Shulou(Shulou.com)06/02 Report--

How to analyze the concept and structure of Servlet filter, I believe that many inexperienced people do not know what to do about it. Therefore, this paper summarizes the causes and solutions of the problem. Through this article, I hope you can solve this problem.

What is the 1.Servlet filter?

Servlet filters are small Web components that intercept requests and responses to view, extract, or somehow manipulate the data being exchanged between the client and the server. Filters are Web components that typically encapsulate functions that, while important, are not decisive for processing client requests or sending responses. Typical examples include recording data about requests and responses, handling security protocols, managing session properties, and so on. Filters provide an object-oriented modular mechanism for encapsulating common tasks into pluggable components that are declared through a configuration file and processed dynamically.

Servlet filters combine many elements, making them unique, powerful, and modular Web components. That is, the Servlet filter is:

◆ declarative: the filter is declared through the XML tag in the Web deployment descriptor (web.xml). This allows you to add and remove filters without changing any application code or JSP pages.

◆ dynamic: filters are called by the Servlet container at run time to intercept and process requests and responses.

◆ flexible: filters are widely used in Web processing environments, covering many of the most common auxiliary tasks such as logging and security. Filters are also flexible because they can be used to perform preprocessing and post-processing on direct calls from the client, as well as to process requests scheduled between Web components behind the firewall. * filters can be linked to provide the necessary functionality.

◆ modular: filters define modular units that can be easily added or removed from the request / response chain by encapsulating application processing logic into a single class file.

◆ Portable: like many other aspects of the Java platform, Servlet filters are portable across platforms and containers, further supporting the modular and reusable nature of Servler filters.

◆ reusable: thanks to the modular design of filter implementation classes and declarative filter configuration, filters can be easily used across different projects and applications.

◆ transparent: including filters in the request / response chain is designed to complement (rather than in any way replace) the core processing provided by servlet or JSP pages. As a result, filters can be added or removed as needed without breaking servlet or JSP pages.

2.Servlet filter architecture

As its name implies, Servlet filters are used to intercept incoming requests and / or outgoing responses, and to monitor, modify, or somehow process incoming data streams. Filters are self-contained, modular components that can be added to the request / response chain or removed without affecting other Web components in the application. Filters are only runtime processing of change requests and responses, so they should not be directly embedded in the Web application framework unless they are implemented through a well-defined standard interface in Servlet API.

Web resources can be configured to have no filter associated with it (which is the default), to associate with a single filter (which is typical), or even to associate with a filter chain. So what exactly does the filter do? Like servlet, it accepts requests and responds to objects. The filter then examines the request object and decides to forward the request to the next component in the chain, or abort the request and send a response directly to the client. If the request is forwarded, it is passed to the next resource in the chain (another filter, servlet, or JSP page). After the request manages to pass through the filter chain and is processed by the server, a response will be sent back through the chain in reverse order. This gives each filter the opportunity to process the response object as needed.

When filters are introduced in the Servlet 2.3 specification, they can only filter content between the Web client and the specified Web resources accessed by the client. If the resource then dispatches the request to another Web resource, the filter cannot be applied to any request delegated behind the scenes. 2.4 the specification removes this limitation. Servlet filters can now be applied anywhere in the J2EE Web environment where request and response objects exist. Therefore, the Servlet filter can be applied between the client and servlet, between servlet and servlet or JSP pages, and between each JSP page included. This is what I call powerful ability and flexibility!

3. Write the program of Servlet filter implementation class

The filter API contains three simple interfaces that are neatly nested in the javax.servlet package. The three interfaces are Filter, FilterChain and FilterConfig. From a programming perspective, the filter class will implement the Filter interface and then use the FilterChain and FilterConfig interfaces in this filter class. A reference to the filter class is passed to the FilterChain object to allow the filter to pass control to the next resource in the chain. The FilterConfig object is provided to the filter by the container to allow access to the filter's initialization data.

To be consistent with our three-step pattern, the filter must apply three methods to fully implement the Filter interface:

Init (): this method is called when the container instantiates the filter and is designed to prepare the filter for processing. This method accepts an object of type FilterConfig as input.

DoFilter (): just as servlet has a service () method (which in turn calls doPost () or doGet ()) to process the request, the filter has a single method for processing requests and responses? ordered doFilter (). This method accepts three input parameters: a ServletRequest, response, and a FilterChain object.

Destroy (): as you might imagine, this method performs any cleanup operations that may need to be done before automatic garbage collection.

SessionFilter.java package net.pms.web.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponseWrapper / * @ author jfish * @ since January 12, 2006 * / public class SessionFilter implements Filter {public static boolean isContains (String container, String [] regx) {boolean result = false; for (int I = 0; I < regx.length; iTunes +) {if (container.indexOf (regx [I])! =-1) {return true }} return result;} public FilterConfig config; public void setFilterConfig (FilterConfig config) {this.config = config;} public FilterConfig getFilterConfig () {return config } public void doFilter (ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {HttpServletRequest httpreq = (HttpServletRequest) request; HttpServletResponse httpres = (HttpServletResponse) response; HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper ((HttpServletResponse) response); String logonStrings = config.getInitParameter ("logonStrings") String includeStrings = config.getInitParameter ("includeStrings"); String redirectPath = httpreq.getContextPath () + config.getInitParameter ("redirectPath"); String disabletestfilter = config.getInitParameter ("disabletestfilter"); if (disabletestfilter.toUpperCase (). Equals ("Y")) {chain.doFilter (request, response); return } String [] logonList = logonStrings.split (";"); String [] includeList = includeStrings.split (";"); Object user = httpreq.getSession (). GetAttribute ("userinfo"); if (user = = null) {if (! this.isContains (httpreq.getRequestURI (), includeList)) {chain.doFilter (request, response) Return;} if (this.isContains (httpreq.getRequestURI (), logonList)) {chain.doFilter (request, response); return;} wrapper.sendRedirect (redirectPath) } else {chain.doFilter (request, response);}} public void destroy () {this.config = null;} public void init (FilterConfig filterConfig) throws ServletException {this.config = filterConfig;}}

4. Configure Servlet filter

In web.xml:

< filter > < filter-name > SessionFilter < / filter-name > < filter-class > net.pms.web.filter.SessionFilter < / filter-class > < init-param > < param-name > logonStrings < / param-name > < param-value > login.jsp < / param-value > < / init-param > < init-param > < param -name > includeStrings < / param-name > < param-value > .jsp .html < / param-value > < / init-param > < init-param > < param-name > redirectPath < / param-name > < param-value > / login.jsp < / param-value > < / init-param > < init-param > < param-name > disabletestfilter < / param-name > < param-value > N < / param-value > < / init-param > / filter > < filter-mapping > < filter-name > SessionFilter < / filter-name > < url-pattern > / * < / url-pattern > / filter-mapping >

Parameter logonStrings, landing page

IncludeStrings, filtering page parameters

RedirectPath, did not log in to the redirection page

Whether the disabletestfilter,Servlet filter is valid.

After reading the above, have you mastered how to analyze the concept and structure of Servlet filter? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.