一、字符编码的过滤器一、字符编码的过滤器import javax.servlet.*; import java.io.IOException;/* * 用于设置 HTTP 请求字符编码的过滤器，通过过滤器参数 encoding 指明使用 何种字符编码,用于处理 Html Form 请求参数的中文问题 */ public class CharacterEncodingFilter implements Filter protected FilterConfig filterConfig = null; protected String encoding = ”“;public void doFilter(ServletRequest servletRequest, ServletResponse s ervletResponse, FilterChain filterChain) throws IOException, ServletE xception if(encoding != null) servletRequest.setCharacterEncoding(encoding); filterChain.doFilter(servletRequest, servletResponse); public void destroy() filterConfig = null; encoding = null; public void init(FilterConfig filterConfig) throws ServletException this.filterConfig = filterConfig; this.encoding = filterConfig.getInitParameter(“encoding”); 二、使浏览器不缓存页面的过滤器二、使浏览器不缓存页面的过滤器import javax.servlet.*; import javax.servlet.http.HttpServletResponse; import java.io.IOException;/* * 用于的使 Browser 不缓存页面的过滤器*/ public class ForceNoCacheFilter implements Filter public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException (HttpServletResponse) response).setHeader(“Cache-Control”,”no- cache”); (HttpServletResponse) response).setHeader(“Pragma”,”no-cache”); (HttpServletResponse) response).setDateHeader (“Expires”, -1); filterChain.doFilter(request, response); public void destroy() public void init(FilterConfig filterConfig) throws ServletException 三、检测用户是否登陆的过滤器三、检测用户是否登陆的过滤器import javax.servlet.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.util.List; import java.util.ArrayList; import java.util.StringTokenizer; import java.io.IOException;/* * 用于检测用户是否登陆的过滤器，如果未登录，则重定向到指的登录页面* 配置参数* checkSessionKey 需检查的在 Session 中保存的关键字* redirectURL 如果用户未登录，则重定向到指定的页面，URL 不包括ContextPath* notCheckURLList 不做检查的 URL 列表，以分号分开，并且 URL 中不包括ContextPath*/ public class CheckLoginFilterimplements Filter protected FilterConfig filterConfig = null; private String redirectURL = null; private List notCheckURLList = new ArrayList(); private String sessionKey = null;public void doFilter(ServletRequest servletRequest, ServletResponse s ervletResponse, FilterChain filterChain) throws IOException, ServletE xception HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse;HttpSession session = request.getSession(); if(sessionKey = null) filterChain.doFilter(request, response); return; if(!checkRequestURIIntNotFilterList(request) return; filterChain.doFilter(servletRequest, servletResponse); public void destroy() notCheckURLList.clear(); private boolean checkRequestURIIntNotFilterList(HttpServletRequest re quest) String uri = request.getServletPath() + (request.getPathInfo() = nul l ? ”“ : request.getPathInfo(); return notCheckURLList.contains(uri); public void init(FilterConfig filterConfig) throws ServletException this.filterConfig = filterConfig;redirectURL = filterConfig.getInitParameter(“redirectURL”); sessionKey = filterConfig.getInitParameter(“checkSessionKey”);String notCheckURLListStr = filterConfig.getInitParameter(“notCheckU RLList”);if(notCheckURLListStr != null) StringTokenizer st = new StringTokenizer(notCheckURLListStr, ”;”); notCheckURLList.clear(); while(st.hasMoreTokens() notCheckURLList.add(st.nextToken(); 四、资源保护过滤器四、资源保护过滤器package catalog.view.util;import javax.servlet.Filter; import javax.servlet.FilterConfig; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import java.io.IOException; import java.util.Iterator; import java.util.Set; import java.util.HashSet; / import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory;/* * This Filter class handle the security of the application. * * It should be configured inside the web.xml. * * author Derek Y. Shen */ public class SecurityFilter implements Filter /the login page uri private static final String LOGIN_PAGE_URI = ”login.jsf”;/the logger object private Log logger = LogFactory.getLog(this.getClass();/a set of restricted resources private Set restrictedResources;/* * Initializes the Filter. */ public void init(FilterConfig filterConfig) throws ServletException this.restrictedResources = new HashSet(); this.restrictedResources.add(“/createProduct.jsf”); this.restrictedResources.add(“/editProduct.jsf”); this.restrictedResources.add(“/productList.jsf”); /* * Standard doFilter object. */ public void doFilter(ServletRequest req, ServletResponse res, FilterC hain chain) throws IOException, ServletException this.logger.debug(“doFilter”);String contextPath = (HttpServletRequest)req).getContextPath(); String requestUri = (HttpServletRequest)req).getRequestURI();this.logger.debug(