrequest, response);} public void Destroy () {}}class htmlhttpservletrequest extends Httpservletrequestwrapper{public htmlhttpservletrequest (HttpServletRequest request) {super (request);} public string GetParameter (string name) {String value = Super.getparameter (name); if (value==null) return value;value = Htmlfilter (value);//escape character return value;} private string Htmlfilter (String message) {if (message = = NULL) return (NULL); Char content[] = new Char[message.lenGth ()]; Message.getchars (0, Message.length (), content, 0); StringBuffer result = new StringBuffer (content.length + 50); for (int i = 0; i < Content.length, i++) {switch (Content[i]) {case ' < ': ResU Lt.append ("<"); Break Case ' > ': Result.append (">"); Break Case ' & ': Result.append ("&"); Break Case ' ': Result.append ("" "); Break Default:result.append (Content[i]); }} return (Result.tostring ());}}
4,//* full-station compression filter (difficult)
public class Gzipfilter implements Filter {public void init (Filterconfig filterconfig) throws servletexception {}public vo ID DoFilter (servletrequest req, servletresponse resp,filterchain chain) throws IOException, Servletexception { HttpServletRequest request; HttpServletResponse response;try{request = (httpservletrequest) Req;response = (HttpServletResponse) resp;} catch (Exception e) {throw new RuntimeException ("Non-http Request or Response");} Gziphttpservletresponse gresponse = new Gziphttpservletresponse (response); Chain.dofilter (request, gresponse);// The target resource executes after execution: to compress byte b[] = Gresponse.getbytes (),//To get the original data for the encoded key point System.out.println ("Pre-Compression size:" +b.length);// Determine if the customer supports gzip compression string acceptencoding = Request.getheader ("accept-encoding"); if (acceptencoding!=null&& Acceptencoding.contains ("gzip")) {//support bytearrayoutputstream out = new Bytearrayoutputstream (); Gzipoutputstream gout = new Gzipoutputstream (out); Gout.write (b); Gout.close (); b = Out.tobytearray ();// Compressed data System.out.println ("Compressed size:" +b.length);//Tell the browser compression mode Response.setheader ("content-encoding", "gzip"); Response.setcontentlength (b.length);//Tell the client, the length of the body} Response.getoutputstream (). write (b);} public void Destroy () {}}class Gziphttpservletresponse extends Httpservletresponsewrapper{private Bytearrayoutputstream BAOs = new Bytearrayoutputstream ()///store intercepted data private printwriter PW = Null;public Gziphttpservletresponse (HttpServletResponse response) {super (response);} Intercept output data: Put into BAOs public servletoutputstream Getoutputstream () throws IOException {return new Myservletoutputstream ( BAOs);} Character stream: Intercept put into BAOs public printwriter getwriter () throws IOException {pw = new PrintWriter (new OutputStreamWriter (BAOs, Super.getcharacterencoding ())); return PW;} Gets the intercepted data public byte[] GetBytes () {try {if (pw!=null) {pw.close ();} Baos.flush ();} catch (IOException e) {e.printstacktrace ();} return Baos.tobytearray ();}} Class Myservletoutputstream extends Servletoutputstream{private bytearrayoutputstream baos;public Myservletoutputstream (Bytearrayoutputstream BAOs) {THis.baos = BAOs;} public void Write (int b) throws IOException {baos.write (b);}}
Javaweb Back < 12 > filter garbled, non-cached, dirty language, tagging, automatic login, full-station compression filter