一、登錄校驗

代碼

package com.qingfeng.filter; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import java.io.IOException; /*** @author 清風*/ @WebFilter(value = "/*") @SuppressWarnings("all") public class LoginFilter implements Filter {@Overridepublic void init(FilterConfig filterConfig) throws ServletException {}@Overridepublic void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {/*** 將ServletRequest強制轉換為HttpServletRequest協議* ServletRequest：只包含了一些基本信息，沒有請求相關的信息*/HttpServletRequest servletRequest = (HttpServletRequest) request;/*** 獲取請求地址* String getRequestURI()*/String URI = servletRequest.getRequestURI();/*** 如果包含如下資源，那么直接放行* /login.jsp* /loginServlet*/if (URI.contains("/login.jsp") || URI.contains("/loginServlet")|| URI.contains("register.jsp")||URI.contains("/registerServlet")) {filterChain.doFilter(request, response);} else {/*** 如果session對象不為空，那么直接放行* 說明已經登錄* */Object user = servletRequest.getSession().getAttribute("user");if (user != null) {filterChain.doFilter(request, response);} else {/*** 如果session對象中沒有user,* 說明沒有登錄,* 則跳轉到登錄界面，* 并給出提示信息*/servletRequest.setAttribute("msg", "你尚未登錄");servletRequest.getRequestDispatcher("/login.jsp").forward(request, response);}}}@Overridepublic void destroy() {} }

二、敏感字符過濾

代碼：

package com.qingfeng.filter; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import java.io.BufferedReader; import java.io.FileNotFoundException; import java.io.FileReader; import java.io.IOException; import java.lang.reflect.InvocationHandler; import java.lang.reflect.Method; import java.lang.reflect.Proxy; import java.util.ArrayList; import java.util.List; /*** @author 清風*/ @WebFilter("/*") public class WorldFilter implements Filter {private List<String> list = new ArrayList<>();@Overridepublic void init(FilterConfig filterConfig) throws ServletException {ServletContext context = filterConfig.getServletContext();/*** 獲取用于校驗的詞典真實路徑*/String path = context.getRealPath("/WEB-INF/classes/words.txt");try {/*** 依次讀取詞典的內容* 然后把讀取到的內容存入一個集合中* 然后依次比較，如果用戶輸入的字符串和詞典中詞匯相同，* 那么將用“***”替換字符串*/BufferedReader bufferedReader = new BufferedReader(new FileReader(path));String line = null;while ((line = bufferedReader.readLine()) != null) {list.add(line);}} catch (Exception e) {e.printStackTrace();}}@Overridepublic void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {/*** 通過動態代理的方式獲取請求對象，* 并增強其對象**/ServletRequest servlet = (ServletRequest) Proxy.newProxyInstance(servletRequest.getClass().getClassLoader(),servletRequest.getClass().getInterfaces(), new InvocationHandler() {@Overridepublic Object invoke(Object proxy, Method method, Object[] args) throws Throwable {/*** 獲取要增強的方法名*/if ("getParameter".equals(method.getName())) {/*** 執行方法* 該方法會返回一個字符串（對象），也就是請求傳過來的值*/String value = (String) method.invoke(servletRequest, args);/*** 判斷字符串是否為空*/if (value != null) {/*** 循環遍歷集合，依次比較，* 如果內容和詞典內容有相同的，* 那么將用“***”進行替換*/for (String s : list) {if (value.contains(s)) {value = value.replace(value, "***");}}}return value;}/*** 如果沒有敏感字符，那么直接返回*/return method.invoke(servletRequest, args);}});filterChain.doFilter(servlet, servletResponse);}@Overridepublic void destroy() {} }

總結

以上是生活随笔為你收集整理的用java servlet Filter编写过滤器的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。