Filters and listeners
1. The filter
In many Web projects, filters are used, such as parameter filtering, preventing SQL injection, preventing page attacks, parameter correction, Token authentication, Session authentication, etc
1.1 Why is a filter needed
In Web development, there is often a need to remove illegal characters entered by users from all interfaces to prevent business exceptions, and if you need to handle this problem, there are many ways
- Verify the front – end parameters when they are passed, filtering illegal characters first
- The back end receives the data that the front end does not filter, and then filters the illegal characters
- Use filters to handle all illegal characters in the project
If you use the first two methods, you need to process each front page or back end, and there is a lot of duplicate code in the project. However, if you use filters, you only need to filter on each interface, reducing redundant code.
1.2 Procedure
- Implement the Filter abstract class
- Overriding class method
- Add @ServletComponentScan to the Spring Boot entry to register the filter
Writing filter code
package com.example.demo; import org.springframework.core.annotation.Order; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import java.io.IOException; @Order(1) @WebFilter(filterName = "Filterdemo",urlPatterns = "/*") public class Filterdemo implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {system.out.println (" This page is filtered "); filterChain.doFilter(servletRequest,servletResponse); } @Override public void destroy() { } }Copy the code
Then add the @ServletComponentScan annotation to the startup class to start the service
Because it is /* in the filter routing Settings, any page visited will go through the filter and the console will have output
2. The listener
Listeners are used to monitor the creation, destruction, addition, modification, deletion and other actions of some objects or information in Web applications, and then make corresponding response processing. When the state of the object changes, the server automatically calls the listener’s methods.
Listeners are often used to count the number of people online, initialize information when the system is loading, and so on
There are three types of listeners in servlets:
-
Listen for the creation and destruction of ServletContext, Request, and Session scopes
- ServletContextListener: Listens on the ServletContext
- HttpSessionListener: Listens for new Session creation events
- ServletRequestListener: Listens for initialization and destruction of a ServletRequest
-
Listen for property changes (additions, modifications, deletions) in the ServletContext, Request, and Session scopes
The corresponding AttributeListener listens for changes in parameters
-
Listen for changes in the state of objects in HttpSession (bound, unbound, passivated, activated)
- HttpSessionBindingListener: to monitor the HttpSession and bound and unbound
- HttpSessionActivationListener: listening to the passivation and the activity of the HttpSession state changes
Take a look at the ServletContext listener example
package com.example.demo; import javax.servlet.ServletContextEvent; import javax.servlet.ServletContextListener; @WebListener public class listenerdemo implements ServletContextListener { @Override public void ContextInitialized (ServletContextEvent sce) {system.out.println ("ServletContext initialized "); System.out.println(sce.getServletContext().getServerInfo()); } @override public void contextDestroyed(ServletContextEvent sce) {system.out.println ("ServletContext destroyed "); }}Copy the code
\