思路:
1.查看有没有session
2.继续判断session里边的属性是不是想要的
3.全部符合就放行,不符合跳转到登录页面
package com.briup.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.*;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginFliter implements Filter {
public void destroy() {
// TODO Auto-generated method stub
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
//通过session来判断是否登录
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse resp = (HttpServletResponse)response;
//可以创建但是不合理,因为我就是判断原来有没有 所以参数是false 当没有的时候,不用给我创建
HttpSession session = req.getSession(false);
if(session==null) {
//跳转到登录页面,使用绝对路径
resp.sendRedirect(req.getContextPath()+"/form/login.html");
}else {
//判断账号密码
if(session.getAttribute("name")!=null) {
chain.doFilter(request, response);
}else {
resp.sendRedirect(req.getContextPath()+"/form/login.html");
}
}
}
public void init(FilterConfig fConfig) throws ServletException {
// TODO Auto-generated method stub
}
}
登录页面:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>登录</title>
<style type="text/css">
.tnd{
color:blue;
font-size:30px;
}
</style>
</head>
<body>
<div id = " tnd">
<form action = " LoginFilter" >
账号:<input type="text" name ="username"><br>
密码:<input type = "password" name = "password"><br>
<input type="submit" value="提交" >
</form>
</div>
</body>
</html>
servlet:
package com.briup.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginServlet extends HttpServlet{
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
req.setCharacterEncoding("utf-8");
resp.setCharacterEncoding("utf-8");
String name = req.getParameter("name");
String password = req.getParameter("pwd");
if(name.equals("briup")&&password.equals("briup")) {
//内部跳转
HttpSession session = req.getSession();
session.setAttribute("name", name);
req.getRequestDispatcher("success.html").forward(req, resp);
//getRequestDispatcher(url) 这个是请求转发 URL是地址 forward是为了内部跳转
}else {
resp.sendRedirect("login.html");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
其实大体流程是:Filter对用户请求进行预处理,接着将请求交给 Servlet进行处理并生成响应,最后Filter再对服务器响应进行后处理。
也就是例如:action发出请求想买一本书,但是filter说我得先看看你交了钱没有,交了的话,我就让给你放行,让你可以见到书,最后,filter把书打包好送给你