jsp:通过Session控制登陆时间和内部页面的访问

一，通过session的关闭浏览器销毁，和使用getAttribute设置session对象值来控制页面用户是否有权限进入。

1，以下是登陆页面的代码，使用表单提交数据给一个servlet进行数据的处理

<form action="com.in.User" method="post">
<div class="loginbox">
<div class="errorbox"><i class="error"></i>用户名或密码错误，请重新输入！</div>
<div class="logongroup">
<input class="intext" type="text" name="UserName" placeholder="用户名" />
<i class="user"></i>
</div>
<div class="logongroup">
<input class="intext" type="password" name="PassWord" placeholder="密码" />
<i class="password"></i>
</div>
<div class="logongroup submitbox">
<button class="submitbtn" type="submit">登&nbsp;&nbsp;录</button>
</div>
</div>
</form>

2，创建一个名为User的servlet页面

　　　　在doget方法中创建session对象，使用setAttribute方法为其赋值，

package com.in;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class User extends HttpServlet {

    /**
     * Constructor of the object.
     */
    public User() {
        super();
    }

    /**　　
     * Destruction of the servlet. <br>
     */
    public void destroy() {
        super.destroy(); // Just puts "destroy" string in log
        // Put your code here
    }

    /**
     * The doGet method of the servlet. <br>
     *
     * This method is called when a form has its tag value method equals to get.
     * 
     * @param request the request send by the client to the server
     * @param response the response send by the server to the client
     * @throws ServletException if an error occurred
     * @throws IOException if an error occurred
     */
    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        HttpSession session=request.getSession();
        session.setAttribute("user","yes");
        request.getRequestDispatcher("default.jsp").forward(request, response);
        
    }

    /**
     * The doPost method of the servlet. <br>
     *
     * This method is called when a form has its tag value method equals to post.
     * 
     * @param request the request send by the client to the server
     * @param response the response send by the server to the client
     * @throws ServletException if an error occurred
     * @throws IOException if an error occurred
     */
    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
    }

    /**
     * Initialization of the servlet. <br>
     *
     * @throws ServletException if an error occurs
     */
    public void init() throws ServletException {
        // Put your code here
    }

}

 3，在登陆之后的页面中加入以下代码，以控制页面的访问权限。

　　　　放在<body>的下方，如果session为空或不等于上面赋的值，便跳转到登陆页面，重新为session赋值。

<%
        String aa=(String)session.getAttribute("user");
        if(!"yes".equals(aa)||aa==null){
        response.sendRedirect("longin.jsp");
        }
 %>

 

转载于:https://www.cnblogs.com/dybe/p/8035323.html