Nic*_*lla 2 java servlets servlet-filters
我想帮助理解java Filters的特定行为:我编写了一个简单的Filter来获取所有用户请求,如果未记录的用户需要受限资源,则过滤器会将用户转发到主页.这是我的代码:
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
// TODO Auto-generated method stub
// place your code here
HttpServletRequest req = (HttpServletRequest) request;
String uri = req.getRequestURI();
System.out.println("\n\nFILTERING...\n\n");
//Se la risorsa appartiene all'area ristretta e l'utente non è
//loggato lo sbatto fuori
if(uri.contains("restricted") && (req.getSession(false) == null || req.getSession(false).getAttribute("user") == null)) {
System.out.println("\n\nCannot access\n\n");
//((HttpServletResponse) response).sendRedirect("/Hotel/index.jsp");
req.getRequestDispatcher("/index.jsp").forward(request, response);
}
else {
// pass the request along the filter chain
System.out.println("\n\nNext step\n\n");
chain.doFilter(request, response);
}
}
和web.xml中的映射:
<filter>
<filter-name>MyFilter</filter-name>
<filter-class>mycontroller.MyFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>MyFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
对我来说奇怪的是,如果我通过URL询问受限资源,则在移动到主页之前会多次调用doFilter方法(服务器记录'过滤...无法访问'4,5次).我正在使用Tomcat 7.有人可以帮助我理解吗?非常感谢
您已映射过滤器/*.因此它将拦截每个 HTTP请求.不仅是HTML/JSP页面,还有CSS,JS和图像文件等静态资源.显然,您已经请求了一个HTML/JSP页面,该页面又引用了几个CSS,JS和/或图像文件.
您在过滤器中的检查也很差.您应该更好地映射过滤器/restricted/*.
<url-pattern>/restricted/*</url-pattern>
然后从过滤器的代码中删除该URI检查.如果将这些静态资源放在该映射之外,例如在/static或/resources等中,则不会为它们调用过滤器.
| 归档时间: |
|
| 查看次数: |
2391 次 |
| 最近记录: |