写一个登录例子:
用户在login.jsp页面登录,如果用户名是zhangsan,密码为123,并且选择的普通用户,则登录成功。或用户名是lisi,密码为456,且选择的是管理员,则登录成功。如果登录失败,则返回到登录页面,并且在登录页面保留之前输入过的用户名及选择的用户类型。
User.java
package com.test.bean;
public class User {
private String username;
private String password;
private String authority;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getAuthority() {
return authority;
}
public void setAuthority(String authority) {
this.authority = authority;
}
}
login.jsp 登录页面
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<html>
<body>
<%String authority = (String)request.getAttribute("authority"); %>
<form action="/servletTest/UserLoginServlet" method="post">
用户名:<input type="text" name="username" value="<%= null == request.getAttribute("username") ? "": request.getAttribute("username")%>"/><br>
密码:<input type="password" name="password"/><br>
authority:
<select name="authority">
<option value="1" <%= "1".equals(authority)? "selected":""%>>common user</option>
<option value="2" <%= "2".equals(authority)? "selected":""%>>administrator</option>
</select><br>
<input type="submit" value="submit">
</form>
</body>
</html>
UserLoginServlet.java
package com.test.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.test.bean.User;
public class UserLoginServlet extends HttpServlet {
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String username = request.getParameter("username");
String password = request.getParameter("password");
String authority = request.getParameter("authority");
if("1".equals(authority)){
//登录的是普通用户
if("zhangsan".equals(username) && "123".equals(password)){
User user = new User();
user.setUsername(username);
user.setPassword(password);
user.setAuthority(authority);
HttpSession session = request.getSession();
session.setAttribute("user", user);
request.getRequestDispatcher("/session/index.jsp").forward(request, response);
}else{//登录失败
request.setAttribute("username", username);
request.setAttribute("password", password);
request.setAttribute("authority", authority);
request.getRequestDispatcher("session/login.jsp").forward(request, response);
}
}
else if("2".equals(authority)){
//登录的系统管理员
if("lisi".equals(username) && "456".equals(password)){
User user = new User();
user.setUsername(username);
user.setPassword(password);
user.setAuthority(authority);
HttpSession session = request.getSession();
session.setAttribute("user", user);
request.getRequestDispatcher("/session/index.jsp").forward(request, response);
}else{//登录失败
request.setAttribute("username", username);
request.setAttribute("password", password);
request.setAttribute("authority", authority);
request.getRequestDispatcher("session/login.jsp").forward(request, response);
}
}else{
request.setAttribute("username", username);
request.setAttribute("password", password);
request.setAttribute("authority", authority);
request.getRequestDispatcher("session/login.jsp").forward(request, response);
}
}
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
super.doGet(req, resp);
}
}
以上servlet也可以改为重定向的方式实现:
response.sendRedirect("login.jsp?username="+username+"&password="+password);
在login.jsp页面必须改为request.getParameter()来接收servlet转回的username及password。
index.jsp 显示两个链接:query和update,只有管理员才显示update链接
<%@ page language="java" import="com.test.bean.*" pageEncoding="UTF-8"%>
<html>
<body>
<%
User user = (User)session.getAttribute("user");
if(null == user){
response.sendRedirect("login.jsp");
return;
}
%>
<a href="QueryServlet">query</a><br>
<!--只有管理员才显示update链接 -->
<%if(((User)session.getAttribute("user")).getAuthority().equals("2")){ %>
<a href="UpdateServlet">update</a><br>
<%} %>
</body>
</html>
QueryServlet.java
package com.test.servlet;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class QueryServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
HttpSession session = request.getSession();
//如果 session中没有用户,则重定向到登录页面
if(null == session.getAttribute("user")){
response.sendRedirect("session/login.jsp");
return;
}
response.getWriter().print("welcome");
}
}