一、用户登录添加会话,实现会话跟踪
1、登录界面controller--login方法,账户退出登录,当前会话销毁
@RequestMapping("/selectLogin")
public String selectLogin(String usid,String upwd){
Users u = us.selectOne(usid);
//us.closeCon();
if (u != null && u.getUpwd().equals(upwd)) {
//创建会话
HttpSession session = request.getSession();
session.setAttribute("usid", u.getUsid());
return "main";
}else if (u == null) {
return "main";
}
return "login";
}
/**
* 销毁会话
* @return
*/
@RequestMapping("/selectLogout")
public String Logout() {
HttpSession session = request.getSession();
session.invalidate();
return "logout";
}
2、login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8">
<title></title>
<link rel="stylesheet" type="text/css" href="css/login.css">
</head>
<body>
<!--登陆主体开始-->
<div id="main">
<!-- 头像区开始-->
<div id="header-border">
<!-- 头像区内部开始-->
<div id="header-pic"></div>
<!-- 头像区内部结束-->
</div>
<!-- 头像区结束-->
<!-- 账号密码区开始-->
<form action="users/selectLogin" method="post">
<div id="account">
<div class="input">
<input type="text" id="usid" name="usid"
placeholder="please input username" />
</div>
<div class="input">
<input type="password" id="upwd" name="upwd"
placeholder="please input password" />
</div>
</div>
<!-- 账号密码区结束-->
<!-- 登陆按钮开始-->
<button id="login-btn">Sign In</button>
<!-- 登陆按钮结束-->
<!-- 登陆区底部开始-->
<div id="footer">< a href=" ">Forget Password?</ a></div>
</form>
<!-- 登陆区底部结束-->
</div>
<!--登陆主体结束-->
<!--引入jquery-->
<script src="js/jquery.js"></script>
<!-- 引入全局公共js文件 -->
<script type="text/javascript" src="js/global.js"></script>
<!-- 引入layer弹出层js功能 -->
<script type="text/javascript" src="js/layer/layer.js"></script>
<script type="text/javascript">
</script>
</body>
</html>
3、logout.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
<script type="text/javascript">
//最外层框架跳转到登录页
window.top.location.href = 'login.jsp';
</script>
</body>
</html>
二、配置拦截器
1、controller
package com.hqyj.controller;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
public class AuthIntercepter implements HandlerInterceptor {
@Override
public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
// TODO Auto-generated method stub
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3)
throws Exception {
// TODO Auto-generated method stub
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
System.out.println("拦截controller之前。。。"+handler);
//判断session
if(request.getSession().getAttribute("usid")==null) {
request.getRequestDispatcher("/error.jsp").forward(request, response);
//response.sendRedirect(request.getContextPath()+"/error.jsp");
return false;
}
return true;
}
}
2、配置spring-servlet.xml
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**" />
<mvc:exclude-mapping path="/**/select*"/>
<bean class="com.hqyj.controller.AuthIntercepter"></bean>
</mvc:interceptor>
</mvc:interceptors>
注:select**不拦截,不输入登录信息的人员只能查看,没有增加和修改的功能