一、首先创建一个index.jsp界面
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>首页</title>
</head>
<body>
首页
<br>
<br>
<a href="<%= request.getContextPath()%>/17/hello.jsp">17hello.jsp</a>
<br>
<br>
<%
String flag="";
Object obj= session.getAttribute("flag");
if (obj!=null){
flag=obj.toString();
}
if(flag=="login_success"){
%>
<a href="<%= request.getContextPath()%>/LogoutServlet17">退出</a>
<%
}else{
%>
<a href="<%= request.getContextPath()%>/17/login.jsp">登录</a>
<%
}
%>
</body>
</html>
其中flag是用于后期权限过滤。记录只有登录了才可以访问该项目的网页。/17/hello.jsp作为这个网站的内容,是否访问可以用来测试权限过滤。
如果登录成功,就会显示退出超链接。如果是未登录,就会显示登录超链接,并跳转/17/login.jsp界面。
二、登录界面/17/login.jsp实现
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>登录界面</title>
<style type="text/css">
body{
color:#000;
font-size:14px;
margnin:20px auto;
}
</style>
<script type="text/javascript">
function check(form){
if(document.forms.loginForm.uname.value==""){
alert("请输入用户名!");
document.forms.loginForm.uname.focus();
return false;
}
if(document.forms.loginForm.pwd.value==""){
alert("请输入密码!");
document.forms.loginForm.pwd.focus();
return false;
}
}
</script>
</head>
<body>
<form action="<%=request.getContextPath() %>/LoginServlet17" method="post" name="loginForm">
<%if (request.getAttribute("return_uri")!=null) {%>
<%out.print("login登录界面判断return_uri"); %>
<input type="hidden" name="return_uri" value="<%=request.getAttribute("return_uri") %>">
<%} %>
<table border="1" cellspacing="0" cellpadding="5" bordercolor="silver" align="center">
<tr>
<td colspan="2" align="center" bgcolor="#E8E8E8">用户登录</td>
</tr>
<tr>
<td>用户名</td>
<td><input type="text" name="uname"></td>
</tr>
<tr>
<td>密码</td>
<td><input type="password" name="pwd"></td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" name="submin" οnclick="return check(this);">
<input type="reset" name="reset">
</td>
</tr>
</table>
</form>
</body>
</html>
提交按钮会先在本界面执行check()函数,来判断用户名和密码输入框中是否输入内容,如果没有输入,则进行提示并且将光标弹到输入框中。
return_uri会记录登录前的界面,如果登录前的界面是网页必须登录才能看到的网页,则会传递到这个参数中,方便登录成功后直接跳转登录前的界面。
因为这才是登录界面,所以有时从其他界面跳转过来时,需要在跳转的刀登录界面的过程中,将return_uri传递。
提交表单之后会跳转/LoginServlet17。
三、关于servlet在web.xml文件中的配置。
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0">
<display-name>servlet</display-name>
<filter>
<filter-name>PermissionFilter</filter-name>
<filter-class>com.ouc.filter.PermissionFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>PermissionFilter</filter-name>
<url-pattern>/17/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>LoginServlet17</servlet-name>
<servlet-class>com.ouc.servlet.LoginServlet17</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet17</servlet-name>
<url-pattern>/LoginServlet17</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>LoginServlet16</servlet-name>
<servlet-class>com.ouc.servlet.LoginServlet16</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet16</servlet-name>
<url-pattern>/LoginServlet16</url-pattern>
</servlet-mapping>
<filter>
<filter-name>FilterOne</filter-name>
<filter-class>com.ouc.filter.FilterOne</filter-class>
<init-param>
<param-name>param</param-name>
<param-value>zhangweidong_param</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>FilterOne</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>EncodingFilter</filter-name>
<filter-class>com.ouc.filter.EncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>EncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>checkServlet</servlet-name>
<servlet-class>com.ouc.servlet.CheckServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>checkServlet</servlet-name>
<url-pattern>/checkServlet</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>com.ouc.servlet.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/LoginServlet</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>HelloServlet</servlet-name>
<servlet-class>com.ouc.servlet.HelloServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>HelloServlet</servlet-name>
<url-pattern>/HelloServlet</url-pattern>
</servlet-mapping>
</web-app>
以上是这次实例中用到的配置。
每一个servlet配置中,总会有一对配置,如下:
<servlet>
<servlet-name>LoginServlet17</servlet-name>
<servlet-class>com.ouc.servlet.LoginServlet17</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet17</servlet-name>
<url-pattern>/LoginServlet17</url-pattern>
</servlet-mapping>
<servlet>中配置name并将配置所依赖的类的全路径名
<servlet-mapping>中将通过name名与真正的class匹配,并且配上mapping地址。可在跳转时执行该servlet。
四、登录跳转
1、首先因为我们的输入框中要允许输入中文,为了防止乱码,可以设置编码过滤器。
创建编码过滤器,在src中创建filter文件EncodingFilter
package com.ouc.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
/**
* Servlet Filter implementation class EncodingFilter
*/
public class EncodingFilter implements Filter {
private String charEncoding = null;
/**
* Default constructor.
*/
public void init(FilterConfig fConfig) throws ServletException {
charEncoding = fConfig.getInitParameter("encoding");
if (charEncoding == null) {
throw new ServletException("EncodingFilter中的编码设置为空");
}
}
public EncodingFilter() {
// TODO Auto-generated constructor stub
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
System.out.println("默认的编码为" + charEncoding);
System.out.println("请求页面中的编码为" + request.getCharacterEncoding());
if (!charEncoding.equals(request.getCharacterEncoding())) {
request.setCharacterEncoding(charEncoding);
}
response.setCharacterEncoding(charEncoding);
System.out.println("设置后默认的编码为" + charEncoding);
System.out.println("设置后请求页面中的编码为" + request.getCharacterEncoding());
chain.doFilter(request, response);
}
/**
* @see Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
/**
* @see Filter#init(FilterConfig)
*/
}
相对应的filter过滤器也需要在web.xml文件中进行配置:
<filter>
<filter-name>EncodingFilter</filter-name>
<filter-class>com.ouc.filter.EncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>EncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
其中格式和servlet类似。设置属性encoding,并且设置属性值为UTF-8.
2、权限过滤器的实现。即判断是否登录有权限。
创建filter文件
PermissionFilter
package com.ouc.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class PermissionFilter implements Filter {
/**
* Default constructor.
*/
public PermissionFilter() {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;//强制类型转换
HttpServletResponse resp = (HttpServletResponse) response;
String servletPath = req.getServletPath();//获取目前跳转的界面uri
HttpSession session = req.getSession();
System.out.println("========进入Permission========");
String flag = (String) session.getAttribute("flag");
if (servletPath != null && (servletPath.equals("/17/login.jsp")) || (servletPath.equals("/17/index.jsp"))
|| (servletPath.equals("/LoginServlet17"))) {
chain.doFilter(request, response);//直接不执行特定过滤程序,进行登录界面
} else {
if (flag != null && flag.equals("login_success")) {
System.out.println("已成功登陆");
chain.doFilter(request, response);//如果已经登录,则不进行过滤程序
} else if (flag != null && flag.equals("login_error")) {
req.setAttribute("msg", "用户登录失败。请重新登录~!<br>");
System.out.println("用户登录失败。请重新登录~!<br>");
req.setAttribute("return_uri", servletPath);//如果是登录失败,则将跳转的界面uri记录。
System.out.println(servletPath);
RequestDispatcher rd = request.getRequestDispatcher("/17/login.jsp");
rd.forward(req, resp);
} else {
req.setAttribute("msg", "你尚未登录");
System.out.println("你尚未登录");
req.setAttribute("return_uri", servletPath);//如果完全没有登录,则将跳转界面记录,并跳转登录界面
System.out.println(servletPath);
RequestDispatcher rd = request.getRequestDispatcher("/17/login.jsp");
rd.forward(req, resp);
}
}
}
/**
* @see Filter#destroy()
*/
public void destroy() {
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
// TODO Auto-generated method stub
}
}
权限过滤的filter配置文件如下
<filter>
<filter-name>PermissionFilter</filter-name>
<filter-class>com.ouc.filter.PermissionFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>PermissionFilter</filter-name>
<url-pattern>/17/*</url-pattern>
</filter-mapping>
其中/17/*是针对17文件夹下的界面进行过滤。如果换成/*则是对项目所有的界面进行界面权限过滤。
3、当编码和权限过滤没有问题时,就需要进行界面的判断并且进行跳转了
package com.ouc.servlet;
import java.io.IOException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LoginServlet17 extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* @see HttpServlet#HttpServlet()
*/
public LoginServlet17() {
super();
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
* response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
* response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String userName = request.getParameter("uname");
String password = request.getParameter("pwd");
String return_uri = request.getParameter("return_uri");
System.out.println("17de ceshi");
System.out.println("userName======>" + userName);
System.out.println("password=====>" + password);
System.out.println("return_uri=====>" + return_uri);
RequestDispatcher rd = null;
if (userName == null || password == null) {
request.setAttribute("msg", "用户名或密码为空!!!!");
rd = request.getRequestDispatcher("/17/login.jsp");
rd.forward(request, response);
} else {
if (userName.equals("张伟东") && password.equals("123")) {
request.getSession().setAttribute("flag", "login_success");
if (return_uri != null) {
System.out.println("LoginServlet17中的return_uri"+return_uri);
rd = request.getRequestDispatcher(return_uri);
rd.forward(request, response);
} else {
System.out.println("LoginServlet17中的return_uri为空");
rd = request.getRequestDispatcher("/17/index.jsp");
rd.forward(request, response);
}
} else {
request.getSession().setAttribute("flag", "login_error");
request.setAttribute("msg", "用户名或密码输入错误");
rd = request.getRequestDispatcher("/17/login.jsp");
rd.forward(request, response);
}
}
}
}
4、最后设置一个退出按钮。
package com.ouc.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LogoutServlet17 extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* @see HttpServlet#HttpServlet()
*/
public LogoutServlet17() {
super();
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
* response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
* response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.getSession().invalidate();
response.sendRedirect(request.getContextPath() + "/17/index.jsp");
}
}