可以在过滤器中执行身份认证。 在这里,我们将如何在过滤器类检查由用户提交的密码,如果给定密码为admin,它将把请求转发到WelcomeAdmin servlet,否则会显示错误消息。
使用过滤器验证用户的示例
下面来看看如何使用过滤器验证用户的简单示例。
在这个示例中创建了以下几个主要的代码文件:
- index.html - 首页
- MyFilter.java - 过滤器,用于处理用户登录信息和跳转。
- AdminServlet.java - 管理员的Servlet
- web.xml - 项目描述符和配置信息。
打开Eclipse,创建一个动态Web项目:AuthenticationFilter,其完整的目录结构如下所示 -
以下是这个项目中的几个主要的代码文件。
文件:index.html -
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Servlet身份验证过滤器</title>
</head>
<body>
<div style="font-align: center;">
<form action="login" method="post">
用户名:<input type="text" name="username" value="maxsu"/>密码:<input type="password"
name="password" /><input type="submit" value="登录">
</form>
</div>
</body>
</html>
文件:MyFilter.java -
package com.yiibai;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.*;
public class MyFilter implements Filter {
public void init(FilterConfig arg0) throws ServletException {
//
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
request.setCharacterEncoding("UTF-8");
PrintWriter out = response.getWriter();
String password = request.getParameter("password");
if (password == null) {
password = "";
}
if (password.equals("admin")) {
chain.doFilter(request, response);// sends request to next resource
} else {
out.print("用户名或密码错误!");
RequestDispatcher rd = request.getRequestDispatcher("index.html");
rd.include(request, response);
}
}
public void destroy() {
System.out.println("MyFilter.destroy()");
}
}
文件:AdminServlet.java -
package com.yiibai;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.*;
public class AdminServlet extends HttpServlet {
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
request.setCharacterEncoding("UTF-8");
PrintWriter out = response.getWriter();
out.print("欢迎您来到 ADMIN页面~");
out.close();
}
}
文件:web.xml -
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
id="WebApp_ID" version="3.1">
<display-name>AuthenticationFilter</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>AdminServlet</servlet-name>
<servlet-class>com.yiibai.AdminServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>AdminServlet</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
<filter>
<filter-name>f1</filter-name>
<filter-class>com.yiibai.MyFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>f1</filter-name>
<url-pattern>/login</url-pattern>
</filter-mapping>
</web-app>
在编写上面代码后,部署此Web应用程序(在项目名称上点击右键->”Run On Server…”),打开浏览器访问URL: http://localhost:8080/SimpleFilter/ ,如果没有错误,应该会看到以下结果 -
输入密码:admin,然后提交表单登录,应该会看到以下结果 -
