Jsp 使用控制器servlet筛选使用情况

对于使用JSP和servlet的非常简单的MVC，过滤器的功能是什么

下面的示例中有一个控制器servlet，我想每个JSP都会呈现一个不同的视图。servlet主要与模型交互，模型是一个包含用户列表的属性文件。然而，

login.jsp

将改变令牌，它是一个会话bean

我意识到，通常情况下，Spring、facelets或其他框架会发挥作用——我只是在摸索自己的方式

servlet使用过滤器是否正确？我不确定过滤器在这里是如何发挥作用的——除了要分派给哪个JSP的“逻辑”可以从控制器servlet中提取出来，并独立存在于过滤器中

JSP不需要访问过滤器，因为所有调度都是通过servlet（？）完成的

servlet：

package net.bounceme.dur.servlets;

import filter.PropertiesReader;
import java.io.IOException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Map;
import java.util.Properties;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

@WebServlet("/controller")
public class Controller extends HttpServlet {

    private static final Logger log = Logger.getLogger(Controller.class.getName());

    protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        log.info("controller processing request..");
        String jsp = dispatcherLogic(request.getSession());
        request.getRequestDispatcher("/WEB-INF/" + jsp).forward(request, response);
    }

    private String dispatcherLogic(HttpSession session) {
        Properties properties = PropertiesReader.getProps();
        MyToken token = (MyToken) session.getAttribute("token");
        if (token != null) {
            token.setAuthenticated(properties.containsValue(token.getName()));
        } else {
            token = new MyToken();
        }
        log.info(token.toString());
        session.setAttribute("token", token);
        if (token.isAuthenticated()) {
            return "success.jsp";
        } else {
            if (token.isAttemptedLogin()) {
                return "fail.jsp";
            } else {
                return "login.jsp";
            }
        }
    }

    private String dispatcherLogic0(HttpSession session) {
        Map<String, String> p = PropertiesReader.getPropsAsMap();
        Enumeration<String> names = session.getAttributeNames();
        for (String s : Collections.list(names)) {
            log.info(s);
        }
        MyToken t = (MyToken) session.getAttribute("token");
        for (String s : p.keySet()) {
            //  t.getName() = p.containsValue(s);
        }
        return "hello.jsp";  //always to hello page for now
    }

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    @Override
    public String getServletInfo() {
        return "controller";
    }
}

---

servlet不与筛选器交互。事实上，它甚至不知道是否使用了过滤器（除了副作用）。顺便说一句，您的

AuthenticateFilter.doFilter

不正确。如果在web应用程序中安装这样的筛选器，它将阻止所有内容，因为它永远不会传递到filterchain

过滤器的逻辑如下

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
    // optional pre-processing
    // optionaly return immediately to by-pass other filters and servlet processing
    chain.doFilter(request, response); // pass down to next filter or to servlet
                                       //  if last filter in chain
    // optional post-processing
}

doFilter

方法是Classicali：

package net.bounceme.dur.servlets;

import java.util.logging.Logger;

public class MyToken {//should probably be immutable...

    private static Logger log = Logger.getLogger(MyToken.class.getName());

    private String name = "nemo";
    private String role = "captain";
    private String password = "abc";
    private boolean authenticated = false;
    private boolean attemptedLogin = false;

    public MyToken() {
    }

    public String getName() {
        return name;
    }

    public void setName(String name) {
        this.name = name;
    }

    public String getRole() {
        return role;
    }

    public void setRole(String role) {
        this.role = role;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }

    public boolean isAuthenticated() {
        return authenticated;
    }

    public void setAuthenticated(boolean authenticated) {
        this.authenticated = authenticated;
    }

    public boolean isAttemptedLogin() {
        return attemptedLogin;
    }

    public void setAttemptedLogin(boolean attemptedLogin) {
        this.attemptedLogin = attemptedLogin;
    }

    @Override
    public String toString() {
        return name + authenticated + attemptedLogin;
    }
}

servlet container prepares ServletRequest and ServletResponses objects and pass them to a *filter chain*
    first filter optional pre-processing pass down to next in chain
        second filter pre-processing
        ...
            Servlet processing
        ...
        second filter post-processing
    first filter optional post processing
servlet container pass (end of) data to client

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
    // optional pre-processing
    // optionaly return immediately to by-pass other filters and servlet processing
    chain.doFilter(request, response); // pass down to next filter or to servlet
                                       //  if last filter in chain
    // optional post-processing
}