关于WEB页面刷新重复提交问题 - Servlet篇(拦截器)

1:利用UUID生成Session令牌

简单说一下逻辑:首先是GET的login请求通过LoginServlet之前会生成一个UUID Session令牌,这个令牌会在表单中显示,然后点提交,在拦截器中会拦截到请求的Session令牌,会对比一下表单的Session令牌与之前生成的Session是否相同 相同则是第一次提交 不同则不是第一次提交,可以进行一些反复提交的响应处理;

项目目录结构

jsp文件

<form action="login" method="post" name="login">
    <div>UUID:${token}</div>
    <input type="hidden" name="token" value="${token}">
    UserName:<input type="text" name="username" /> <br />
    Password:<input type="password" name="password" /> <br />
    <div><a>${msg}</a></div>
    <input type="button" value="Login" οnclick="username.value != '' && password != '' ? login.submit() : null;">    	
</form>

拦截器类

import java.io.IOException;
import java.util.UUID;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

public class FileToken implements Filter {

	@Override
	public void destroy() {
		
	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain filterChain) throws IOException, ServletException {
		HttpServletRequest req = (HttpServletRequest) request;
		String serviceToken = (String) req.getSession().getAttribute("token");
		String token = request.getParameter("token");
		req.getSession().setAttribute("token", UUID.randomUUID().toString());
		if (serviceToken == null) {
			System.out.println("serviceToken 为空!");
			filterChain.doFilter(request, response);
			return;
		}
		if (token == null) {
			System.out.println("token 为空!");
			filterChain.doFilter(request, response);
			return;
		}
		if (serviceToken.equals(token)) {
			System.out.println("没有重复提交!");
			filterChain.doFilter(request, response);
			req.getSession(false).setAttribute("token", "");
			return;
		} else {
			System.out.println("重复提交!");
			//resp.sendRedirect(req.getRequestURL().toString());
			return;
		}
	}

	@Override
	public void init(FilterConfig arg0) throws ServletException {
		
	}

}

xml 配置

<!-- 判断重复提交 -->
  <filter>
  	<filter-name>token</filter-name>
  	<filter-class>com.goods.util.FileToken</filter-class>
  </filter>
  <filter-mapping>
  	<filter-name>token</filter-name>
  	<url-pattern>/*</url-pattern>
  </filter-mapping>
  
  <!-- 登录 -->
  <servlet>
  	<servlet-name>login</servlet-name>
  	<servlet-class>com.goods.servlet.LoginServlet</servlet-class>
  </servlet>
  <servlet-mapping>
  	<servlet-name>login</servlet-name>
  	<url-pattern>/login</url-pattern>
  </servlet-mapping>

Servlet

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.goods.entity.User;
import com.goods.service.UserService;

public class LoginServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;
	
	@Override
	protected void doPost(HttpServletRequest req, HttpServletResponse resp)
			throws ServletException, IOException {
		
		String userName = req.getParameter("username");
		String password = req.getParameter("password");
		
		UserService userService = new UserService();
		User user = userService.login(userName, password);
		
		if (user == null) {
			req.setAttribute("msg", "没有此用户 !请注册!");
			req.getRequestDispatcher("WEB-INF/jsp/login.jsp").forward(req, resp);
		} else if (!user.getPwd().equals(password)) {
			req.setAttribute("msg", "请检查密码!");
			req.getRequestDispatcher("WEB-INF/jsp/login.jsp").forward(req, resp);
		} else {
			user.setPwd("***");
			System.out.println("登录成功!" + user.toString());
			req.getSession(false).setAttribute("user", user);
			req.getRequestDispatcher("WEB-INF/jsp/home.jsp").forward(req, resp);
		}
	}
	
	@Override
	protected void doGet(HttpServletRequest req, HttpServletResponse resp)
			throws ServletException, IOException {
		req.getRequestDispatcher("WEB-INF/jsp/login.jsp").forward(req, resp);
	}
}

home.jsp // 防止刷新再加强

<script type="text/javascript">
    if (location.href != "http://localhost:8888/Goods/home") {
        location.href = "http://localhost:8888/Goods/home";
    }
</script>



评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值