以下示例显示了如何使用@WebFilter注解创建servlet过滤器。我们将创建一个简单的过滤器,该过滤器将检查http会话对象中是否存在属性。如果未找到任何属性,则此过滤器会将用户重定向到登录页面。
package org.nhooo.example.filter;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebFilter(urlPatterns = {"/*"}, description = "Session Checker Filter")
public class SessionCheckerFilter implements Filter {
private FilterConfig config = null;
public void init(FilterConfig config) throws ServletException {
this.config = config;
config.getServletContext().log("Initializing SessionCheckerFilter");
}
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain)
throws ServletException, IOException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
//
// 检查用户的会话属性是否包含一个属性
//命名为AUTHENTICATED。如果该属性不存在,则重定向
// 用户登录页面。
//
if (!request.getRequestURI().endsWith("login.jsp") &&
request.getSession().getAttribute("AUTHENTICATED") == null) {
response.sendRedirect(request.getContextPath() + "/login.jsp");
}
chain.doFilter(req, res);
}
public void destroy() {
config.getServletContext().log("Destroying SessionCheckerFilter");
}
}在Servlet 3.0规范中定义的@WebFilter注解诞生之前。为了使过滤器起作用,我们必须在web.xml中使用filter和filter-mapping元素将其注册到文件中。并且一旦激活,它将与当前Servlet上下文的过滤器链中的其他过滤器协作。