基于过滤器链的『权限验证及乱码问题』的标准解决方案

综合示例：权限验证+解决乱码的标准解决方案

前置课程

• 项目目录结构：

第一步：用户登录页面login.jsp

    login
    


    
        用户名：
        密码：
        
    

第二步：网站首页：index.jsp

    首页


    欢迎您：${user}

第三步：请求首页的Servlet：DemoServlet.java

@WebServlet(urlPatterns = "/sec/demoServlet")
public class DemoServlet extends HttpServlet {
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        request.getRequestDispatcher("/WEB-INF/sec/index.jsp").forward(request, response);
    }
}

第四步：处理用户登录的Servlet：LoginServlet.java

@WebServlet(urlPatterns = "/loginServlet")
public class  LoginServlet extends HttpServlet {
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        String uname = request.getParameter("uname");
        String upwd = request.getParameter("upwd");

        if ("张三".equals(uname) && "1234".equals(upwd)) {//如果登录成功
            HttpSession session = request.getSession(); //获取Session
            session.setMaxInactiveInterval(30*60); //设置session的有效时间为60s
            session.setAttribute("user",uname);//将用户信息放到Session中
            request.getRequestDispatcher("/WEB-INF/sec/index.jsp").forward(request, response);
        }
    }
}

第五步：验证用户是否登录的Filter：AuthFilter.java

@WebFilter(urlPatterns = "/sec/*")
public class AuthFilter implements Filter {
    public void destroy() {
    }

    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) resp;

        HttpSession session = request.getSession();

        Object user = session.getAttribute("user");
        if (user == null) { //如果用户没有登录，跳转到登录页面
            request.getRequestDispatcher("/login.jsp").forward(request, response);
            return; //如果有过滤器链，不再执行后面的过滤器
        }
        chain.doFilter(req, resp);
    }

    public void init(FilterConfig config) throws ServletException {

    }

}

第六步：解决中文乱码的Filter：EncodeFilter

@WebFilter(urlPatterns = "/*")
public class EncodeFilter implements Filter {
    public void destroy() {
    }

    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) resp;

        request.setCharacterEncoding("UTF-8");
        response.setCharacterEncoding("UTF-8");
        response.setContentType("text/html;charset=utf-8");

        chain.doFilter(req, resp);
    }

    public void init(FilterConfig config) throws ServletException {

    }

}

第七步：运行

1. 请求http://localhost:8080/sec/demoServlet，打开用户登录页面，在其中输入用户名和密码
2. 单击提交按钮，打开首页