在一个已经搭建好的ssm框架中,如何搭建ssm:https://blog.csdn.net/Ulquiorraheng/article/details/102781189
登录所需实体类,User,包含用户名密码
public class User {
private Integer id;
private String username;
private String password;
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
@Override
public String toString() {
return "User{" +
"id=" + id +
", username='" + username + '\'' +
", password='" + password + '\'' +
'}';
}
}
pom.xml配置文件添加
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>RELEASE</version>
</dependency>
applicationContext.xml中新增,exclude-mapping后配置的是不拦截的页面,class后的类,就是拦截方法
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<mvc:exclude-mapping path="/login" />
<bean class="Interceptor.LoginInterceptor" />
</mvc:interceptor>
</mvc:interceptors>
新增Interceptor包和LoginInterceptor类
LoginInterceptor方法如下,实现HandlerInterceptor
public class LoginInterceptor implements HandlerInterceptor {
@Override
public void afterCompletion(HttpServletRequest httpRequest,
HttpServletResponse httpResponse, Object arg2, Exception arg3)
throws Exception {
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
Object arg2, ModelAndView arg3) throws Exception {
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
Object object) throws Exception {
System.out.println("拦截器");
HttpSession session = request.getSession();
User user = (User) session.getAttribute("LOGINSESSION");
if(user!=null){
return true;
}
request.setAttribute("msg","您还没有登录");
request.getRequestDispatcher("/WEB-INF/views/login.jsp").forward(request,response);
return false;
}
}
Controller类中新增方法
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String tologin(){
return "login";
}
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(User user, ModelAndView modelAndView, HttpSession session){
String username = user.getUsername();
String password = user.getPassword();
if(!StringUtils.isEmpty(username)&&!StringUtils.isEmpty(password)
&&"aaa".equals(username)&&"bbb".equals(password)){
session.setAttribute("LOGINSESSION",user);
//此处设置session的过期时间,单位(秒)
session.setMaxInactiveInterval(60);
return "redirect:index";
}
modelAndView.addObject("msg","用户名或密码错误");
return "login";
}
@RequestMapping(value = "/logout")
public String logout(HttpSession session){
//清除session
session.invalidate();
//重定向到登录页面的跳转方法
return "redirect:login";
}
views中,添加index.jsp页面和login.jsp,logout.jsp页面
index.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" isELIgnored="false" %>
<html>
<head>
<title>Title</title>
</head>
<body>
当前用户:${USER_SESSION.username}
<a href="${pageContext.request.contextPath}/logout">退出</a>
书籍列表:
<br>
<table>
<tr>
<th>编号</th>
<th>书名</th>
<th>数量</th>
</tr>
<tbody>
<c:forEach items="${indexInfo}" var="indexInfo" >
<tr>
<td>${indexInfo.id}</td>
<td>${indexInfo.name}</td>
<td>${indexInfo.age}</td>
</tr>
</c:forEach>
</tbody>
</table>
</body>
</html>
login.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" isELIgnored="false" %>
<html>
<head>
<title>Title</title>
</head>
<body>
Login页面
${msg}
<form action="./login" method="post">
用户名:<input type="text" value="" name="username">
密码:<input type="text" value="" name="password">
<input type="submit" value="提交">
</form>
</body>
</html>
logout.jsp
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" isELIgnored="false" %>
<html>
<head>
<title>Title</title>
</head>
<body>
Login out
</body>
</html>
访问http://localhost:8080/ssmm-war/index即可
获取前端传递参数还可以这么写
@RequestMapping(value = "/login", method = RequestMethod.POST)
// public String login(User user, ModelAndView modelAndView, HttpSession session){
public String login(
@RequestParam("username") String username,
@RequestParam("password") String password,
HttpSession session,ModelAndView modelAndView
){
后端返回数据至前端还可以这么写
public String login(@RequestParam("username") String username, @RequestParam("password") String password, HttpSession session,
HttpServletRequest request
){
request.setAttribute("msg1","用户名或密码错误");
过滤器:配置web.xml时,总会配置下面一段设置字符编码
<filter>
<filter-name>encoding</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encoding</filter-name>
<servlet-name>/*</servlet-name>
</filter-mapping>
设置字符编码,避免乱码问题。它依赖于servlet容器,基于函数回调,一个过滤器实例只能在容器初始化时调用一次,过滤低俗文字、危险字符等
拦截器则依赖于web框架,执行顺序先执行过滤器,再执行拦截器,如又多个,则与注册顺序有关