实现未登录用户不能查看后台
1.新建UserFilter
对admin下的文件夹实现过滤功能,用户未登录时,不能查看这些admin下的这些界面
所以@WebFilter的路径设置为/admin/*
2.
HttpServletRequest httpRequest = (HttpServletRequest)req;
HttpServletResponse httpResponse = (HttpServletResponse)resp;
User user = (User)httpRequest.getSession().getAttribute("user");
if (user == null){
httpResponse.sendRedirect("/login.jsp");
}else{
chain.doFilter(req, resp);
}
3.新建LoginOutServlet
@WebServlet("/LoginOutServlet")
public class LoginOutServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doGet(request, response);
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
request.getSession().invalidate();
response.sendRedirect("login.jsp");
}
}