526互联

Filter/Servlet/JSP_过滤器登录页面实现

发布时间 2023-06-14 07:10:35作者: ming1010

步骤

1.form表单请求登录

2.验证登录成功,进入登录成功页面

3.权限拦截:当直接通过登录成功的URL访问时(跳过用户登录验证),不能直接访问。

核心代码部分:

LoginServlet用户名验证:

 1 protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
 2         String username = req.getParameter("username");
 3         System.out.println(username);
 4         if (username.equals("admin")){
 5             req.getSession().setAttribute(Constant.USER_SESSION, req.getSession().getId());
 6             resp.sendRedirect("/sys/success.jsp");
 7         }else{
 8             resp.sendRedirect("/error.jsp");
 9         }
10     }

LogoutServlet session判断:

 1  protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
 2         Object user_session = req.getSession().getAttribute(Constant.USER_SESSION);
 3         if(user_session!=null){
 4             req.getSession().removeAttribute(Constant.USER_SESSION);
 5             resp.sendRedirect("/Login.jsp");
 6         }else {
 7             resp.sendRedirect("/Login.jsp");
 8         }
 9 
10     }

在success.jsp页面判断 非法URL是否可以登录(一般不在jsp页面,而是通过filter实现):

 1 <body>
 2 <%--不用filter,在success页面判断,session为空,则返回Login,就不用http://localhost:8080/sys/success.jsp直接能访问--%>
 3 <%
 4     Object attribute = request.getSession().getAttribute(Constant.USER_SESSION);
 5     if(attribute==null){
 6         response.sendRedirect("/Login.jsp");
 7     }
 8 %>
 9 <h1>home</h1>
10 <p><a href="/servlet/logout">Logout</a></p>
11 </body>
12 </html>

Filter权限拦截:对URL:http://localhost:8080/sys/success.jsp进行过滤,同上。

 1 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
 2         HttpServletRequest req = (HttpServletRequest)request;
 3         HttpServletResponse resp =(HttpServletResponse)response;
 4 
 5         if(req.getSession().getAttribute(Constant.USER_SESSION)==null){
 6             resp.sendRedirect("/Login.jsp");
 7         }
 8         chain.doFilter(req,resp);
 9 
10     }

注意:这里ServletRequest,ServletResponse需要进行强转。

web.xml配置

 1 <filter>
 2     <filter-name>CharacterEncodingFilter</filter-name>
 3     <filter-class>com.ming.filter.CharacterEncodingFilter</filter-class>
 4   </filter>
 5 
 6   <filter-mapping>
 7     <filter-name>CharacterEncodingFilter</filter-name>
 8     <!--过滤servlet下的任何请求-->
 9     <url-pattern>/servlet/*</url-pattern>
10   </filter-mapping>
11 
12   <filter>
13     <filter-name>SysFilter</filter-name>
14     <filter-class>com.ming.listener.SysFilter</filter-class>
15   </filter>
16   <filter-mapping>
17     <filter-name>SysFilter</filter-name>
18     <url-pattern>/sys/*</url-pattern>
19   </filter-mapping>

 常量需要用一个类来保存:

1 package com.ming.util;
2 
3 public class Constant {
4     public static final String USER_SESSION = "USER_SESSION";
5 }