Java Servlet 与过滤器
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2957165/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Servlet vs Filter
提问by Dejell
What is the difference between a Servletand Filter? What do you recommend to use for authorization to pages?
Servlet和过滤器有什么区别?您建议使用什么来授权页面?
采纳答案by BalusC
Use a Filterwhen you want to filter and/or modifyrequests based on specific conditions. Use a Servletwhen you want to control, preprocess and/or postprocessrequests.
Filter当您想根据特定条件过滤和/或修改请求时使用 a 。Servlet当您想要控制、预处理和/或后处理请求时使用 a 。
The Java EE tutorialmentions the following about filters:
在Java EE的教程中提到有关筛选如下:
A filter is an object that can transform the header and content (or both) of a request or response. Filters differ from web components in that filters usually do not themselves create a response. Instead, a filter provides functionality that can be “attached” to any kind of web resource. Consequently, a filter should not have any dependencies on a web resource for which it is acting as a filter; this way it can be composed with more than one type of web resource.
The main tasks that a filter can perform are as follows:
- Query the request and act accordingly.
- Block the request-and-response pair from passing any further.
- Modify the request headers and data. You do this by providing a customized version of the request.
- Modify the response headers and data. You do this by providing a customized version of the response.
- Interact with external resources.
过滤器是一个对象,可以转换请求或响应的标头和内容(或两者)。过滤器与 Web 组件的不同之处在于过滤器本身通常不会创建响应。相反,过滤器提供可以“附加”到任何类型的 Web 资源的功能。因此,过滤器不应依赖于它充当过滤器的 Web 资源;通过这种方式,它可以由不止一种类型的网络资源组成。
过滤器可以执行的主要任务如下:
- 查询请求并采取相应措施。
- 阻止请求和响应对进一步传递。
- 修改请求头和数据。您可以通过提供请求的自定义版本来完成此操作。
- 修改响应头和数据。您可以通过提供自定义版本的响应来完成此操作。
- 与外部资源互动。
For authorization, a Filteris the best suited. Here's a basic kickoff example of how a filter checks requests for the logged-in user:
对于授权,aFilter是最合适的。以下是过滤器如何检查登录用户请求的基本启动示例:
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {
if (((HttpServletRequest) request).getSession().getAttribute("user") == null) {
// User is not logged in. Redirect to login page.
((HttpServletResponse) response).sendRedirect("login");
} else {
// User is logged in. Just continue with request.
chain.doFilter(request, response);
}
}
回答by kgiannakakis
Filters are best suited for authorization. This is because they can be configured to run for all pages of a site. So you only need one filter to protect all your pages.
过滤器最适合授权。这是因为它们可以配置为针对站点的所有页面运行。所以你只需要一个过滤器来保护你的所有页面。
回答by Navnath Adsul
Using filter we can improve servlet performance-- when request comes we can perform preprocessing on request, if request satisfies then we can forward to servlet otherwise give message to client provide appropriate information in request..
使用过滤器,我们可以提高 servlet 的性能——当请求到来时,我们可以对请求进行预处理,如果请求满足则我们可以转发给 servlet,否则给消息给客户端在请求中提供适当的信息。
