Welcome 微信登录

首页 / 软件开发 / JAVA / Servlet过滤器介绍之实用过滤器

Servlet过滤器介绍之实用过滤器2011-04-09 51cto zhangjunhd6.禁止站点过滤器

如果你希望在你的过滤器检测到不正常的异常而中途中断后面的过滤过程时,可这样做:

public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws ServletException, IOException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
if (isUnusualCondition(req)) {
res.sendRedirect("http://www.somesite.com");
} else {
chain.doFilter(req, res);
}
}

下例是一个禁止站点过滤器,如果不希望某些站点访问你的网站,你可以在web.xml的 param-value中列出它的站点,然后应用上面的原理跳出常规过滤,给出禁止访问的页面。

BannedAccessFilter.java

package com.zj.sample;import java.io.IOException;import java.io.PrintWriter;import java.net.MalformedURLException;import java.net.URL;import java.util.HashSet;import java.util.StringTokenizer;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;public class BannedAccessFilter implements Filter {private HashSet<String> bannedSiteTable;/*** Deny access if the request comes from a banned site or is referred here* by a banned site. */public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException { System.out.println("Within BannedAccessFilter:Filtering the Request..."); HttpServletRequest req = (HttpServletRequest) request; String requestingHost = req.getRemoteHost(); String referringHost = getReferringHost(req.getHeader("Referer")); String bannedSite = null; boolean isBanned = false; if (bannedSiteTable.contains(requestingHost)) { bannedSite = requestingHost; isBanned = true; } else if (bannedSiteTable.contains(referringHost)) { bannedSite = referringHost; isBanned = true; } if (isBanned) { showWarning(response, bannedSite); } else { chain.doFilter(request, response); } System.out.println("Within BannedAccessFilter:Filtering the Response...");}/*** Create a table of banned sites based on initialization parameters.* Remember that version 2.3 of the servlet API mandates the use of the* Java2 Platform. Thus, it is safe to use HashSet (which determines* whether a given key exists) rather than the clumsier Hashtable* (which has a value for each key).*/public void init(FilterConfig config) throws ServletException { bannedSiteTable = new HashSet<String>(); String bannedSites = config.getInitParameter("bannedSites"); // Default token set: white space. StringTokenizer tok = new StringTokenizer(bannedSites); while (tok.hasMoreTokens()) { String bannedSite = tok.nextToken(); bannedSiteTable.add(bannedSite); System.out.println("Banned " + bannedSite); }}public void destroy() {}private String getReferringHost(String refererringURLString) { try { URL referringURL = new URL(refererringURLString); return (referringURL.getHost()); } catch (MalformedURLException mue) { // Malformed or null return (null); }}// Replacement response that is returned to users// who are from or referred here by a banned site.private void showWarning(ServletResponse response, String bannedSite) throws ServletException, IOException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); String docType = "<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 "+ "Transitional//EN">
"; out.println(docType + "<HTML>
"+ "<HEAD><TITLE>Access Prohibited</TITLE></HEAD>
"+ "<BODY BGCOLOR="WHITE">
" + "<H1>Access Prohibited</H1>
"+ "Sorry, access from or via " + bannedSite + "
"+ "is not allowed.
" + "</BODY></HTML>");} }
版权所有©石家庄振强科技有限公司2024 冀ICP备08103738号-5 网站地图