目录
4、解决:过滤器过滤之前需要进行判断,当判断为login.jsp 或者 loginServlet 的请求资源时,就不进行过滤,放行。
❀ 欢迎、function1、function2、function3界面的jsp welcom.jsp、function1.jsp、function2.jsp、function3.jsp
1,问题如下:
2、打印一下请求的资源,发现:
3、分析原因:
问题出现在过滤器上,【web.xml 文件的配置上,我们配置是过滤所有资源: /*】,过滤器是把所有请求都过滤,第一次在浏览器输入 /login.jsp的请求,也被过滤器过滤了,导致它的用户没有存储到session中。
4、解决:过滤器过滤之前需要进行判断,当判断为login.jsp 或者 loginServlet 的请求资源时,就不进行过滤,放行。
// System.out.println("当前正在过滤的资源:" + req.getRequestURI());
//排除 掉过滤login.jsp 和 loginServlet的 情况
String requestUri = req.getRequestURI();
if(!("/login.jsp".equals(requestUri) || "/login".equals(requestUri))) {
//过滤没有登录的情况
Object user = req.getSession().getAttribute("USER_IN_SESSION");
if(user == null) { //没有登录
resp.sendRedirect("/login.jsp");
return;
}
}
❀ 最后,本例子的全部代码,包括配置文件如下:
❀ 登录过滤器 CheckLoginFilter
package com.shan.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* 检查登录的过滤器
* @author Huangyujun
*
*/
public class CheckLoginFilter implements Filter{
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
//类型转换
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse resp = (HttpServletResponse)response;
// System.out.println("当前正在过滤的资源:" + req.getRequestURI());
//排除 掉过滤login.jsp 和 loginServlet的 情况
String requestUri = req.getRequestURI();
if(!("/login.jsp".equals(requestUri) || "/login".equals(requestUri))) {
//过滤没有登录的情况
Object user = req.getSession().getAttribute("USER_IN_SESSION");
if(user == null) { //没有登录
resp.sendRedirect("/login.jsp");
return;
}
}
//放行
chain.doFilter(req, resp);
}
}
❀ 处理登录请求 LoginServlet
package com.shan.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* 登录的servlet
* @author Huangyujun
*
*/
@WebServlet("/login")
public class LoginServlet extends HttpServlet{
@Override
protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//接收 处理 跳转
String name = req.getParameter("username");
String password = req.getParameter("password");
System.out.println(name +"_" + password);
//登录完就把用户的账号设置到session中去
req.getSession().setAttribute("USER_IN_SESSION", name);
resp.sendRedirect("/welcome.jsp");
}
}
❀ 登录界面的jsp login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
<form action="/login" method="post">
账号:<input type="text" name="username" required/><br/>
密码:<input type="password" name="password"/><br/>
<input type="submit" value="提交"/>
</form>
</body>
</html>
❀ 欢迎、function1、function2、function3界面的jsp welcom.jsp、function1.jsp、function2.jsp、function3.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"%>
<hr/>
<a href="/function1.jsp">功能1</a>
<a href="/function2.jsp">功能2</a>
<a href="/function3.jsp">功能3</a>
<%@ page language="java" contentType="text/html; charset=UTF-8"%>
<hr/>
功能1
<%@ page language="java" contentType="text/html; charset=UTF-8"%>
<hr/>
功能2
<%@ page language="java" contentType="text/html; charset=UTF-8"%>
<hr/>
功能3
❀web.xml 配置文件
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd" id="WebApp_ID" version="4.0">
<display-name>filter-listener</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<filter>
<filter-name>CheckLoginFilter</filter-name>
<filter-class>com.shan.filter.CheckLoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CheckLoginFilter</filter-name>
<!-- 对哪些资源做出过滤 -->
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
✿ 优化一下:
<filter>
<filter-name>CheckLoginFilter</filter-name>
<filter-class>com.shan.filter.CheckLoginFilter</filter-class>
<!-- 通过初始化参数,在初始化参数存放不用过滤的请求资源-->
<!-- 但是当uncheckuris.xml的不用过滤的请求资源过多,也不完美的解决 -->
<!-- 通过规定不需要过滤的资源全部放到 /system 下【合理设计,优化】 -->
<!--
<init-param>
<param-name>unCheckUris</param-name>
<param-value>uncheckuris.xml</param-value>
</init-param>
-->
<init-param>
<param-name>unCheckUris</param-name>
<param-value>/system/*</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CheckLoginFilter</filter-name>
<!-- 对哪些资源做出过滤 -->
<url-pattern>/*</url-pattern>
</filter-mapping>