用户登录之后才能进入主页!用户注销后就不能进入主页了!
-
用户登录之后,向Sesison中放入用户的数据
-
进入主页的时候要判断用户是否已经登录;要求:在过滤器中实现!
首先是登录页面,login.jsp完成,
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<h1>登录页面</h1>
<div>
<form action="${pageContext.request.contextPath}/servlet/loginServlet" method="post">
<input type="text" name="username">
<input type="submit">
</form>
</div>
</body>
</html>
其中EL表达式中的值为Tomcat中设置的应用上下文的值
为了便于变量的管理,编写了util目录下面的Constant类
package com.kuang.util;
public class Constant {
public static final String USER_SESSION = "USER_SESSION";
}
登录后执行的sevlet层的操作为loginServlet.java,其中用到的req.getContextPath()的值也是上图中的Tomcat中设置的应用上下文的值。
package com.kuang.servlet;
import com.kuang.util.Constant;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class loginServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String username = req.getParameter("username");
if(username.equals("admin")){ //登录成功
req.getSession().setAttribute(Constant.USER_SESSION,req.getSession().getId());
// System.out.println(req.getContextPath()); // "/javaweb_filter_02_war"所设置的tomcat地址
resp.sendRedirect(req.getContextPath() + "/sys/loginSuccess.jsp"); //正确
// resp.sendRedirect("/sys/loginSuccess.jsp"); //错误
} else { //登录失败
resp.sendRedirect(req.getContextPath()+"/loginFail.jsp");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
其中的登录失败的重定向页面为loginFail.jsp页面 ,在失败后的”重新登录“页面为原来的登录页面,即login.jsp页面
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<h1>登录失败</h1>
<a href="${pageContext.request.contextPath}/login.jsp">重新登录</a>
</body>
</html>
登录成功重定向页面为sys目录下面的loginSuccess.jsp页面
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<h1>登录成功</h1>
<a href="${pageContext.request.contextPath}/servlet/loginOutServlet">注销</a>
</body>
</html>
成功页面中的注销执行的servlet层的操作为loginOutServlet.java
package com.kuang.servlet;
import com.kuang.util.Constant;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class loginOutServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
if(req.getSession().getAttribute(Constant.USER_SESSION) != null){
req.getSession().removeAttribute(Constant.USER_SESSION);
resp.sendRedirect(req.getContextPath()+"/login.jsp");
} else {
resp.sendRedirect(req.getContextPath()+"/login.jsp"); //session中的属性在其他地方去除时,在此处返回,让程序更健壮
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
如代码所示,在执行注销操作后重定向到登录页面,即login.jsp
其中为防止在未登录成功情况下跳转到”登录成功“页面,实现如下过滤器sysFilter
package com.kuang.filter;
import com.kuang.util.Constant;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class sysFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest; //为了取到Session而进行的强转
HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse; //servletRequest HttpServletRequest 是父子关系
Object attribute = httpServletRequest.getSession().getAttribute(Constant.USER_SESSION);
if(attribute == null){
httpServletResponse.sendRedirect(httpServletRequest.getContextPath()+"/loginFail.jsp");
}
filterChain.doFilter(servletRequest,servletResponse);
}
@Override
public void destroy() {
}
}
所有的web.xml配置如下,其中过滤器过滤sys目录下的所有页面
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
version="4.0"
metadata-complete="true">
<servlet>
<servlet-name>loginServlet</servlet-name>
<servlet-class>com.kuang.servlet.loginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>loginServlet</servlet-name>
<url-pattern>/servlet/loginServlet</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>loginOutServlet</servlet-name>
<servlet-class>com.kuang.servlet.loginOutServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>loginOutServlet</servlet-name>
<url-pattern>/servlet/loginOutServlet</url-pattern>
</servlet-mapping>
<filter>
<filter-name>loginFilter</filter-name>
<filter-class>com.kuang.filter.sysFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>/sys/*</url-pattern>
</filter-mapping>
</web-app>
最后为所需要用到的依赖
<dependencies>
<!-- Servlet 依赖-->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.5</version>
</dependency>
<!-- JSP 依赖-->
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>javax.servlet.jsp-api</artifactId>
<version>2.3.3</version>
</dependency>
<!-- JSTL表达式的依赖-->
<dependency>
<groupId>javax.servlet.jsp.jstl</groupId>
<artifactId>jstl-api</artifactId>
<version>1.2</version>
</dependency>
<!-- Standard标签库-->
<dependency>
<groupId>taglibs</groupId>
<artifactId>standard</artifactId>
<version>1.1.2</version>
</dependency>
</dependencies>