JavaWeb学习打卡17（监听器使用、Filter过滤器实现权限拦截案例）

监听器在 GUI （图形界面）编程中的使用案例（窗体和面板）：

package com.xu.listener;import java.awt.*;
import java.awt.event.WindowEvent;
import java.awt.event.WindowListener;public class TestPanel {public static void main(String[] args) {Frame frame = new Frame("你好，世界！");//新建一个窗体Panel panel = new Panel(null);//新建一个面板frame.setLayout(null);//设置窗体的一个布局frame.setBounds(400,400,500,500);//将窗体的位置设置为 400，400；宽高设置为：500，500frame.setBackground(new Color(0,200,233));//设置背景颜色panel.setBounds(50,50,300,300);//将面板的位置设置为 50，50；宽高设置为：300，300panel.setBackground(new Color(30,233,90));//设置背景颜色frame.add(panel);//将面板加入窗体中frame.setVisible(true);//将窗体显示出来//监听关闭事件frame.addWindowListener(new WindowListener() {@Overridepublic void windowOpened(WindowEvent e) {System.out.println("打开了");}@Overridepublic void windowClosing(WindowEvent e) {System.out.println("关闭ing");System.exit(0);//0（正常退出）和1（非正常退出）}@Overridepublic void windowClosed(WindowEvent e) {System.out.println("关闭ed");}@Overridepublic void windowIconified(WindowEvent e) {System.out.println("打开了");}@Overridepublic void windowDeiconified(WindowEvent e) {}@Overridepublic void windowActivated(WindowEvent e) {System.out.println("激活");}@Overridepublic void windowDeactivated(WindowEvent e) {System.out.println("未激活");}});}
}

Filter 过滤器实现权限拦截：

首先我们先写好我们所需要的 所有页面效果的  jsp 文件：

    Login.jsp ：

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head><title>Title</title>
</head>
<body>
<h1>登录</h1>
<form action="/servlet/login" method="post"><input type="text" name="username"><input type="submit">
</form></body>
</html>

error .jsp :

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head><title>Title</title>
</head>
<body><h1>错误</h1>
<h3>没有权限，用户名错误</h3><a href="Login.jsp">返回登录页面</a></body>
</html>

在web 目录下新建一个 sys 目录，在里面新建 success.jsp ：

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head><title>Title</title>
</head>
<body><h1>主页</h1><p><a href="/servlet/logout">注销</a></p></body>
</html>

然后新建一个 LoginServlet（登录） 类：

package com.xu.servlet;import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;public class LoginServlet extends HttpServlet {@Overrideprotected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {//获取请求的参数String username = req.getParameter("username");if (username.equals("admin")){//登录成功req.getSession().setAttribute("USER_SESSION",req.getSession().getId());resp.sendRedirect("/sys/success.jsp");//重定向到success.jsp页面}else {//登录失败resp.sendRedirect("/error.jsp");}}@Overrideprotected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {doGet(req, resp);}
}

再新建一个 LogoutServlet（注销） 类：

package com.xu.servlet;import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;public class LogoutServlet extends HttpServlet {@Overrideprotected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {Object userSession = req.getSession().getAttribute("USER_SESSION");//如果得到的session 中能够获取到 USER_SESSION ，就将 USER_SESSION 元素移除，并重定向到登录页面if (userSession!=null){req.getSession().removeAttribute("USER_SESSION");resp.sendRedirect("/Login.jsp");}else {//等于空的时候，也回到登录页面resp.sendRedirect("/Login.jsp");}}@Overrideprotected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {doGet(req, resp);}
}

再创建一个 SysFilter 类，来实现 Filter 过滤器接口，以及重写里面的所有方法：

package com.xu.filter;import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;public class SysFilter implements Filter {@Overridepublic void init(FilterConfig filterConfig) throws ServletException {Filter.super.init(filterConfig);}@Overridepublic void doFilter(ServletRequest req, ServletResponse resp, FilterChain Chain) throws IOException, ServletException {//我们要将servletRequest（子类），servletResponse 转化为 HttpServletRequest（父类），HttpServletResponse，才能拿到sessionHttpServletRequest request = (HttpServletRequest) req;HttpServletResponse response = (HttpServletResponse) resp;//如果 得到的这个 session 为空，说明该session 已经注销了，页面就返回error.jsp 错误页面if ((request.getSession().getAttribute("USER_SESSION"))==null){response.sendRedirect("/error.jsp");}Chain.doFilter(request,response);}@Overridepublic void destroy() {Filter.super.destroy();}
}

随后在 web.xml 文件中 ，注册 LoginServlet  、 LogoutServlet  两个类，以及 Filter 过滤器 的注册 :

<!--    注册LoginServlet--><servlet><servlet-name>LoginServlet</servlet-name><servlet-class>com.xu.servlet.LoginServlet</servlet-class></servlet><servlet-mapping><servlet-name>LoginServlet</servlet-name><url-pattern>/servlet/login</url-pattern></servlet-mapping><!--    注册LogoutServlet--><servlet><servlet-name>LogoutServlet</servlet-name><servlet-class>com.xu.servlet.LogoutServlet</servlet-class></servlet><servlet-mapping><servlet-name>LogoutServlet</servlet-name><url-pattern>/servlet/logout</url-pattern></servlet-mapping><!--    注册SysFilter 过滤器 --><filter><filter-name>SysFilter</filter-name><filter-class>com.xu.filter.SysFilter</filter-class></filter><filter-mapping><filter-name>SysFilter</filter-name>
<!--        只要是在/sys 路径下的访问都要经过这个过滤器--><url-pattern>/sys/*</url-pattern></filter-mapping>

运行结果：

若提交的数据为 ：admin ：

若提交的  非  admin，或者   未登录  ,  直接访问 success.jsp：

点击注销 、返回登录页面，均返回到 开始的登录页面 ！