filter称之为过滤器,不像Servlet,它不处理具体的业务逻辑,它是一个中间者,它能够按照具体的规则拦截我们的请求和响应,并执行响应的操作。
筛选的是前端往后端发送的请求 加过滤器 这些请求会先到过滤器 再到后端
进行设置的筛选
public class LoginFilter extends HttpFilter {
@Override
protected void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
//创建白名单
List<String> witheNames = Arrays.asList(request.getContextPath() + "/login", request.getContextPath() + "/login.jsp");
// 如果在白名单我就放行
if (witheNames.contains(request.getRequestURI())) {
chain.doFilter(request, response);
} else {
HttpSession session = request.getSession(false);
// 有用户信息说明已经登录
if (session != null && session.getAttribute("user") != null) {
chain.doFilter(request, response);
} else {
response.sendRedirect(request.getContextPath() + "/login.jsp");
}
}
}
}
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.ydlclass.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>