Java Web 开发从入门到实践课件 第7章 - 过滤器和监听器

JavaWeb开发从入门到实践JavaWebDevelopmentFromIntroductiontoPractice过滤器和监听器Chap07提纲过滤器和监听器过滤器和监听器分别用于处理用户输入的事件和动态监控应用程序的状态变化。7.1过滤器7.2监听器7.3本章小结7.1过滤器7.1.1过滤器的概念7.1.2配置过滤器7.1.3过滤器的生命周期7.1.4过滤器的链及执行顺序7.1.5过滤器的应用7.1.1过滤器的概念过滤器（Filter）的作用就是把浏览器对资源的请求拦截下来。图

7-1

过滤器的工作原理7.1.1过滤器的概念过滤器需要实现jakarta.servlet.Filter接口publicvoidinit(FilterConfigfilterConfig)throwsServletException{}

publicvoiddoFilter(ServletRequestservletRequest,ServletResponseservletResponse,FilterChainfilterChain)throwsIOException,ServletException{}

publicvoiddestroy(){}init()方法该方法用来初始化过滤器对象doFilter()方法该方法是主要实现过滤的方法destroy()方法该方法的作用是释放过滤器中使用的资源，是在关闭Web服务器时执行

7.1.2配置过滤器配置过滤器有两种方法一是在web.xml中配置二是通过注解配置<filter>

<filter-name>myFilter</filter-name>

<filter-class>com.swxy.filter.MyFilter</filter-class></filter>

<filter-mapping>

<filter-name>myFilter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>@WebFilter(filterName="myFilter",

//指定Filter的name属性，等价于<filter-name>标签 urlPatterns="/*",

//指定Filter的URL匹配模式

initParams={

//设置过滤器的初始参数

@WebInitParam(name="username",value="Charles")})

publicclassMyFilterimplementsFilter{//省略}7.1.3过滤器的生命周期过滤器的生命周期是：实例化→初始化→过滤→销毁。图

7-2

过滤器和Servlet的生命周期7.1.3过滤器的生命周期案例：过滤器、Servlet的生命周期示例MyFilter.java@WebFilter("/*")

publicclassMyFilterimplementsFilter{

publicMyFilter(){

System.out.println("Filter构造方法");

}

@Override

publicvoidinit(FilterConfigfilterConfig)throwsServletException{

System.out.println("Filter初始化");

}

7.1.3过滤器的生命周期@Override

publicvoiddoFilter(ServletRequestservletRequest,ServletResponseservletResponse,FilterChainfilterChain)throwsIOException,ServletException{

System.out.println("过滤前");

filterChain.doFilter(servletRequest,servletResponse);//放行

System.out.println("过滤后");

}

@Override

publicvoiddestroy(){

System.out.println("Filter销毁方法");

}

}7.1.3过滤器的生命周期@WebServlet("/myServlet") publicclassMyServletextendsHttpServlet{ publicMyServlet(){System.out.println("Servlet构造方法");} @Override publicvoidinit()throwsServletException{ System.out.println("Servlet初始化方法"); } @Override protectedvoidservice(HttpServletRequestreq,HttpServletResponseresp)throwsServletException,IOException{ System.out.println("Servlet的service()方法"); } @Override publicvoiddestroy(){ System.out.println("Servlet销毁方法"); } }MyServlet.java7.1.3过滤器的生命周期查看测试结果Filter构造方法Filter初始化Servlet构造方法Servlet初始化方法过滤前Servlet的service()方法过滤后Servlet销毁方法Filter销毁方法7.1.4过滤器的链及执行顺序过滤器链是指在一个Web应用，可以配置多个过滤器，这些过滤器称为过滤器链。图

7-3

过滤器链过滤器链7.1.4过滤器的链及执行顺序执行过滤器1的放行前逻辑代码执行过滤器1的放行代码执行过滤器2的放行前逻辑代码执行过滤器2的放行代码执行过滤器3的放行前逻辑代码执行过滤器3的放行代码访问Web资源执行过滤器3的放行后逻辑代码执行过滤器2的放行后逻辑代码执行过滤器1的放行后逻辑代码7.1.4过滤器的链及执行顺序过滤器的执行顺序过滤器的拦截路径相同时：首先按照<filter-mapping>标记在web.xml中出现的先后顺序执行过滤器然后接照过滤器类名的字典顺序执行注解的过滤器。7.1.5过滤器的应用JavaWeb过滤器是一种用于拦截、处理和修改请求和响应的组件，用于实现一些通用的功能字符编码转换过滤器1、EncodingFilter.java@WebFilter(urlPatterns="/*", initParams={@WebInitParam(name="encoding",value="UTF-8")})

publicclassEncodingFilterimplementsFilter{

privateStringencoding="";

@Override

publicvoidinit(FilterConfigfilterConfig)throwsServletException{

this.encoding=filterConfig.getInitParameter("encoding");

}

7.1.5过滤器的应用@Override

publicvoiddoFilter(ServletRequestservletRequest,ServletResponseservletResponse,FilterChainfilterChain)throwsIOException,ServletException{

HttpServletRequestrequest=(HttpServletRequest)servletRequest;

//转子接口

HttpServletResponseresponse=(HttpServletResponse)servletResponse;//转子接口

Stringmethod=request.getMethod();//获取请求方式（如GET、POST等）

if("POST".equals(method)){//请求方式为POST时，中文乱码的处理

request.setCharacterEncoding(encoding);

}else{//请求方式为GET时，中文乱码的处理

Enumeration<String>parameterNames=request.getParameterNames();

while(parameterNames.hasMoreElements()){

Stringelement=parameterNames.nextElement();

Stringvalue=request.getParameter(element);

if(value!=null&&!"".equals(value)){

value=newString(value.trim().getBytes("ISO-8859-1"),encoding);

}

}

}filterChain.doFilter(servletRequest,servletResponse);//过滤器放行

}

7.1.5过滤器的应用 @Override

publicvoiddestroy(){

Filter.super.destroy();

}

}2、EncodingFilter.java@WebServlet("/encodingServlet")

publicclassEncodingServletextendsHttpServlet{

@Override

protectedvoiddoGet(HttpServletRequestreq,HttpServletResponseresp)throwsServletException,IOException{

Stringusername=req.getParameter("username");System.out.println(username);

}

}7.1.5过滤器的应用脏字过滤器1、准备属性文件perties。在项目src下新建文件夹“resource”，在该文件夹下创建文件perties狗屁=***废物=***该文件经过native2ascii编码后才能使用，命令语法如下：native2ascii-encodingutf-8源文件转换后文件7.1.5过滤器的应用2、定义响应器包装类publicclassReplaceWrapperextendsHttpServletResponseWrapper{

privateCharArrayWritercharWriter=newCharArrayWriter();

publicReplaceWrapper(HttpServletResponseresponse){

super(response);//必须调用父类构造方法

}

publicPrintWritergetWriter()throwsIOException{

returnnewPrintWriter(charWriter);//字符数组缓存输出内容

}

publicCharArrayWritergetCharWriter(){

returncharWriter;

}

}7.1.5过滤器的应用3、定义用来替换脏字的过滤器@WebFilter(urlPatterns="/*",initParams={@WebInitParam(name="path",value="resource/perties")})publicclassReplaceFilterimplementsFilter{ privatePropertiesproperties=newProperties(); @Override publicvoidinit(FilterConfigfilterConfig)throwsServletException{

Stringpath=filterConfig.getInitParameter("path");//获取初始化参数（文件名） try{ //加载资源文件 properties.load(ReplaceFilter.class.getClassLoader().getResourceAsStream(path)); }catch(Exceptione){ e.printStackTrace(); }

}

7.1.5过滤器的应用 @Override publicvoiddoFilter(ServletRequestservletRequest,ServletResponseservletResponse,FilterChainfilterChain)throwsIOException,ServletException{

HttpServletResponseresponse=(HttpServletResponse)servletResponse; ReplaceWrapperresp=newReplaceWrapper(response);//实例化响应器包装类 filterChain.doFilter(servletRequest,resp); Stringstr=resp.getCharWriter().toString();//缓存输出字符 for(Objecto:properties.keySet()){//循环文件(如：perties)中的key Stringkey=(String)o;

str=str.replace(key,properties.getProperty(key));//替换非法字符 } PrintWriterout=response.getWriter();//使用原来的HttpServletResponse输出字符 out.write(str); }}7.1.5过滤器的应用@WebServlet("/replaceFilterServlet")publicclassReplaceFilterServletextendsHttpServlet{ @Override protectedvoiddoGet(HttpServletRequestreq,HttpServletResponseresp)throwsServletException,IOException{ resp.setContentType("text/html;charset=UTF-8"); PrintWriterout=resp.getWriter(); out.println("<!DOCTYPEhtml>"); out.println("<HTML>"); out.println("<HEAD><TITLE>脏字过滤器的使用</TITLE></HEAD>"); out.println("helloeveryone！大家好<br/>狗屁<br/>废物"); out.println("</HTML>"); out.flush(); out.close(); }}4、编写一个Servlet用来测试脏字过滤器7.1.5过滤器的应用5、测试结果图

7-5

测试脏字过滤器7.2监听器7.2.1监听对象生命周期的监听器7.2.2监听对象属性的监听器7.2.3监听Session对象状态变化的监听器7.2监听器表

7-1

监听器接口和方法类别监听接口方法生命周期监听器ServletContextListenervoidcontextInitialized(ServletContextEventsce)voidcontextDestroyed(ServletContextEventsce)HttpSessionListenervoidsessionCreated(HttpSessionEventse)voidsessionDestroyed(HttpSessionEventse)ServletRequestListenervoidrequestDestroyed(ServletRequestEventsre)voidrequestInitialized(ServletRequestEventsre)对象属性监听器ServletContextAttributeListenervoidattributeAdded(ServletContextAttributeEventscae)voidattributeRemoved(ServletContextAttributeEventscae)voidattributeReplaced(ServletContextAttributeEventscae)HttpSessionAttributeListenervoidattributeAdded(HttpSessionBindingEventse)voidattributeRemoved(HttpSessionBindingEventse)voidattributeReplaced(HttpSessionBindingEventse)ServletRequestAttributeListenervoidattributeAdded(ServletRequestAttributeEventsrae)voidattributeRemoved(ServletRequestAttributeEventsrae)voidattributeReplaced(ServletRequestAttributeEventsrae)Session对象状态变化监听器HttpSessionBindingListenervoidvalueBound(HttpSessionBindingEventevent)voidvalueUnbound(HttpSessionBindingEventevent)HttpSessionActivationListenervoidsessionWillPassivate(HttpSessionEventse)voidsessionDidActivate(HttpSessionEventse)在Web应用中，监听器是指应用通过监听事件来监听请求中的行为而创建的一组类。7.2.1监听对象生命周期的监听器监听对象生命周期的监听器有三个：ServletContextListener、HttpSessionListener和ServletRequestListener。ServletContextListener用于监听应用启动和停止事件，提供了两个抽象方法publicvoidcontextInitialized(ServletContextEventsce){}//已完成加载Web应用和初始化参数publicvoidcontextDestroyed(ServletContextEventsce){}//Web应用即将关闭7.2.1监听对象生命周期的监听器案例：ServletContextListener的使用1、MyServletContextListener类，实现ServletContextListener接口publicclassMyServletContextListenerimplementsServletContextListener{

@Override

publicvoidcontextInitialized(ServletContextEventsce){

ServletContextservletContext=sce.getServletContext();//获取ServletContext对象

Stringusername=servletContext.getInitParameter("username");//获取初始化值

System.out.println("参数username："+username);

}

@Override

publicvoidcontextDestroyed(ServletContextEventsce){

System.out.println("释放资源");

}

}7.2.1监听对象生命周期的监听器2、在web.xml中配置监听器<context-param> <param-name>username</param-name> <param-value>Charles</param-value></context-param><listener> <listener-class>com.swxy.listener.MyServletContextListener</listener-class></listener>图

7-6

启动服务器获取初始化参数3、启动服务器Tomcat7.2.1监听对象生命周期的监听器HttpSessionListenerHttpSessionListener接口提供了二个抽象方法voidsessionCreated(HttpSessionEventse){}//创新了新的会话

voidsessionDestroyed(HttpSessionEventse){}//销毁了一个会话7.2.1监听对象生命周期的监听器案例：利用HttpSessionListener统计在线人数1、创建类MyHttpSessionListener实现HttpSessionListener接口packagecom.swxy.listener;

//导入包省略

@WebListener

publicclassMyHttpSessionListenerimplementsHttpSessionListener{

intonline=1;//记录在线人数

@Override

publicvoidsessionCreated(HttpSessionEventse){

ServletContextservletContext=se.getSession().getServletContext();//获取Application对象

Objectcount=servletContext.getAttribute("count");

if(count!=null){

online=Integer.parseInt(count.toString());

online++;//创建Session时，在线人数+1

}

servletContext.setAttribute("count",online);//在线人数存储到Application作用域中

7.2.1监听对象生命周期的监听器}@Override

publicvoidsessionDestroyed(HttpSessionEventse){

ServletContextservletContext=se.getSession().getServletContext();

Objectcount=servletContext.getAttribute("count");

if(count!=null){

online=Integer.parseInt(count.toString());

online--;//销毁Session对象时，在线人数-1

}

servletContext.setAttribute("count",online);

}

}7.2.1监听对象生命周期的监听器2、创建类OnLineServlet继承HttpServlet@WebServlet("/OnLineServlet")publicclassOnLineServletextendsHttpServlet{ @Override protectedvoidservice(HttpServletRequestreq,HttpServletResponseresp)throwsServletException,IOException{ resp.setContentType("text/html;charset=UTF-8");//设置响应类型及编码 HttpSessionsession=req.getSession();//创建Session对象 Stringlogout=req.getParameter("logout"); if("true".equals(logout)){ session.invalidate(); }

7.2.1监听对象生命周期的监听器2、创建类OnLineServlet继承HttpServlet Integercount=(Integer)session.getServletContext().getAttribute("count");//获取在线人数 PrintWriterout=resp.getWriter(); out.write("<h2>在线人数："+count+"</h2>"); out.write("<h3><ahref='OnLineServlet?logout=true'>注销</a></h3>"); }}3、测试结果图

7-7

运行结果图

7-8

点击注销后的运行结果7.2.1监听对象生命周期的监听器ServletRequestListenerServletRequestListener接口提供了二个抽象方法publicvoidrequestInitialized(ServletRequestEventsre){}//创建了新的Request对象publicvoidrequestDestroyed(ServletRequestEventsre){}//已经销毁了Request对象在Web应用中，有以下两种方式配置ServletRequestListener1、在web.xml文件中配置<listener>

<listener-class>com.swxy.listener.MyServletRequestListener</listener-class></listener>2、注解方式@WebListenerpublicclassMyServletRequestListenerimplementsServletRequestListener{}7.2.2监听对象属性的监听器监听对象生命周期的监听器有三个：ServletContextAttributeListener、HttpSessionAttributeListener、ServletRequestAttributeListener。ServletContextAttributeListenerServletContextAttributeListener接口提供了三个抽象方法voidattributeAdded(ServletContextAttributeEventscae){}//属性被添加到Application中时调用voidattributeRemoved(ServletContextAttributeEventscae){}//属性从Application中移除时调

voidattributeReplaced(ServletContextAttributeEventscae){}//属性被修改时调用在Web应用中，有以下两种方式配置ServletContextAttributeListener。1、在web.xml文件中配置<listener>

<listener-class>com.swxy.listener.MyServletContextAttributeListener</listener-class></listener>7.2.2监听对象属性的监听器2、注解方式@WebListenerpublicclassMyServletContextAttributeListenerimplementsServletContextAttributeListener{}7.2.2监听对象属性的监听器HttpSessionAttributeListenervoidattributeAdded(HttpSessionBindingEventse){}//属性被添加到Session中时调用voidattributeRemoved(HttpSessionBindingEventse){}//属性从Session中移除时调用voidattributeReplaced(HttpSessionBindingEventse){}//属性被修改时调用HttpSessionAttributeListener接口提供了三个抽象方法ServletRequestAttributeListenervoidattributeAdded(ServletRequestAttributeEventsrae){}//属性被添加到Request中时调用voidattributeRemoved(ServletRequestAttributeEventsrae){}//属性从Request中移除时调用voidattributeReplaced(ServletRequestAttributeEventsrae){}//属性被修改时调用ServletRequestAttributeListener接口可以用来监听Request对象加入属性、移除属性和替换属性时响应的动作事件，该接口提供了三个抽象方法在Web应用中，配置方式同样有二种方式：在web.xml中配置和注解，与ServletContextAttributeListener配置类似。7.2.3监听Session对象状态变化的监听器监听Session对象状态变化的监听器有二个：HttpSessionBindingListener和HttpSessionActivationListenerHttpSessionBindingListenerHttpSessionBindingListener是“HttpSession对象绑定监听器”，用来监听HttpSession中，设置成HttpSession属性或从HttpSession中移除时得到Session的通知。voidvalueBound(HttpSessionBindingEventevent){}//已经绑定一个Session范围的对象或者变量voidvalueUnbound(HttpSessionBindingEventevent){}//已经解绑了Session范围的对象或者变量HttpSessionActivationListenerHttpSessionActivationListener是“HttpSession对象转移监听器”，HttpSessionActivationListener的实现类也必须实现Serializable接口voidsessionWillPassivate(HttpSessionEventse){}//session中的对象持久化到存储设备时调用voidsessionDidActivate(HttpSessionEventse){}//对象被重新加载时执行该方法7.2.3监听Session对象状态变化的监听器应用实例创建类MyHttpSessionBindingActivationListenerpublicclassMyHttpSessionBindingActivationListenerimplementsHttpSessionBindingListener,

HttpSessionActivationListener,Serializable{

@Override

publicvoidsessionWillPassivate(Ht