复制粘贴！出自：http://xxtianxiaxing.javaeye.com/blog/35016
Java代码

?? 1. 五个有用的过滤器??
?? 2.??
?? 3. 一、使浏览器不缓存页面的过滤器?????
?? 4. import javax.servlet.*;?????
?? 5. import javax.servlet.http.HttpServletResponse;?????
?? 6. import java.io.IOException;?????
?? 7.?????
?? 8. /**?
?? 9. * 用于的使 Browser 不缓存页面的过滤器?
? 10. */????
? 11. public class ForceNoCacheFilter implements Filter {?????
? 12.?????
? 13. public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException?????
? 14. {?????
? 15.???? ((HttpServletResponse) response).setHeader("Cache-Control","no-cache");?????
? 16.???? ((HttpServletResponse) response).setHeader("Pragma","no-cache");?????
? 17.???? ((HttpServletResponse) response).setDateHeader ("Expires", -1);?????
? 18.???? filterChain.doFilter(request, response);?????
? 19. }?????
? 20.?????
? 21. public void destroy()?????
? 22. {?????
? 23. }?????
? 24.?????
? 25.????? public void init(FilterConfig filterConfig) throws ServletException?????
? 26. {?????
? 27. }?????
? 28. }?????
? 29.?????
? 30. 二、检测用户是否登陆的过滤器?????
? 31.?????
? 32. import javax.servlet.*;?????
? 33. import javax.servlet.http.HttpServletRequest;?????
? 34. import javax.servlet.http.HttpServletResponse;?????
? 35. import javax.servlet.http.HttpSession;?????
? 36. import java.util.List;?????
? 37. import java.util.ArrayList;?????
? 38. import java.util.StringTokenizer;?????
? 39. import java.io.IOException;?????
? 40.?????
? 41. /**?
? 42. * 用于检测用户是否登陆的过滤器，如果未登录，则重定向到指的登录页面?
? 43.?
? 44.?
? 45. * 配置参数?
? 46.?
? 47.?
? 48. * checkSessionKey 需检查的在 Session 中保存的关键字?
? 49.?
? 50. * redirectURL 如果用户未登录，则重定向到指定的页面，URL不包括 ContextPath?
? 51.?
? 52. * notCheckURLList 不做检查的URL列表，以分号分开，并且 URL 中不包括 ContextPath?
? 53.?
? 54. */????
? 55. public class CheckLoginFilter?????
? 56. implements Filter?????
? 57. {?????
? 58.????? protected FilterConfig filterConfig = null;?????
? 59.????? private String redirectURL = null;?????
? 60.????? private List notCheckURLList = new ArrayList();?????
? 61.????? private String sessionKey = null;?????
? 62.?????
? 63. public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException?????
? 64. {?????
? 65.???? HttpServletRequest request = (HttpServletRequest) servletRequest;?????
? 66.???? HttpServletResponse response = (HttpServletResponse) servletResponse;?????
? 67.?????
? 68.????? HttpSession session = request.getSession();?????
? 69.??? if(sessionKey == null)?????
? 70.???? {?????
? 71.????? filterChain.doFilter(request, response);?????
? 72.???? return;?????
? 73.???? }?????
? 74.??? if((!checkRequestURIIntNotFilterList(request)) && session.getAttribute(sessionKey) == null)?????
? 75.???? {?????
? 76.????? response.sendRedirect(request.getContextPath() + redirectURL);?????
? 77.???? return;?????
? 78.???? }?????
? 79.???? filterChain.doFilter(servletRequest, servletResponse);?????
? 80. }?????
? 81.?????
? 82. public void destroy()?????
? 83. {?????
? 84.???? notCheckURLList.clear();?????
? 85. }?????
? 86.?????
? 87. private boolean checkRequestURIIntNotFilterList(HttpServletRequest request)?????
? 88. {?????
? 89.???? String uri = request.getServletPath() + (request.getPathInfo() == null ? "" : request.getPathInfo());?????
? 90.??? return notCheckURLList.contains(uri);?????
? 91. }?????
? 92.?????
? 93. public void init(FilterConfig filterConfig) throws ServletException?????
? 94. {?????
? 95.??? this.filterConfig = filterConfig;?????
? 96.???? redirectURL = filterConfig.getInitParameter("redirectURL");?????
? 97.???? sessionKey = filterConfig.getInitParameter("checkSessionKey");?????
? 98.?????
? 99.???? String notCheckURLListStr = filterConfig.getInitParameter("notCheckURLList");?????
100.?????
101.??? if(notCheckURLListStr != null)?????
102.???? {?????
103.????? StringTokenizer st = new StringTokenizer(notCheckURLListStr, ";");?????
104.????? notCheckURLList.clear();?????
105.???? while(st.hasMoreTokens())?????
106.????? {?????
107.?????? notCheckURLList.add(st.nextToken());?????
108.????? }?????
109.???? }?????
110. }?????
111. }?????
112.?????
113. 三、字符编码的过滤器?????
114.?????
115. import javax.servlet.*;?????
116. import java.io.IOException;?????
117.?????
118. /**?
119. * 用于设置 HTTP 请求字符编码的过滤器，通过过滤器参数encoding指明使用何种字符编码,用于处理Html Form请求参数的中文问题?
120. */????
121. public class CharacterEncodingFilter?????
122. implements Filter?????
123. {?????
124. protected FilterConfig filterConfig = null;?????
125. protected String encoding = "";?????
126.?????
127. public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException?????
128. {?????
129.????????? if(encoding != null)?????
130.??????????? servletRequest.setCharacterEncoding(encoding);?????
131.?????????? filterChain.doFilter(servletRequest, servletResponse);?????
132. }?????
133.?????
134. public void destroy()?????
135. {?????
136.???? filterConfig = null;?????
137.???? encoding = null;?????
138. }?????
139.?????
140.????? public void init(FilterConfig filterConfig) throws ServletException?????
141. {?????
142.?????????? this.filterConfig = filterConfig;?????
143.????????? this.encoding = filterConfig.getInitParameter("encoding");?????
144.?????
145. }?????
146. }?????
147.?????
148. 四、资源保护过滤器?????
149.?????
150.?????
151. package catalog.view.util;?????
152.?????
153. import javax.servlet.Filter;?????
154. import javax.servlet.FilterConfig;?????
155. import javax.servlet.ServletRequest;?????
156. import javax.servlet.ServletResponse;?????
157. import javax.servlet.FilterChain;?????
158. import javax.servlet.ServletException;?????
159. import javax.servlet.http.HttpServletRequest;?????
160. import java.io.IOException;?????
161. import java.util.Iterator;?????
162. import java.util.Set;?????
163. import java.util.HashSet;?????
164. //?????
165. import org.apache.commons.logging.Log;?????
166. import org.apache.commons.logging.LogFactory;?????
167.?????
168. /**?
169. * This Filter class handle the security of the application.?
170. *?
171. * It should be configured inside the web.xml.?
172. *?
173. * @author Derek Y. Shen?
174. */????
175. public class SecurityFilter implements Filter {?????
176. //the login page uri?????
177. private static final String LOGIN_PAGE_URI = "login.jsf";?????
178.?????
179. //the logger object?????
180. private Log logger = LogFactory.getLog(this.getClass());?????
181.?????
182. //a set of restricted resources?????
183. private Set restrictedResources;?????
184.?????
185. /**?
186.??? * Initializes the Filter.?
187.??? */????
188. public void init(FilterConfig filterConfig) throws ServletException {?????
189.?? this.restrictedResources = new HashSet();?????
190.?? this.restrictedResources.add("/createProduct.jsf");?????
191.?? this.restrictedResources.add("/editProduct.jsf");?????
192.?? this.restrictedResources.add("/productList.jsf");?????
193. }?????
194.?????
195. /**?
196.??? * Standard doFilter object.?
197.??? */????
198. public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)?????
199.??? throws IOException, ServletException {?????
200.?? this.logger.debug("doFilter");?????
201.????????
202.??? String contextPath = ((HttpServletRequest)req).getContextPath();?????
203.??? String requestUri = ((HttpServletRequest)req).getRequestURI();?????
204.????????
205.?? this.logger.debug("contextPath = " + contextPath);?????
206.?? this.logger.debug("requestUri = " + requestUri);?????
207.????????
208.?? if (this.contains(requestUri, contextPath) && !this.authorize((HttpServletRequest)req)) {?????
209.??? this.logger.debug("authorization failed");?????
210.???? ((HttpServletRequest)req).getRequestDispatcher(LOGIN_PAGE_URI).forward(req, res);?????
211.??? }?????
212.?? else {?????
213.??? this.logger.debug("authorization succeeded");?????
214.???? chain.doFilter(req, res);?????
215.??? }?????
216. }?????
217.?????
218. public void destroy() {}?????
219.?????
220. private boolean contains(String value, String contextPath) {?????
221.??? Iterator ite = this.restrictedResources.iterator();?????
222.????????
223.?? while (ite.hasNext()) {?????
224.???? String restrictedResource = (String)ite.next();?????
225.?????????
226.??? if ((contextPath + restrictedResource).equalsIgnoreCase(value)) {?????
227.???? return true;?????
228.???? }?????
229.??? }?????
230.????????
231.?? return false;?????
232. }?????
233.?????
234. private boolean authorize(HttpServletRequest req) {?????
235.?????
236.?????????????? //处理用户登录?????
237.??????? /* UserBean user = (UserBean)req.getSession().getAttribute(BeanNames.USER_BEAN);?
238.????
239.??? if (user != null && user.getLoggedIn()) {?
240.???? //user logged in?
241.???? return true;?
242.??? }?
243.??? else {?
244.???? return false;?
245.??? }*/????
246. }?????
247. }????
248. 五 利用Filter限制用户浏览权限??
249.??
250. 在一个系统中通常有多个权限的用户。不同权限用户的可以浏览不同的页面。使用Filter进行判断不仅省下了代码量，而且如果要更改的话只需要在Filter文件里动下就可以。??
251. 以下是Filter文件代码：??
252.??
253.??
254. import java.io.IOException;?????
255.??
256.?????
257. import javax.servlet.Filter;?????
258. import javax.servlet.FilterChain;?????
259. import javax.servlet.FilterConfig;?????
260. import javax.servlet.ServletException;?????
261. import javax.servlet.ServletRequest;?????
262. import javax.servlet.ServletResponse;?????
263. import javax.servlet.http.HttpServletRequest;?????
264.?????
265. public class RightFilter implements Filter {?????
266.?????
267.???? public void destroy() {?????
268.??????????????
269.????? }?????
270.?????
271.???? public void doFilter(ServletRequest sreq, ServletResponse sres, FilterChain arg2) throws IOException, ServletException {?????
272.???????? // 获取uri地址?????
273.????????? HttpServletRequest request=(HttpServletRequest)sreq;?????
274.????????? String uri = request.getRequestURI();?????
275.????????? String ctx=request.getContextPath();?????
276.????????? uri = uri.substring(ctx.length());?????
277.???????? //判断admin级别网页的浏览权限?????
278.???????? if(uri.startsWith("/admin")) {?????
279.???????????? if(request.getSession().getAttribute("admin")==null) {?????
280.????????????????? request.setAttribute("message","您没有这个权限");?????
281.????????????????? request.getRequestDispatcher("/login.jsp").forward(sreq,sres);?????
282.???????????????? return;?????
283.????????????? }?????
284.????????? }?????
285.???????? //判断manage级别网页的浏览权限?????
286.???????? if(uri.startsWith("/manage")) {?????
287.???????????? //这里省去?????
288.????????????? }?????
289.????????? }?????
290.???????? //下面还可以添加其他的用户权限，省去。?????
291.?????
292.????? }?????
293.?????
294.???? public void init(FilterConfig arg0) throws ServletException {?????
295.??????????????
296.????? }?????
297.?????
298. }??
299.??
300. <!-- 判断页面的访问权限 -->????
301.?? <filter>????
302.????? <filter-name>RightFilter</filter-name>????
303.?????? <filter-class>cn.itkui.filter.RightFilter</filter-class>????
304.?? </filter>????
305.?? <filter-mapping>????
306.?????? <filter-name>RightFilter</filter-name>????
307.?????? <url-pattern>/admin/*</url-pattern>????
308.?? </filter-mapping>????
309.?? <filter-mapping>????
310.?????? <filter-name>RightFilter</filter-name>????
311.?????? <url-pattern>/manage/*</url-pattern>????
312.?? </filter-mapping>????
313.??
314. 在web.xml中加入Filter的配置，如下：??
315. <filter>????
316.??
317.???????? <filter-name>EncodingAndCacheflush</filter-name>????
318.???????? <filter-class>EncodingAndCacheflush</filter-class>????
319.???????? <init-param>????
320.???????????? <param-name>encoding</param-name>????
321.???????????? <param-value>UTF-8</param-value>????
322.???????? </init-param>????
323.???? </filter>????
324.???? <filter-mapping>????
325.???????? <filter-name>EncodingAndCacheflush</filter-name>????
326.???????? <url-pattern>/*</url-pattern>????
327.???? </filter-mapping>????
328. 要传递参数的时候{zh0}使用form进行传参，如果使用链接的话当中文字符的时候过滤器转码是不会起作用的，还有就是页面上??
329.??
330. form的method也要设置为post，不然过滤器也起不了作用。??