一盼铁、實(shí)驗(yàn)內(nèi)容
1粗蔚、Filter的理解和應(yīng)用
實(shí)現(xiàn)一個(gè)禁止緩存的過(guò)濾器。
要求和提示:
(1)禁止瀏覽器緩存所有動(dòng)態(tài)頁(yè)面饶火;
(2)有3個(gè)http響應(yīng)頭字段可以禁止瀏覽器緩存當(dāng)前頁(yè)面鹏控,它們?cè)赟ervlet中的示例代碼如下。
response.setDateHeader("Expires",-1);
response.setHeader("Cache-Control","no-cache");
response.setHeader("Pragma","no-cache");
(3)并不是所有的瀏覽器都能完全支持上面的3個(gè)響應(yīng)頭肤寝,因此最好是同時(shí)使用上面的3個(gè)響應(yīng)頭当辐。
2、Filter的理解和應(yīng)用
設(shè)計(jì)一個(gè)簡(jiǎn)單的IP地址過(guò)濾器鲤看,根據(jù)用戶的IP地址進(jìn)行網(wǎng)站的訪問(wèn)控制缘揪。例如:禁止IP地址處在192.168.2網(wǎng)段的用戶對(duì)網(wǎng)站的訪問(wèn)。
3义桂、Listener的理解和應(yīng)用
通過(guò)監(jiān)聽(tīng)器記錄在線用戶的姓名寺晌,在頁(yè)面進(jìn)行用戶姓名的顯示,同時(shí)實(shí)現(xiàn)對(duì)某個(gè)用戶的強(qiáng)制下線功能澡刹。
二、實(shí)驗(yàn)要求
源代碼和測(cè)試截圖(均直接輸入到答題框中)
三耘婚、實(shí)驗(yàn)原理
過(guò)濾器原理
直白的說(shuō)罢浇,就是這幅圖
對(duì)應(yīng)的是以下代碼里面的三個(gè)方法
屏幕快照 2018-11-22 上午10.32.16.png
注意web.xml格式
<filter>
<filter-name>此處給過(guò)濾器起一個(gè)名字</filter-name>
<filter-class>此處寫(xiě)過(guò)濾器實(shí)現(xiàn)類的全類名</filter-class>
<init-param>
<param-name>此處填寫(xiě)該過(guò)濾器初始化參數(shù)的名稱</param-name>
<param-value>此處填寫(xiě)該過(guò)濾器初始化參數(shù)的值</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>此處用上邊起過(guò)的名字</filter-name>
<url-mapping>此處寫(xiě)我們需要過(guò)濾哪些URL請(qǐng)求</url-mapping>
<dispacher>REQUEST,FORWORDMINCLUDE.ERROE</dispacher>
四、實(shí)驗(yàn)代碼
實(shí)驗(yàn)1??:
分為三個(gè)文件FirstFilter.java(用于執(zhí)行過(guò)濾器的業(yè)務(wù)邏輯)沐祷、web.xml(用于配置過(guò)濾器的映射)嚷闭、index.jsp(用作展示的頁(yè)面)
//FirstFilter.java
package topus;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
//import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Servlet Filter implementation class FirstFilter
*/
@WebFilter("/FirstFilter")
public class FirstFilter implements Filter {
/**
* Default constructor.
*/
public FirstFilter() {
// TODO Auto-generated constructor stub
}
/**
* @see Filter#destroy()
*/
public void destroy() {
System.out.println("First Filter------Destory");
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
System.out.println("First Filter------doFilter start");
//HttpServletRequest req=(HttpServletRequest) request;
HttpServletResponse res=(HttpServletResponse) response;
res.setDateHeader("Expires",-1);// //指定網(wǎng)頁(yè)在緩存中的過(guò)期時(shí)間
res.setHeader("Cache-Control","no-cache");// //HTTP消息頭,控制網(wǎng)頁(yè)的緩存
res.setHeader("Pragma","no-cache");// //禁止瀏覽器從緩存中調(diào)閱頁(yè)面內(nèi)容
// pass the request along the filter chain
chain.doFilter(request, response);
System.out.println("First Filter------doFilter end");
}
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
System.out.println("First Filter------Init");
}
}
//web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>shiyan10-1</display-name>
<filter>
<filter-name>firstFilter</filter-name>
<filter-class>topus.FirstFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>firstFilter</filter-name>
<!-- 代指所有url -->
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
//index.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
<h2>Hello World!</h2>
<%
System.out.println("index.jsp------");
%>
</body>
</html>
實(shí)驗(yàn)結(jié)果
no-cache
注意在此赖临,檢測(cè)辦法是在Chrome-右鍵-檢查-network-選擇對(duì)應(yīng)文件-header胞锰,如果出現(xiàn)no-cache則證明過(guò)濾成功
實(shí)驗(yàn)2??:
思路:訪問(wèn)index.jxp,觸發(fā)過(guò)濾器兢榨,篩選IP嗅榕,若不滿足則跳轉(zhuǎn)到error.jsp
index.jxp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
<h2>index!</h2>
<%
System.out.println("index.jsp------");
%>
</body>
</html>
error.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
<h2>error!</h2>
<%
System.out.println("error.jsp------");
%>
</body>
</html>
IPFilter.jsp
package topus;
import java.io.IOException;
//import java.net.InetAddress;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
//import org.apache.tomcat.util.codec.binary.StringUtils;
/**
* Servlet Filter implementation class IPFilter
*/
@WebFilter("/IPFilter")
public class IPFilter implements Filter {
/**
* Default constructor.
*/
public IPFilter() {
// TODO Auto-generated constructor stub
}
/**
* @see Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request1 = (HttpServletRequest)request;
HttpServletResponse response1 = (HttpServletResponse)response;
//四種痛苦的嘗試
//1.這里tomcat只能獲取IPV6的地址0:0:0:0:0:0:0:1不好判斷
//String ip= request.getRemoteAddr();
//2.如此之判斷還是得不到
/*
String ip = request1.getHeader("x-forwarded-for");
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
ip = request1.getHeader("Proxy-Client-IP");
}
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
ip = request1.getHeader("WL-Proxy-Client-IP");
}
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
ip = request1.getRemoteAddr();
}
*/
//3.這里用getLocalHost()模擬
//getLocalHost()僅返回象征本地主機(jī)的InetAddress對(duì)象
//InetAddress inet = InetAddress.getLocalHost();
//String ip= inet.getHostAddress();
//4.這里用字符模擬假的ip實(shí)例(前面實(shí)力勸退)
String ip = "192.165.2.47" ;
System.out.println("the ip is"+ip);
//拆分字符
int ad = Integer.parseInt(ip.substring(ip.lastIndexOf(".") + 1));
if(ad >= 1 && ad <= 50){
response.setContentType("text/html;charset=utf-8");
//跳轉(zhuǎn)到error.jsp
request1.getRequestDispatcher("error.jsp").forward(request1, response1);
}
else{
chain.doFilter(request, response);
}
}
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
// TODO Auto-generated method stub
}
}
IP不符合要求不允許訪問(wèn)
實(shí)驗(yàn)3??:
實(shí)驗(yàn)三比較復(fù)雜,思路正確實(shí)現(xiàn)起來(lái)還是很簡(jiǎn)單的吵聪,項(xiàng)目結(jié)構(gòu):
項(xiàng)目結(jié)構(gòu)
流程圖
實(shí)驗(yàn)10-3.gif
login.jsp (登錄界面)
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>登錄界面</title>
</head>
<body>
<form name="logForm" action="loginPro.jsp" method="get">
<p>用戶名:<input type="text" name="username"></p>
<p><input type="submit" value="登錄"></p>
</form>
</body>
</html>
loginPro.jsp (用于對(duì)登錄界面的值進(jìn)行處理凌那,以及觸發(fā)監(jiān)聽(tīng)器)
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>登錄界面解析</title>
</head>
<body>
<%
String username = request.getParameter("username");
session.setAttribute("username",username);
//直接跳轉(zhuǎn)
/* response.sendRedirect("users.jsp"); */
if(!username.isEmpty()){
out.println(username+"登陸成功");
}else out.println("登陸失敗");
%>
<a href="users.jsp">跳轉(zhuǎn)到用戶中心</a>
</body>
</html>
logout.jsp(退出按鈕所跳轉(zhuǎn)的界面,用于對(duì)退出進(jìn)行處理)
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8" import="java.util.Map" import="topus.UserSessionInfo" import="topus.MySessionContext"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>用戶退出</title>
</head>
<body>
<p>該用戶已經(jīng)退出本系統(tǒng)吟逝!</p>
<a href="users.jsp">跳轉(zhuǎn)到用戶中心</a>
<%
String sessionID = request.getParameter("sessionID");
//out.println(sessionID);
MySessionContext myc= MySessionContext.getInstance();
HttpSession sess = myc.getSession(sessionID);
//HttpSession sess = session.getSessionContext().getSession(sessionID) ;
sess.invalidate(); // 本次會(huì)話對(duì)象失效
//session.removeAttribute("username");
//response.sendRedirect("users.jsp");
//Map<String, UserSessionInfo> onlineRegister=(Map<String, UserSessionInfo>) application.getAttribute("onlineRegister");
//onlineRegister.remove(sess.getId());
//application.setAttribute("onlineRegister",onlineRegister);
//Map<String, UserSessionInfo> onlineRegister = (Map<String, UserSessionInfo>) session.getServletContext().getAttribute("onlineRegister");
//onlineRegister.remove(session.getId());
//session.getServletContext().setAttribute("onlineRegister",onlineRegister);
%>
</body>
</html>
users.jsp(用戶管理中心帽蝶,用于顯示在線用戶的信息,以及對(duì)在線用戶進(jìn)行強(qiáng)制下線操作)
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>用戶管理中心</title>
</head>
<body>
<%-- ${applicationScope.onlineRegister} --%>
<c:forEach items="${applicationScope.onlineRegister}" var="mapRegister">
<p>
用戶名:${mapRegister.value.username}块攒,會(huì)話創(chuàng)建時(shí)間:
<fmt:formatDate value="${mapRegister.value.creationDate}"
pattern="yyyy-MM-dd HH:mm:ss" />
<%-- sessionID:${mapRegister.value.sessionID} --%>
<a href="logout.jsp?sessionID=${mapRegister.value.sessionID}">退出</a>
</p>
</c:forEach>
</body>
</html>
MySessionAttributeListener.java(SessionAttributeListener監(jiān)聽(tīng)器励稳,用于監(jiān)聽(tīng)session的參數(shù)佃乘,如在logPro.jsp內(nèi)的session.setAttribute有用到)
package topus;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.annotation.WebListener;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionAttributeListener;
import javax.servlet.http.HttpSessionBindingEvent;
/**
* Application Lifecycle Listener implementation class MySessionAttributeListener
*
*/
@WebListener
public class MySessionAttributeListener implements HttpSessionAttributeListener {
/**
* Default constructor.
*/
public MySessionAttributeListener() {
// TODO Auto-generated constructor stub
}
/**
* @see HttpSessionAttributeListener#attributeAdded(HttpSessionBindingEvent)
*/
@SuppressWarnings("unchecked")
public void attributeAdded(HttpSessionBindingEvent arg0) {
HttpSession session = arg0.getSession();
String username = (String) session.getAttribute("username");
if (username != null) {
//給用戶模型賦值
UserSessionInfo userSessionBean = new UserSessionInfo(username,session.getId(), new Date(session.getCreationTime()));
//建一個(gè)map表
Map<String, UserSessionInfo> onlineRegister = (Map<String, UserSessionInfo>) session.getServletContext().getAttribute("onlineRegister");
if (onlineRegister == null) {
onlineRegister = new HashMap<String, UserSessionInfo>();
}
//將sessionId和用戶模型一一對(duì)應(yīng)構(gòu)成一個(gè)單獨(dú)的個(gè)體
onlineRegister.put(session.getId(), userSessionBean);
//set回去
session.getServletContext().setAttribute("onlineRegister",onlineRegister);
}
}
/**
* @see HttpSessionAttributeListener#attributeRemoved(HttpSessionBindingEvent)
*/
@SuppressWarnings("unchecked")
public void attributeRemoved(HttpSessionBindingEvent arg0) {
// TODO Auto-generated method stub
if ("username".equals(arg0.getName())) {
HttpSession session = arg0.getSession();
Map<String, UserSessionInfo> onlineRegister = (Map<String, UserSessionInfo>) session
.getServletContext().getAttribute("onlineRegister");
onlineRegister.remove(session.getId());
session.getServletContext().setAttribute("onlineRegister",
onlineRegister);
}
}
/**
* @see HttpSessionAttributeListener#attributeReplaced(HttpSessionBindingEvent)
*/
public void attributeReplaced(HttpSessionBindingEvent arg0) {
// TODO Auto-generated method stub
}
}
MySessionContext.java和SessionListener.java 用于完成通過(guò)seesionID來(lái)獲取到session的事件,魔改過(guò)來(lái)使用
作者csdn鏈接:https://blog.csdn.net/sihai12345/article/details/81098765
package topus;
import java.util.HashMap;
import javax.servlet.http.HttpSession;
public class MySessionContext {
private static MySessionContext instance;
private HashMap<String,HttpSession> sessionMap;
private MySessionContext() {
sessionMap = new HashMap<String,HttpSession>();
}
public static MySessionContext getInstance() {
if (instance == null) {
instance = new MySessionContext();
}
return instance;
}
public synchronized void addSession(HttpSession session) {
if (session != null) {
sessionMap.put(session.getId(), session);
}
}
public synchronized void delSession(HttpSession session) {
if (session != null) {
sessionMap.remove(session.getId());
}
}
public synchronized HttpSession getSession(String sessionID) {
if (sessionID == null) {
return null;
}
return sessionMap.get(sessionID);
}
}
package topus;
import javax.servlet.annotation.WebListener;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;
/**
* Application Lifecycle Listener implementation class SessionListener
*
*/
@WebListener
public class SessionListener implements HttpSessionListener {
private MySessionContext myc = MySessionContext.getInstance();
/**
* Default constructor.
*/
public SessionListener() {
// TODO Auto-generated constructor stub
}
/**
* @see HttpSessionListener#sessionCreated(HttpSessionEvent)
*/
public void sessionCreated(HttpSessionEvent se) {
// TODO Auto-generated method stub
HttpSession session = se.getSession();
myc.addSession(session);
}
/**
* @see HttpSessionListener#sessionDestroyed(HttpSessionEvent)
*/
public void sessionDestroyed(HttpSessionEvent se) {
// TODO Auto-generated method stub
HttpSession session = se.getSession();
myc.delSession(session);
}
}
UserSessionInfo.jsp(用于構(gòu)建用戶數(shù)據(jù)模型的Javabean)
package topus;
import java.util.Date;
public class UserSessionInfo {
private String username;
private String sessionID;
private Date creationDate;
public UserSessionInfo(){
}
public UserSessionInfo(String username, String sessionID, Date creationDate) {
super();
this.username = username;
this.sessionID = sessionID;
this.creationDate = creationDate;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getSessionID() {
return sessionID;
}
public void setSessionID(String sessionID) {
this.sessionID = sessionID;
}
public Date getCreationDate() {
return creationDate;
}
public void setCreationDate(Date creationDate) {
this.creationDate = creationDate;
}
}
項(xiàng)目截圖:
5.png
6.png
7.png
1.png
2.png
3.png
4.png
8.png
