登录功能优化:
注销功能:
思路:移除session,返回登陆界面
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
req.getSession().removeAttribute(Constants.USER_SESSION);
resp.sendRedirect("/login.jsp"); //返回登陆界面
}
注册xml
<servlet>
<servlet-name>loginout</servlet-name>
<servlet-class>com.grandzio.servlet.LoginoutSevlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>loginout</servlet-name>
<url-pattern>/user/logout.html</url-pattern>
</servlet-mapping>
权限过滤器
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpServletRequest request =(HttpServletRequest) servletRequest;
//过滤器,从Session中获取用户
User user= (User) request.getSession().getAttribute(Constants.USER_SESSION);
if(user==null){
response.sendRedirect("/syserror.jsp");
}else{
filterChain.doFilter(servletRequest,servletResponse);
}
}
注册下xml
<filter>
<filter-name>sysFilter</filter-name>
<filter-class>com.grandzio.filter.Sysfilter</filter-class>
</filter>
<filter-mapping>
<filter-name>sysFilter</filter-name>
<url-pattern>/jsp/*</url-pattern>
</filter-mapping>
测试、登录、注销权限
关于javaservlet
resp.sendRedirect("/jsp/frame.jsp");
可以改变浏览器地址栏内容
req.getRequestDispatcher("/login.jsp").forward(req,resp);
地址栏不会发生变化