需求描述
有一个列表页list.jsp,五个子页面a.jsp,b.jsp,c.jsp.d.jsp,e.jsp,以及登陆界面login.jsp。如果用户不登陆,则可以访问list.jsp,a.jsp,login.jsp三个页面,如果登陆了,才可以访问所有页面
项目结构
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>javaWeb_33</display-name>
<welcome-file-list>
<welcome-file>test/list.jsp</welcome-file>
</welcome-file-list>
<context-param>
<param-name>sessionKey</param-name>
<param-value>sessionKey</param-value>
</context-param>
<context-param>
<param-name>redirectUrl</param-name>
<param-value>test/login.jsp</param-value>
</context-param>
<context-param>
<param-name>uncheckedUrls</param-name>
<param-value>/loginServlet,/test/a.jsp,/test/login.jsp,/test/list.jsp</param-value>
</context-param>
</web-app>
HttpFilter.java
package com.dao.chu;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
*
* <p>
* Title: HttpFilter
* </p>
* <p>
* Description: http请求定制Filter
* </p>
*/
public abstract class HttpFilter implements Filter {
/**
* 用于保存init(FilterConfig filterConfig)的FilterConfig对象
*/
private FilterConfig filterConfig;
/**
* 直接返回init(FilterConfig filterConfig)的FilterConfig对象
*/
public FilterConfig getFilterConfig() {
return filterConfig;
}
/**
* 不建议子类直接覆盖,将可能会导致filterConfig成员变量初始化失败
*/
@Override
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
init();
}
/**
* 供子类继承的初始化方法,可以通过getFilterConfig获取FilterConfig对象
*/
protected void init() {}
/**
* 原生的doFilter方法,在方法内部把ServletRequest和ServletResponse
* 转为了HttpServletRequest和HttpServletResponse并调用了 doFilter(HttpServletRequest
* httpRequest, HttpServletResponse httpResponse, FilterChain chain)方法
*
*
* 若编写Filter的过滤方法不建议直接继承该方法,而应该继承doFilter(ServletRequest request,
* ServletResponse response, FilterChain chain)
*/
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
doFilter(httpRequest, httpResponse, chain);
}
/**
* 抽象方法,为http请求定制,必需实现的方法
*
*/
public abstract void doFilter(HttpServletRequest httpRequest,
HttpServletResponse httpResponse, FilterChain chain)
throws IOException, ServletException;
/**
* 空的destroy方法
*/
@Override
public void destroy() {}
}
LoginServlet.java
package com.dao.chu;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
* Servlet implementation class LonginServlet
*/
@WebServlet("/loginServlet")
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
HttpSession session = request.getSession();
String name = request.getParameter("name");
//登陆成功将sessionkey放进session中,并返回list页面
if (null!=name&&!name.trim().equals("")) {
session.setAttribute(request.getServletContext().getInitParameter("sessionKey"), "sessionKey");
session.setAttribute("message", "登陆成功");
response.sendRedirect(request.getContextPath()+"/test/list.jsp");
return;
}
session.setAttribute("message", "登陆失败");
response.sendRedirect(request.getContextPath()+"/test/list.jsp");
}
}
LoginFilter.java
package com.dao.chu;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@WebFilter(urlPatterns = { "/*" })
public class LoginFilter extends HttpFilter {
//1.从web.xml文件中获取sessionKey,redirectUrl,uncheckedUrls
private String sessionKey;
private String redirectUrl;
private String uncheckedUrls;
@Override
protected void init() {
sessionKey = getFilterConfig().getServletContext().getInitParameter(
"sessionKey");
redirectUrl = getFilterConfig().getServletContext().getInitParameter(
"redirectUrl");
uncheckedUrls = getFilterConfig().getServletContext().getInitParameter(
"uncheckedUrls");
}
@Override
public void doFilter(HttpServletRequest httpRequest,
HttpServletResponse httpResponse, FilterChain chain)
throws IOException, ServletException {
//2.如果请求的url包含在uncheckedUrls中,则放行
String servletPath = httpRequest.getServletPath();
List<String> urls = Arrays.asList(uncheckedUrls.split(","));
if (urls.contains(servletPath)) {
chain.doFilter(httpRequest, httpResponse);
return;
}
//3.否则。如果sessionKey可以取到值,则放行,否则重定向到登陆页面
if (null != httpRequest.getSession().getAttribute(sessionKey)
&& !"".equals(httpRequest.getSession().getAttribute(
sessionKey))) {
chain.doFilter(httpRequest, httpResponse);
return;
}
httpResponse.sendRedirect(httpRequest.getContextPath()+"/"+redirectUrl);
}
}
a.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>a.jsp</title>
</head>
<body>
<h2>AAA HELLO</h2><BR>
<a href="<%=request.getContextPath() %>/test/list.jsp">返回</a>
</body>
</html>
b.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>b.jsp</title>
</head>
<body>
<h2>BBB HELLO</h2><BR>
<a href="<%=request.getContextPath() %>/test/list.jsp">返回</a>
</body>
</html>
c.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>c.jsp</title>
</head>
<body>
<h2>CCC HELLO</h2><BR>
<a href="<%=request.getContextPath() %>/test/list.jsp">返回</a>
</body>
</html>
d.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>d.jsp</title>
</head>
<body>
<h2>DDD HELLO</h2><BR>
<a href="<%=request.getContextPath() %>/test/list.jsp">返回</a>
</body>
</html>
e.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>e.jsp</title>
</head>
<body>
<h2>EEE HELLO</h2><BR>
<a href="<%=request.getContextPath() %>/test/list.jsp">返回</a>
</body>
</html>
list.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>list.jsp</title>
</head>
<body>
${sessionScope.message }
<br><br>
<a href="<%=request.getContextPath() %>/test/a.jsp">AAA</a><br><br>
<a href="<%=request.getContextPath() %>/test/b.jsp">BBB</a><br><br>
<a href="<%=request.getContextPath() %>/test/c.jsp">CCC</a><br><br>
<a href="<%=request.getContextPath() %>/test/d.jsp">DDD</a><br><br>
<a href="<%=request.getContextPath() %>/test/e.jsp">EEE</a><br><br>
<a href="<%=request.getContextPath() %>/test/login.jsp">登陆</a>
</body>
</html>
login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>login.jsp</title>
</head>
<body>
<form action="<%=request.getContextPath() %>/loginServlet">
<input type="text" name="name">
<input type="submit" value="提交">
</form>
</body>
</html>
运行效果
列表页
未登录访问a.jsp
未登录访问b.jsp
登陆
登陆成功
登陆后访问b.jsp