登录页面
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>登录</title>
</head>
<body>
<form action="/servlet/login" method="post">
<input type="text" name="username">
<input type="submit">
</form>
</body>
</html>
登录成功
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>主页</title>
</head>
<body>
<h1>登录成功后</h1>
<p> <a href="/servlet/logout">注销</a> </p>
</body>
</html>
登录失败
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>错误鸟</title>
</head>
<body>
<h1>不在了</h1>
<h3>用户名无效</h3>
<a href="/login.jsp">重新登录</a>
</body>
</html>
后台servlet登录条件判断
import com.pangiggs.util.Constant;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class loginServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//获取前端请求的参数
String username = req.getParameter("username");
if (username.equals("admin")){
req.getSession().setAttribute(Constant.user_session,req.getSession().getId());
resp.sendRedirect("/sys/success.jsp");
}else {
resp.sendRedirect("/error.jsp");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
后台servlet登录注销条件判断
import com.pangiggs.util.Constant;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class loginoutServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Object user_session = req.getSession().getAttribute(Constant.user_session);
if (user_session!=null){
req.getSession().removeAttribute(Constant.user_session);
resp.sendRedirect("/login.jsp");
}else {
resp.sendRedirect("/login.jsp");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
定义一个session常量方便使用
public class Constant {
public final static String user_session = "user_session";
}
过滤器实现权限拦截,没有正确登录无法访问成功页面
import com.pangiggs.util.Constant;
import javax.servlet.*;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class SysFilter implements Filter {
public void init(FilterConfig filterConfig) throws ServletException {
}
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;//转换类型为父级
HttpServletResponse response = (HttpServletResponse) servletResponse;
if ( request.getSession().getAttribute(Constant.user_session)==null){
response.sendRedirect("/error.jsp");
}
filterChain.doFilter(servletRequest,servletResponse);
}
public void destroy() {
}
}
XML配置
<servlet>
<servlet-name>loginServlet</servlet-name>
<servlet-class>com.pangiggs.servlet.loginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>loginServlet</servlet-name>
<url-pattern>/servlet/login</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>loginoutServlet</servlet-name>
<servlet-class>com.pangiggs.servlet.loginoutServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>loginoutServlet</servlet-name>
<url-pattern>/servlet/logout</url-pattern>
</servlet-mapping>
<filter>
<filter-name>SysFilter</filter-name>
<filter-class>com.pangiggs.filter.SysFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SysFilter</filter-name>
<!--只要是/sys下的任何请求,都会经过这个过滤器 -->
<url-pattern>/sys/*</url-pattern>
</filter-mapping>