Web應(yīng)用開發(fā): JSP語法編程實踐(六):Filter和Listener編程實踐

一、實驗內(nèi)容

1、Filter的理解和應(yīng)用
實現(xiàn)一個禁止緩存的過濾器。
要求和提示:
(1)禁止瀏覽器緩存所有動態(tài)頁面;
(2)有3個http響應(yīng)頭字段可以禁止瀏覽器緩存當前頁面,它們在Servlet中的示例代碼如下。
response.setDateHeader("Expires",-1);
response.setHeader("Cache-Control","no-cache");
response.setHeader("Pragma","no-cache");
(3)并不是所有的瀏覽器都能完全支持上面的3個響應(yīng)頭,因此最好是同時使用上面的3個響應(yīng)頭。
2、Filter的理解和應(yīng)用
設(shè)計一個簡單的IP地址過濾器,根據(jù)用戶的IP地址進行網(wǎng)站的訪問控制。例如:禁止IP地址處在192.168.2網(wǎng)段的用戶對網(wǎng)站的訪問。
3、Listener的理解和應(yīng)用
通過監(jiān)聽器記錄在線用戶的姓名,在頁面進行用戶姓名的顯示,同時實現(xiàn)對某個用戶的強制下線功能。

二、實驗要求

源代碼和測試截圖(均直接輸入到答題框中)

三、實驗原理

過濾器原理

直白的說,就是這幅圖
對應(yīng)的是以下代碼里面的三個方法


屏幕快照 2018-11-22 上午10.32.16.png

注意web.xml格式

<filter>

         <filter-name>此處給過濾器起一個名字</filter-name>

         <filter-class>此處寫過濾器實現(xiàn)類的全類名</filter-class>

         <init-param>

            <param-name>此處填寫該過濾器初始化參數(shù)的名稱</param-name>

            <param-value>此處填寫該過濾器初始化參數(shù)的值</param-value>

         </init-param>

      </filter>

   <filter-mapping>

       <filter-name>此處用上邊起過的名字</filter-name>

       <url-mapping>此處寫我們需要過濾哪些URL請求</url-mapping>

       <dispacher>REQUEST,FORWORDMINCLUDE.ERROE</dispacher>

四、實驗代碼

實驗1??:

分為三個文件FirstFilter.java(用于執(zhí)行過濾器的業(yè)務(wù)邏輯)、web.xml(用于配置過濾器的映射)、index.jsp(用作展示的頁面)

//FirstFilter.java
package topus;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
//import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Servlet Filter implementation class FirstFilter
 */
@WebFilter("/FirstFilter")
public class FirstFilter implements Filter {

    /**
     * Default constructor. 
     */
    public FirstFilter() {
        // TODO Auto-generated constructor stub
    }

    /**
     * @see Filter#destroy()
     */
    public void destroy() {
        System.out.println("First Filter------Destory");
    }

    /**
     * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
     */
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        
        System.out.println("First Filter------doFilter start");     
        
        //HttpServletRequest req=(HttpServletRequest) request;  
        HttpServletResponse res=(HttpServletResponse) response;  
   
        res.setDateHeader("Expires",-1);// //指定網(wǎng)頁在緩存中的過期時間
        res.setHeader("Cache-Control","no-cache");// //HTTP消息頭,控制網(wǎng)頁的緩存
        res.setHeader("Pragma","no-cache");// //禁止瀏覽器從緩存中調(diào)閱頁面內(nèi)容

        // pass the request along the filter chain
        chain.doFilter(request, response);
        
        System.out.println("First Filter------doFilter end");
    }

    /**
     * @see Filter#init(FilterConfig)
     */
    public void init(FilterConfig fConfig) throws ServletException {
        System.out.println("First Filter------Init");
    }

}


//web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
  <display-name>shiyan10-1</display-name>
  
  <filter>
    <filter-name>firstFilter</filter-name>
    <filter-class>topus.FirstFilter</filter-class>
  </filter>
  
  <filter-mapping>
    <filter-name>firstFilter</filter-name>
    <!-- 代指所有url -->
    <url-pattern>/*</url-pattern>
  </filter-mapping>

</web-app>

//index.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
<h2>Hello World!</h2>
  
<%
    System.out.println("index.jsp------");
%>

</body>
</html>
實驗結(jié)果
no-cache

注意在此,檢測辦法是在Chrome-右鍵-檢查-network-選擇對應(yīng)文件-header,如果出現(xiàn)no-cache則證明過濾成功

實驗2??:

思路:訪問index.jxp,觸發(fā)過濾器,篩選IP,若不滿足則跳轉(zhuǎn)到error.jsp
index.jxp

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
<h2>index!</h2>
  
<%
    System.out.println("index.jsp------");
%>
</body>
</html>

error.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
<h2>error!</h2>
  
<%
    System.out.println("error.jsp------");
%>
</body>
</html>

IPFilter.jsp

package topus;

import java.io.IOException;
//import java.net.InetAddress;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

//import org.apache.tomcat.util.codec.binary.StringUtils;


/**
 * Servlet Filter implementation class IPFilter
 */
@WebFilter("/IPFilter")
public class IPFilter implements Filter {


    
    /**
     * Default constructor. 
     */
    public IPFilter() {
        // TODO Auto-generated constructor stub
    }

    /**
     * @see Filter#destroy()
     */
    public void destroy() {
        // TODO Auto-generated method stub
    }

    /**
     * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
     */
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request1  = (HttpServletRequest)request;
        HttpServletResponse response1 = (HttpServletResponse)response;
        
        
        //四種痛苦的嘗試
        //1.這里tomcat只能獲取IPV6的地址0:0:0:0:0:0:0:1不好判斷
        //String ip= request.getRemoteAddr();
        
        //2.如此之判斷還是得不到
        /*
        String ip = request1.getHeader("x-forwarded-for");
        if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
            ip = request1.getHeader("Proxy-Client-IP");
        }
        if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
            ip = request1.getHeader("WL-Proxy-Client-IP");
        }
        if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
            ip = request1.getRemoteAddr();
        }
        */
        
        //3.這里用getLocalHost()模擬
        //getLocalHost()僅返回象征本地主機的InetAddress對象
        //InetAddress inet = InetAddress.getLocalHost();
        //String ip= inet.getHostAddress();
        
        //4.這里用字符模擬假的ip實例(前面實力勸退)
        String ip =  "192.165.2.47" ;
        System.out.println("the ip is"+ip);
        
         //拆分字符
         int ad = Integer.parseInt(ip.substring(ip.lastIndexOf(".") + 1));
         
        if(ad >= 1 && ad <= 50){
            response.setContentType("text/html;charset=utf-8");
            //跳轉(zhuǎn)到error.jsp
            request1.getRequestDispatcher("error.jsp").forward(request1, response1);
        }
        else{
            chain.doFilter(request, response);
        }
    }
    
    /**
     * @see Filter#init(FilterConfig)
     */
    public void init(FilterConfig fConfig) throws ServletException {
        // TODO Auto-generated method stub
    }

}
IP不符合要求不允許訪問

實驗3??:

實驗三比較復雜,思路正確實現(xiàn)起來還是很簡單的,項目結(jié)構(gòu):


項目結(jié)構(gòu)

流程圖
實驗10-3.gif

login.jsp (登錄界面)

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>登錄界面</title>
</head>
<body>
<form name="logForm" action="loginPro.jsp" method="get">
    <p>用戶名:<input type="text" name="username"></p>
    <p><input type="submit" value="登錄"></p>
</form>
</body>
</html>

loginPro.jsp (用于對登錄界面的值進行處理,以及觸發(fā)監(jiān)聽器)

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>登錄界面解析</title>
</head>
<body>

<%      
        String username =  request.getParameter("username");
        session.setAttribute("username",username);
        //直接跳轉(zhuǎn)
        /* response.sendRedirect("users.jsp"); */
    
        if(!username.isEmpty()){
            out.println(username+"登陸成功");
        }else out.println("登陸失敗");
%>
    <a href="users.jsp">跳轉(zhuǎn)到用戶中心</a>
</body>
</html>

logout.jsp(退出按鈕所跳轉(zhuǎn)的界面,用于對退出進行處理)

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8" import="java.util.Map" import="topus.UserSessionInfo" import="topus.MySessionContext"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>用戶退出</title>
</head>
<body>
    <p>該用戶已經(jīng)退出本系統(tǒng)!</p>
    <a href="users.jsp">跳轉(zhuǎn)到用戶中心</a>
    
    <%
    
    String sessionID = request.getParameter("sessionID");
    //out.println(sessionID);
        
    MySessionContext myc= MySessionContext.getInstance();  
    HttpSession sess = myc.getSession(sessionID);  
        
    //HttpSession sess = session.getSessionContext().getSession(sessionID) ;
    sess.invalidate(); // 本次會話對象失效
        //session.removeAttribute("username");
        //response.sendRedirect("users.jsp");
        
        
        
        
        //Map<String, UserSessionInfo> onlineRegister=(Map<String, UserSessionInfo>) application.getAttribute("onlineRegister");
        //onlineRegister.remove(sess.getId());
        //application.setAttribute("onlineRegister",onlineRegister); 
        
        //Map<String, UserSessionInfo> onlineRegister = (Map<String, UserSessionInfo>) session.getServletContext().getAttribute("onlineRegister");
        //onlineRegister.remove(session.getId());
        //session.getServletContext().setAttribute("onlineRegister",onlineRegister);
    %>
    
</body>
</html>

users.jsp(用戶管理中心,用于顯示在線用戶的信息,以及對在線用戶進行強制下線操作)

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
   <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>用戶管理中心</title>
</head>
<body>
<%-- ${applicationScope.onlineRegister} --%>
<c:forEach items="${applicationScope.onlineRegister}" var="mapRegister">
        <p>
            用戶名:${mapRegister.value.username},會話創(chuàng)建時間:
            <fmt:formatDate value="${mapRegister.value.creationDate}"
                pattern="yyyy-MM-dd HH:mm:ss" />
                <%-- sessionID:${mapRegister.value.sessionID} --%>
                
                <a href="logout.jsp?sessionID=${mapRegister.value.sessionID}">退出</a>
                
                
        </p>
    </c:forEach>
</body>
</html>

MySessionAttributeListener.java(SessionAttributeListener監(jiān)聽器,用于監(jiān)聽session的參數(shù),如在logPro.jsp內(nèi)的session.setAttribute有用到)

package topus;

import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.annotation.WebListener;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionAttributeListener;
import javax.servlet.http.HttpSessionBindingEvent;




/**
 * Application Lifecycle Listener implementation class MySessionAttributeListener
 *
 */
@WebListener
public class MySessionAttributeListener implements HttpSessionAttributeListener {

    /**
     * Default constructor. 
     */
    public MySessionAttributeListener() {
        // TODO Auto-generated constructor stub
    }

    /**
     * @see HttpSessionAttributeListener#attributeAdded(HttpSessionBindingEvent)
     */
    @SuppressWarnings("unchecked")
    public void attributeAdded(HttpSessionBindingEvent arg0)  { 
        HttpSession session = arg0.getSession();
        
        String username = (String) session.getAttribute("username");
        if (username != null) {
            
            //給用戶模型賦值
            UserSessionInfo userSessionBean = new UserSessionInfo(username,session.getId(), new Date(session.getCreationTime()));
            
            //建一個map表
            Map<String, UserSessionInfo> onlineRegister = (Map<String, UserSessionInfo>) session.getServletContext().getAttribute("onlineRegister");
            if (onlineRegister == null) {
                
                onlineRegister = new HashMap<String, UserSessionInfo>();
            }
            
            //將sessionId和用戶模型一一對應(yīng)構(gòu)成一個單獨的個體
            onlineRegister.put(session.getId(), userSessionBean);
            
            //set回去
            session.getServletContext().setAttribute("onlineRegister",onlineRegister);
        }
    }

    /**
     * @see HttpSessionAttributeListener#attributeRemoved(HttpSessionBindingEvent)
     */
    @SuppressWarnings("unchecked")
    public void attributeRemoved(HttpSessionBindingEvent arg0)  { 
         // TODO Auto-generated method stub
        if ("username".equals(arg0.getName())) {
            HttpSession session = arg0.getSession();
            
            Map<String, UserSessionInfo> onlineRegister = (Map<String, UserSessionInfo>) session
                    .getServletContext().getAttribute("onlineRegister");
            
            onlineRegister.remove(session.getId());
            
            session.getServletContext().setAttribute("onlineRegister",
                    onlineRegister);
        }
    }

    /**
     * @see HttpSessionAttributeListener#attributeReplaced(HttpSessionBindingEvent)
     */
    public void attributeReplaced(HttpSessionBindingEvent arg0)  { 
         // TODO Auto-generated method stub
    }
    
}

MySessionContext.java和SessionListener.java 用于完成通過seesionID來獲取到session的事件,魔改過來使用
作者csdn鏈接:https://blog.csdn.net/sihai12345/article/details/81098765


package topus;

import java.util.HashMap;

import javax.servlet.http.HttpSession;

public class MySessionContext {
    private static MySessionContext instance;  
    private HashMap<String,HttpSession> sessionMap;  

    private MySessionContext() {  
        sessionMap = new HashMap<String,HttpSession>();  
    }  

    public static MySessionContext getInstance() {  
        if (instance == null) {  
            instance = new MySessionContext();  
        }  
        return instance;  
    }  

    public synchronized void addSession(HttpSession session) {  
        if (session != null) {  
            sessionMap.put(session.getId(), session);  
        }  
    }  

    public synchronized void delSession(HttpSession session) {  
        if (session != null) {  
            sessionMap.remove(session.getId());  
        }  
    }  

    public synchronized HttpSession getSession(String sessionID) {  
        if (sessionID == null) {  
            return null;  
        }  
        return sessionMap.get(sessionID);  
    }  

}


package topus;

import javax.servlet.annotation.WebListener;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;

/**
 * Application Lifecycle Listener implementation class SessionListener
 *
 */
@WebListener
public class SessionListener implements HttpSessionListener {

    
    private MySessionContext myc = MySessionContext.getInstance();  
    /**
     * Default constructor. 
     */
    public SessionListener() {
        // TODO Auto-generated constructor stub
    }

    /**
     * @see HttpSessionListener#sessionCreated(HttpSessionEvent)
     */
    public void sessionCreated(HttpSessionEvent se)  { 
         // TODO Auto-generated method stub
        HttpSession session = se.getSession();  
        myc.addSession(session);  
        
    }

    /**
     * @see HttpSessionListener#sessionDestroyed(HttpSessionEvent)
     */
    public void sessionDestroyed(HttpSessionEvent se)  { 
         // TODO Auto-generated method stub
        HttpSession session = se.getSession();  
        myc.delSession(session); 
        
    }
    
}

UserSessionInfo.jsp(用于構(gòu)建用戶數(shù)據(jù)模型的Javabean)

package topus;

import java.util.Date;

public class UserSessionInfo {

    private String username;
    
    private String sessionID;
    
    private Date creationDate;
    
    public UserSessionInfo(){
        
    }

    public UserSessionInfo(String username, String sessionID, Date creationDate) {
        super();
        this.username = username;
        this.sessionID = sessionID;
        this.creationDate = creationDate;
    }

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getSessionID() {
        return sessionID;
    }

    public void setSessionID(String sessionID) {
        this.sessionID = sessionID;
    }

    public Date getCreationDate() {
        return creationDate;
    }

    public void setCreationDate(Date creationDate) {
        this.creationDate = creationDate;
    }

}

項目截圖:


5.png
6.png
7.png
1.png
2.png
3.png
4.png
8.png
最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時請結(jié)合常識與多方信息審慎甄別。
平臺聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點,簡書系信息發(fā)布平臺,僅提供信息存儲服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

  • Spring Cloud為開發(fā)人員提供了快速構(gòu)建分布式系統(tǒng)中一些常見模式的工具(例如配置管理,服務(wù)發(fā)現(xiàn),斷路器,智...
    卡卡羅2017閱讀 136,534評論 19 139
  • 本文包括:1、Filter簡介2、Filter是如何實現(xiàn)攔截的?3、Filter開發(fā)入門4、Filter的生命周期...
    廖少少閱讀 7,512評論 3 56
  • 前端開發(fā)者丨h(huán)ttp請求 https:www.rokub.com 前言見解有限, 如有描述不當之處, 請幫忙指出,...
    麋鹿_720a閱讀 11,279評論 11 31
  • 與對企業(yè)自身有利的成員利益合作經(jīng)營是一種應(yīng)對挑戰(zhàn)和尋求突破性發(fā)展的解決方式和戰(zhàn)略。一個企業(yè)不可能為所有人提供全部產(chǎn)...
    HR馬閱讀 496評論 0 0
  • 高中寢室,上鋪,夜很深,室友都睡了。 記不清楚季節(jié),身體緊挨著,我平躺你側(cè)臥,你呼出的灼熱氣息直接噴在我左耳邊,蓋...
    尖叫獨白閱讀 251評論 0 0

友情鏈接更多精彩內(nèi)容