以下通过session来设置登录主界面时,通过过滤器filter判断是否已经登录过,如果已经登陆过可以直接访问主界面,如果没有,需要重新登陆。
实现功能,当第一次登陆时,经过账号密码判断后进入页面,顺便得到一个session值,当第二次登陆时,如果有这个相匹配的session值,则说明有
此账号才登陆过,这时候可以在地址内直接访问主界面,如果没有这个session值,说明还没有登陆,则不能直接访问主界面,需要跳到登陆界面登陆。
1.登陆页面 login.jsp 代码:
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>登录</title>
</head>
<body>
<form action="LoginServlet" method="post">
账号:<input type="text" name="username" value=""/><br/>
密码:<input type="password" name="psw" value=""/> <br/>
<input type="submit" value="提交"/>
<span style="font-size: 12px;color: red" ><%=request.getAttribute("message")==null?"": request.getAttribute("message")%></span>
</form>
</body>
</html>
2.登陆成功后的主界面 mainframe.jsp 代码
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<h1>登录主界面</h1>
</body>
</html>
3.web.xml里面配置代码
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" id="WebApp_ID" version="3.1">
<display-name>filtertest</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>com.ly.filter.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/LoginServlet</url-pattern>
</servlet-mapping>
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.ly.filter.LoginFilter</filter-class>
<init-param> <!--初始化参数-->
<param-name>encoding</param-name> <!--参数名称-->
<param-value>UTF-8</param-value> <!--参数值-->
</init-param>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
</web-app>
4.form表单,跳转到的LoginServlet代码
package com.ly.filter;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginServlet extends HttpServlet {
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//获得账号密码的值
String userName=request.getParameter("username");
String passWord=request.getParameter("psw");
if("admin".equals(userName)&&"123".equals(passWord)){
//第一次登陆时,产生一个session值
HttpSession session =request.getSession();
//将账号userName的值存进session里
session.setAttribute("sessionvalue", userName);
request.getRequestDispatcher("mainframe.jsp").forward(request, response);
}else{
request.setAttribute("message", "账号或者密码有误");
request.getRequestDispatcher("login.jsp").forward(request, response);
}
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doGet(request, response);
}
}
5.过滤器LoginFilter里面的代码
package com.ly.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
//实现功能,当第一次登陆时,经过账号密码判断后进入页面,顺便得到一个session值,当第二次登陆时,如果有这个相匹配的session值,则说明有
//此账号才登陆过,这时候可以在地址内直接访问主界面,如果没有这个session值,说明还没有登陆,则不能直接访问主界面,需要跳到登陆界面登陆。
public class LoginFilter implements Filter {
public LoginFilter() {
}
public void destroy() {
}
//encoding设为全局变量
String encoding=null;
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
if(encoding!=null){
//设置request字符编码
request.setCharacterEncoding(encoding);
//设置response字符编码
response.setContentType("text/html;charset="+encoding);
}
//转换为HttpServletRequest后,才能调用getRequestURI方法得到其uri;
HttpServletRequest req=(HttpServletRequest) request;
String uri=req.getRequestURI();
System.out.println(uri);
/*
* 如果是登录界面相关的页面直接放行
*/
//uri地址以login.jsp;LoginServlet结尾的直接放行
if(uri.endsWith("login.jsp")||uri.endsWith("LoginServlet")){
chain.doFilter(request, response);//请求通过,直接放行
// 如果是登录界面相关的页面直接放行,然后return,不再执行下面的代码
return;
}
//登陆时,调用过滤器方法时候,产生一个session
HttpSession session=req.getSession();
//取出在LoginServlet里面设置的session值
String userName=(String) session.getAttribute("sessionvalue");
//如果session值为空,说明没有登陆过,需要重新登陆
if(userName==null){
request.getRequestDispatcher("login.jsp").forward(request, response);
}else{
//如果不为空,说明已经登录过了,直接放行
chain.doFilter(request, response);
}
}
public void init(FilterConfig fConfig) throws ServletException {
//得到web.xml里面的初始化参数UTF-8;
encoding=fConfig.getInitParameter("encoding");
}
}