本文详细介绍了Servlet的基础知识,包括Servlet接口、类及其配置方式,如web.xml和注解。涵盖了HTTP协议、Servlet生命周期、状态管理和Session原理,还展示了如何结合数据库操作、过滤器和权限验证进行实战应用。
目录
1、Servlet
1.1编写servlet
重写5个方法
- init
- getServletConfig
- service
- getServletInfo
- destroy
package com.wyy.servlet;
import jakarta.servlet.*;
import java.io.IOException;
import java.util.Date;
public class MyServlet implements Servlet {
@Override
public void init(ServletConfig servletConfig) throws ServletException {
}
@Override
public ServletConfig getServletConfig() {
return null;
}
@Override
public void service(ServletRequest servletRequest, ServletResponse servletResponse) throws ServletException, IOException {
System.out.println("My Servlet");
System.out.println(new Date());
System.out.println("12344");
}
@Override
public String getServletInfo() {
return null;
}
@Override
public void destroy() {
}
}
1.2配置web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
version="4.0">
<servlet>
<servlet-name>my</servlet-name>
<servlet-class>com.wyy.servlet.MyServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>my</servlet-name>
<url-pattern>/myservlet</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>gs</servlet-name>
<servlet-class>com.wyy.servlet.GenServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>gs</servlet-name>
<url-pattern>/gs</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>hs</servlet-name>
<servlet-class>com.wyy.servlet.httpsServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>hs</servlet-name>
<url-pattern>/hs</url-pattern>
</servlet-mapping>
</web-app>
1.3关联第三方jar包
1.4导出war包
把war放入Tomcat的webapps目录,启动Tomcat自动解压访问即可
2.HTTP协议
2.1请求报文
2.2响应报文
2.3常见状态码
3.Servlet详解
3.1核心接口和类
3.1.1Servlet接口
- init
- getServletConfig
- service
- getServletInfo
- destroy
3.1.2Servlet类
- GenericServlet
- HttpServlet
GenericServlet
提供生命周期方法init和destroy的简单实现,要编写一般的Servlet只需重写抽象service方法
package com.wyy.servlet;
import jakarta.servlet.GenericServlet;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import java.io.IOException;
public class GenServlet extends GenericServlet {
@Override
public void service(ServletRequest servletRequest, ServletResponse servletResponse) throws ServletException, IOException {
System.out.println("hi~~~");
}
}
HttpServlet(推荐!)
doGet
doPost
package com.wyy.servlet;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
public class httpsServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
System.out.println("get");;
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
System.out.println("post");
}
}
3.2两种配置方式
3.2.1使用web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
version="4.0">
<servlet>
<servlet-name>my</servlet-name>
<servlet-class>com.wyy.servlet.MyServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>my</servlet-name>
<url-pattern>/myservlet</url-pattern>
</servlet-mapping>
</web-app>
3.2.2使用注解
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet(value = {"/bs","/bss"})
public class basicServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
System.out.println("get");
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
System.out.println("post");
}
}
4.Servlet应用
4.1request对象
在Servlet中用来处理客户端请求需要用doGet或doPost方法的request对象
主要方法
req.getParameter(String name); //根据表单组件名称获取提交数据
HTML
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>登录页面</title>
</head>
<body>
<form action="/web1_war_exploded/login" method="post">
用户名:<input type="text" name="username"/><br>
密码:<input type="password" name="password"/><br>
<input type="submit" value="登录"/>
</form>
</body>
</html>
Servlet
package com.wyy.servlet2;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
@WebServlet(value = "/rs")
public class registerServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//获取用户请求的数据
String username = req.getParameter("username");
String password = req.getParameter("password");
System.out.println("提交的数据: " + username + " " + password);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//获取用户请求的数据
String username = req.getParameter("username");
String password = req.getParameter("password");
//System.out.println("提交的数据: " + username + " " + password);
//相应数据给客户端
resp.setContentType("text/html;charset=utf-8");
PrintWriter printWriter = resp.getWriter();
printWriter.println("注册成功");
}
}
4.2response对象
response对象用于响应客户端请求并向客户端输出信息
主要方法
resp.getWriter();//获取字符输出流
PrintWriter printWriter = resp.getWriter();
if (admin != null){
//相应结果成功
printWriter.println("<html>");
printWriter.println("<head>");
printWriter.println("<meta charset='UTF-8'>");
printWriter.println("<title>结果页面</title>");
printWriter.println("</head>");
printWriter.println("<body>");
printWriter.println("<h1>登陆成功!!!!</h1>");
printWriter.println("</body>");
printWriter.println("</html>");
}else {
//相应结果失败
printWriter.println("<html>");
printWriter.println("<head>");
printWriter.println("<meta charset='UTF-8'>");
printWriter.println("<title>结果页面</title>");
printWriter.println("</head>");
printWriter.println("<body>");
printWriter.println("<h1>登陆失败</h1>");
printWriter.println("</body>");
printWriter.println("</html>");
}
4.3综合案例
4.3.1数据库
create table admin(
username varchar(20) primary key not null ,
password varchar(20) not null ,
phone varchar(11) not null ,
address varchar(20) not null
);
insert into admin(username, password, phone, address) value ('gavin','123456',
'12233445566','西安');
select * from admin;
insert into admin(username, password, phone, address) value ('gavin2','123456',
'12233445566','xian');
4.3.2DBUtils
连接数据库
package com.wyy.servletProject.utils;
import java.sql.*;
public class DbUtils {
private DbUtils(){
}
//静态方法
static {
try {
Class.forName("com.mysql.cj.jdbc.Driver");
} catch (ClassNotFoundException e) {
e.printStackTrace();
}
}
/**
* 获取数据库连接对象
* @return 连接对象
* @throws SQLException
*/
public static Connection getConnection() throws SQLException {
return DriverManager.getConnection("jdbc:mysql://localhost:3306/bjpowernode","root","123456");
}
public static void commit(){
Connection connection = null;
try {
connection = getConnection();
connection.commit();
} catch (SQLException throwables) {
throwables.printStackTrace();
}finally {
close(connection,null,null);
}
}
public static void rollback(){
Connection connection = null;
try {
connection = getConnection();
connection.rollback();
} catch (SQLException throwables) {
throwables.printStackTrace();
}finally {
close(connection,null,null);
}
}
/**
* 关闭资源
* @param conn 连接对象
* @param ps 数据库操作对象
* @param rs 结果集
*/
public static void close(Connection conn, Statement ps, ResultSet rs){
if (rs != null){
try {
rs.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
if (ps != null){
try {
ps.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
if (conn != null){
try {
conn.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
}
}
4.3.3 Admin
package com.wyy.servletProject.entity;
public class Admin {
private String username;
private String password;
private String phone;
private String address;
public Admin(String username, String password, String phone, String address) {
this.username = username;
this.password = password;
this.phone = phone;
this.address = address;
}
public Admin() {
}
@Override
public String toString() {
return "Admin{" +
"username='" + username + '\'' +
", password='" + password + '\'' +
", phone='" + phone + '\'' +
", addres='" + address + '\'' +
'}';
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getPhone() {
return phone;
}
public void setPhone(String phone) {
this.phone = phone;
}
public String getAddress() {
return address;
}
public void setAddress(String address) {
this.address = address;
}
}
4.3.4 DAO
AdminDao
package com.wyy.servletProject.dao;
import com.wyy.servletProject.entity.Admin;
import java.util.List;
public interface AdminDao {
public int insert(Admin admin);
public int delete(String usermane);
public int update(Admin admin);
public Admin select(String username);
public List<Admin> selectAll();
}
AdminDaoImpl
package com.wyy.servletProject.dao.impl;
import com.wyy.servletProject.dao.AdminDao;
import com.wyy.servletProject.entity.Admin;
import com.wyy.servletProject.utils.DbUtils;
import org.apache.commons.dbutils.QueryRunner;
import org.apache.commons.dbutils.handlers.BeanHandler;
import org.apache.commons.dbutils.handlers.BeanListHandler;
import java.sql.SQLException;
import java.util.List;
public class AdminDaoImpl implements AdminDao {
private QueryRunner queryRunner = new QueryRunner();
@Override
public int insert(Admin admin) {
return 0;
}
@Override
public int delete(String usermane) {
return 0;
}
@Override
public int update(Admin admin) {
return 0;
}
@Override
public Admin select(String username) {
try {
Admin admin = queryRunner.query(DbUtils.getConnection(),"select * from admin where username = ?",
new BeanHandler<Admin>(Admin.class),username);
return admin;
} catch (SQLException throwables) {
throwables.printStackTrace();
}
return null;
}
@Override
public List<Admin> selectAll() {
try {
List<Admin> admins = queryRunner.query(DbUtils.getConnection(),"select * from admin",
new BeanListHandler<Admin>(Admin.class));
return admins;
} catch (SQLException throwables) {
throwables.printStackTrace();
}
return null;
}
}
4.3.5Service
AdminService
package com.wyy.servletProject.service;
import com.wyy.servletProject.entity.Admin;
import java.util.List;
public interface AdminService {
public Admin login(String username,String password);
public List<Admin> showAllAdmin();
}
AdminServiceImpl
package com.wyy.servletProject.service.imlp;
import com.wyy.servletProject.dao.AdminDao;
import com.wyy.servletProject.dao.impl.AdminDaoImpl;
import com.wyy.servletProject.entity.Admin;
import com.wyy.servletProject.service.AdminService;
import com.wyy.servletProject.utils.DbUtils;
import java.util.List;
public class AdminServiceimpl implements AdminService {
private AdminDao adminDao = new AdminDaoImpl();
@Override
public Admin login(String username, String password) {
Admin result = null;
try {
DbUtils.getConnection();
Admin admin = adminDao.select(username);
if (admin != null){
if (admin.getPassword().equals(password)){
result = admin;
}
}
DbUtils.commit();
} catch (Exception e) {
DbUtils.rollback();
e.printStackTrace();
}
return result;
}
@Override
public List<Admin> showAllAdmin() {
List<Admin> admins = null;
try {
DbUtils.getConnection();
admins = adminDao.selectAll();
DbUtils.commit();
} catch (Exception e) {
DbUtils.rollback();
e.printStackTrace();
}
return admins;
}
}
4.3.6 HTML页面
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>登录页面</title>
</head>
<body>
<form action="/web1_war_exploded/login" method="post">
用户名:<input type="text" name="username"/><br>
密码:<input type="password" name="password"/><br>
<input type="submit" value="登录"/>
</form>
</body>
</html>
4.3.7 LoginServlet
package com.wyy.servletProject.servlet;
import com.wyy.servletProject.entity.Admin;
import com.wyy.servletProject.service.AdminService;
import com.wyy.servletProject.service.imlp.AdminServiceimpl;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
@WebServlet(value = "/login")
public class LoginServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//1.收参
String username = req.getParameter("username");
String password = req.getParameter("password");
//2.调用业务逻辑
AdminService adminService = new AdminServiceimpl();
Admin admin = adminService.login(username,password);
//3.处理结果
PrintWriter printWriter = resp.getWriter();
if (admin != null){
//相应结果成功
printWriter.println("<html>");
printWriter.println("<head>");
printWriter.println("<meta charset='UTF-8'>");
printWriter.println("<title>结果页面</title>");
printWriter.println("</head>");
printWriter.println("<body>");
printWriter.println("<h1>登陆成功!!!!</h1>");
printWriter.println("</body>");
printWriter.println("</html>");
}else {
//相应结果失败
printWriter.println("<html>");
printWriter.println("<head>");
printWriter.println("<meta charset='UTF-8'>");
printWriter.println("<title>结果页面</title>");
printWriter.println("</head>");
printWriter.println("<body>");
printWriter.println("<h1>登陆失败</h1>");
printWriter.println("</body>");
printWriter.println("</html>");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
效果
4.3.7 ShowallServlet
package com.wyy.servletProject.servlet;
import com.wyy.servletProject.entity.Admin;
import com.wyy.servletProject.service.AdminService;
import com.wyy.servletProject.service.imlp.AdminServiceimpl;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.nio.file.AccessDeniedException;
import java.util.List;
@WebServlet(value = "/showall")
public class ShowAllAdminServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
AdminService adminService = new AdminServiceimpl();
List<Admin> adminList = adminService.showAllAdmin();
PrintWriter printWriter = resp.getWriter();
if (adminList != null){
printWriter.println("<html>");
printWriter.println("<head>");
printWriter.println("<meta charset='UTF-8'>");
printWriter.println("<title>结果页面</title>");
printWriter.println("</head>");
printWriter.println("<body>");
printWriter.println("<tr>");
printWriter.println(" <td>username</td>");
printWriter.println(" <td>password</td>");
printWriter.println(" <td>phone</td>");
printWriter.println(" <td>address</td>");
printWriter.println("</tr><br>");
for (Admin admin :adminList){
printWriter.println("<tr>");
printWriter.println(" <td>"+admin.getUsername()+"</td>");
printWriter.println(" <td>"+admin.getPassword()+"</td>");
printWriter.println(" <td>"+admin.getPhone()+"</td>");
printWriter.println(" <td>"+admin.getAddress()+"</td>");
printWriter.println("</tr><br>");
}
printWriter.println("</body>");
printWriter.println("</html>");
}else {
printWriter.println("<html>");
printWriter.println("<head>");
printWriter.println("<meta charset='UTF-8'>");
printWriter.println("<title>结果页面</title>");
printWriter.println("</head>");
printWriter.println("<body>");
printWriter.println("<h3>登陆失败</h3>");
printWriter.println("</body>");
printWriter.println("</html>");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req,resp);
}
}
效果
5.转发与重定向
5.1转发
转发的作用在服务端,将请求发送给服务器上的其他资源,以共同完成一次请求处理
ShowAllAdminController
存数据
req.setAttribute("admins",adminList);
package com.wyy.servletProject.servlet;
import com.wyy.servletProject.entity.Admin;
import com.wyy.servletProject.service.AdminService;
import com.wyy.servletProject.service.imlp.AdminServiceimpl;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.List;
@WebServlet(value = "/showallcontroller")
public class ShowAllAdminController extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//只负责调用业务逻辑
AdminService adminService = new AdminServiceimpl();
List<Admin> adminList = adminService.showAllAdmin();
//request作用域存储数据
req.setAttribute("admins",adminList);
//通过转发跳转到显示结果的servlet
req.getRequestDispatcher("/showalljsp").forward(req,resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
ShowallAdminJSP
取数据
List<Admin> adminList = (List<Admin>) req.getAttribute("admins");
package com.wyy.servletProject.servlet;
import com.wyy.servletProject.entity.Admin;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
@WebServlet(value = "/showalljsp")
public class ShowallAdminJSP extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
List<Admin> adminList = (List<Admin>) req.getAttribute("admins");
PrintWriter printWriter = resp.getWriter();
if (adminList != null){
printWriter.println("<html>");
printWriter.println("<head>");
printWriter.println("<meta charset='UTF-8'>");
printWriter.println("<title>结果页面</title>");
printWriter.println("</head>");
printWriter.println("<body>");
printWriter.println("<tr>");
printWriter.println(" <td>username</td>");
printWriter.println(" <td>password</td>");
printWriter.println(" <td>phone</td>");
printWriter.println(" <td>address</td>");
printWriter.println("</tr><br>");
for (Admin admin :adminList){
printWriter.println("<tr>");
printWriter.println(" <td>"+admin.getUsername()+"</td>");
printWriter.println(" <td>"+admin.getPassword()+"</td>");
printWriter.println(" <td>"+admin.getPhone()+"</td>");
printWriter.println(" <td>"+admin.getAddress()+"</td>");
printWriter.println("</tr><br>");
}
printWriter.println("</body>");
printWriter.println("</html>");
}else {
printWriter.println("<html>");
printWriter.println("<head>");
printWriter.println("<meta charset='UTF-8'>");
printWriter.println("<title>结果页面</title>");
printWriter.println("</head>");
printWriter.println("<body>");
printWriter.println("<h3>登陆失败</h3>");
printWriter.println("</body>");
printWriter.println("</html>");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
5.2重定向
AServlet
重定向传数据
resp.sendRedirect("/web1_war_exploded/b?username=Tom"); //只能传String
package com.wyy.servletProject.servlet;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet(value = "/a")
public class AServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//通过request作用域做数据的存储
// req.setAttribute("username","gavin");
// req.getRequestDispatcher("/b").forward(req,resp);
resp.sendRedirect("/web1_war_exploded/b?username=Tom");
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
BServlet
重定向传数据
String username = req.getParameter("username");
package com.wyy.servletProject.servlet;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet(value = "/b")
public class BServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// String s = (String) req.getAttribute("username");
String username = req.getParameter("username");
System.out.println("B executed ..." + username);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
当两个Servlet需要传数据时,选择forward转发,不建议使用sendRedirect进行传递
6.生命周期
四个阶段
6.1 实例化
当用户第一次访问Servlet时,由容器调用Servlet的构造器创建具体的Servlet对象。也可以在容器启动之后立刻创建实例。使用如下代码可以设置Servlet是否在服务器启动时就创建。 1
执行一次
6.2 初始化
init()
执行一次
6.3 服务
service方法
可执行多次
6.4 销毁
destroy
执行一次
package com.wyy.servlet3;
import jakarta.servlet.*;
import jakarta.servlet.annotation.WebServlet;
import java.io.IOException;
@WebServlet(value = "/ls")
public class lifeServlet implements Servlet {
public lifeServlet(){
System.out.println("1、实例化");
}
@Override
public void init(ServletConfig servletConfig) throws ServletException {
System.out.println("2、初始化");
}
@Override
public ServletConfig getServletConfig() {
return null;
}
@Override
public void service(ServletRequest servletRequest, ServletResponse servletResponse) throws ServletException, IOException {
System.out.println("3、接收请求,相应结果");
}
@Override
public String getServletInfo() {
return null;
}
@Override
public void destroy() {
System.out.println("4、销毁");
}
}
7、Servlet特性
线程安全问题
- synchronized 效率低
- SingleThreadModel 效率低,资源浪费
- 使用局部变量
package com.wyy.servlet3;
import jakarta.servlet.ServletException;
import jakarta.servlet.SingleThreadModel;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
public class SafeServlet extends HttpServlet implements SingleThreadModel {
private String massage = "";
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
synchronized (this){
//假设接收参数
//调用业务逻辑,得到登录结果
massage = "登陆成功";
PrintWriter printWriter = resp.getWriter();
printWriter.println(massage);
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
package com.wyy.servlet3;
import jakarta.servlet.ServletException;
import jakarta.servlet.SingleThreadModel;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
public class SafeServlet extends HttpServlet {
// private String massage = "";
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String massage = "";
//假设接收参数
//调用业务逻辑,得到登录结果
massage = "登陆成功";
PrintWriter printWriter = resp.getWriter();
printWriter.println(massage);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
8.状态管理
将浏览器与web服务器之间多次交互当作一个整体来处理,并且将多次交互所涉及的数据(即状态)保存下来。
分类:
●客户端状态管理技术:将状态保存在客户端。代表性的是Cookie技术。
●服务器状态管理技术:将状态保存在服务器端。代表性的是session技术(服务器传递sessionID时需要使用Cookie的方式)
Cookie
Cookie是在浏览器访问Web服务器某个资源时,由Web服务器在HTTP响应消息头中附带传送给浏览器的一小段数据
创建cookie
package com.wyy.cookies;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet(value = "/cs")
public class cookieServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//服务端创建cookie
Cookie cookie = new Cookie("username","gavin");
Cookie cookie2 = new Cookie("passward","123456");
//设置cookie的访问路径
cookie.setPath("/web1_war_exploded/get");
cookie2.setPath("/web1_war_exploded");
//设置cookie生命周期
cookie.setMaxAge(60*60);
cookie2.setMaxAge(60*60);
//将cookie响应给客户端
resp.addCookie(cookie);
resp.addCookie(cookie2);
}
}
响应cookie
package com.wyy.cookies;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet(value = "/get")
public class GetServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//通过request对象获取所有的cookie
Cookie[] cookies = req.getCookies();
//通过循环遍历数组
if (cookies != null){
for (Cookie cookie : cookies){
System.out.println(cookie.getName()+":"+cookie.getValue());
}
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
修改cookie
package com.wyy.cookies;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet(value = "/cs2")
public class CookieServlet2 extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie cookie = new Cookie("username","aaron");
cookie.setPath("/web1_war_exploded/get");
cookie.setMaxAge(60*60*24*7);
resp.addCookie(cookie);
}
}
如果改变cookie的name绝有效路径会新建cookie,而改变cookie的值,有效期会覆盖原有的cookie
编码与解码
编码
URLEncoder.encode("姓名","UTF-8"),URLEncoder.encode("张三","UTF-8")
package com.wyy.cookies;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URLEncoder;
@WebServlet(value = "/cs3")
public class CookisServlet3 extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Cookie cookie = new Cookie(URLEncoder.encode("姓名","UTF-8"),URLEncoder.encode("张三","UTF-8"));
cookie.setPath("/web1_war_exploded/get");
cookie.setMaxAge(600);
resp.addCookie(cookie);
}
}
解码
URLDecoder.decode(cookie.getName(),"UTF-8")+":"+URLDecoder.decode(cookie.getValue(),"UTF-8")
package com.wyy.cookies;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URLDecoder;
import java.net.URLEncoder;
@WebServlet(value = "/get")
public class GetServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//通过request对象获取所有的cookie
Cookie[] cookies = req.getCookies();
//通过循环遍历数组
if (cookies != null){
for (Cookie cookie : cookies){
System.out.println(URLDecoder.decode(cookie.getName(),"UTF-8")+":"+URLDecoder.decode(cookie.getValue(),"UTF-8"));
}
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
9.Session
●Session用于记录用户的状态。Session指的是在一段时间内,单个客户端与Web服务器的一连串相关的交互过程。
●在一个Session中,客户可能会多次请求访问同一个资源,也有可能请求访问各种不同的服务器资源。
原理
●服务器会为每一次会话分配一个Session对象
●同一个浏览器发起的多次请求,同属于- 次会话(Session)
●首次使用到Session时, 服务器会自动创建Session,并创建Cookie存储Sessionld发送回客户端
使用
●Session作用域: 拥有存储数据的空间,作用范围是一次会话有效
。一次会话是使用同一浏览器发送的多次请求。一旦浏览器关闭,则结束会话
。可以将数据存入Session中,在一次会话的任意位置进行获取
。可传递任何数据(基本数据类型、对象、集合、数组)
获取Session
package com.wyy.Session;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/ss")
public class SessionServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//通过request获取Session对象
HttpSession session = req.getSession();
System.out.println(session.getId());
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
保存、获取数据
保存
session.setAttribute("username","gavin");
获取
session.getAttribute("username");
package com.wyy.Session;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/getvalue")
public class GetValueServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//获取Session对象
HttpSession session = req.getSession();
String s = (String) session.getAttribute("username");
System.out.println("从session中获得了"+s);
}
}
移除数据
移除
session.removeAttribute("username");
package com.wyy.Session;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/remove")
public class RemoveServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
session.removeAttribute("username");
}
}
request session区别
●request是一 次请求有效,请求改变,则request改变
●session是一 次会话有效,浏览器改变,则session改变
package com.wyy.Session;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/ss")
public class SessionServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//通过request获取Session对象
HttpSession session = req.getSession();
//使用Session保存数据
session.setAttribute("username","gavin");
req.setAttribute("password","123456");
resp.sendRedirect("/web1_war_exploded/getvalue");
System.out.println(session.getId());
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
package com.wyy.Session;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/getvalue")
public class GetValueServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//获取Session对象
HttpSession session = req.getSession();
String password = (String) req.getAttribute("password");
String s = (String) session.getAttribute("username");
System.out.println("从session中获得了"+s);
System.out.println("从request中获得了"+password);
}
}
Session生命周期
●开始:第一次使用到Session的请求产生, 则创建Session
●结束:
浏览器关闭,则失效
Session超时,则失效
■session.setMaxlIactielnterallseconds//设置最大有效时间(单位:秒)
手工销毁,则失效
■session.invalidate/);//登录退出、注销
Session超时,则失效
session.setMaxInactiveInterval(10);
手工销毁
session.invalidate();
package com.wyy.life;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/life")
public class LifeSessionServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
session.setMaxInactiveInterval(10);
System.out.println(session.getId());
}
}
package com.wyy.life;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/gets")
public class GetSessionServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
System.out.println(session.getId());
session.invalidate();
}
}
浏览器禁用cookie
package com.wyy.life;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/life")
public class LifeSessionServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
String newUrl = resp.encodeRedirectURL("/web1_war_exploded/gets");
System.out.println(newUrl);
resp.sendRedirect(newUrl);
// session.setMaxInactiveInterval(10);
System.out.println(session.getId());
}
}
Session权限验证
创建管理员表
create table manager(
username varchar(20) primary key ,
password varchar(20) not null
);
insert into manager (username, password)
values ('tom','123');
select * from manager;
创建管理员类
package com.wyy.servletProject.entity;
public class Manager {
private String username;
private String password;
public Manager(String username, String password) {
this.username = username;
this.password = password;
}
@Override
public String toString() {
return "Manager{" +
"username='" + username + '\'' +
", password='" + password + '\'' +
'}';
}
public Manager() {
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
创建Dao
package com.wyy.servletProject.dao;
import com.wyy.servletProject.entity.Manager;
public interface ManagerDao {
public Manager select(String username);
}
package com.wyy.servletProject.dao.impl;
import com.wyy.servletProject.dao.ManagerDao;
import com.wyy.servletProject.entity.Admin;
import com.wyy.servletProject.entity.Manager;
import com.wyy.servletProject.utils.DbUtils;
import org.apache.commons.dbutils.QueryRunner;
import org.apache.commons.dbutils.handlers.BeanHandler;
import org.apache.commons.dbutils.handlers.BeanListHandler;
import java.sql.SQLException;
public class ManagerDaoImpl implements ManagerDao {
private QueryRunner queryRunner = new QueryRunner();
@Override
public Manager select(String username) {
try {
Manager manager = queryRunner.query(DbUtils.getConnection(),"select * from manager where username=?",
new BeanHandler<Manager>(Manager.class),username);
return manager;
} catch (SQLException throwables) {
throwables.printStackTrace();
}
return null;
}
}
创建Service
package com.wyy.servletProject.service;
import com.wyy.servletProject.entity.Manager;
public interface ManagerService {
public Manager login(String username, String password);
}
package com.wyy.servletProject.service.imlp;
import com.wyy.servletProject.dao.ManagerDao;
import com.wyy.servletProject.dao.impl.ManagerDaoImpl;
import com.wyy.servletProject.entity.Manager;
import com.wyy.servletProject.service.ManagerService;
import com.wyy.servletProject.utils.DbUtils;
import java.sql.SQLException;
public class ManagerServiceImpl implements ManagerService {
private ManagerDao managerDao = new ManagerDaoImpl();
@Override
public Manager login(String username, String password) {
Manager manager = null;
try {
DbUtils.getConnection();
Manager temp = managerDao.select(username);
if (temp != null){
//验证密码
if (temp.getPassword().equals(password)){
manager = temp;
}
}
DbUtils.commit();
} catch (SQLException throwables) {
DbUtils.rollback();
throwables.printStackTrace();
}
return manager;
}
}
创建Servlet
controller
package com.wyy.servletProject.servlet.controller;
import com.wyy.servletProject.entity.Manager;
import com.wyy.servletProject.service.ManagerService;
import com.wyy.servletProject.service.imlp.ManagerServiceImpl;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/loginMgr")
public class LoginManagerController extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//处理乱码
//收参
String username = req.getParameter("username");
String password = req.getParameter("password");
//调用业务方法
ManagerService managerService = new ManagerServiceImpl();
Manager mgr = managerService.login(username,password);
//处理结果,流程跳转
if (mgr != null){
//登陆成功
//将管理员信息存储在Session里
HttpSession session = req.getSession();
session.setAttribute("mgr",mgr);
//跳转 目标(showallcontroller)、方式(转发、重定向)
resp.sendRedirect("/web1_war_exploded/showallcontroller");
}else {
//登录失败 重新登陆
resp.sendRedirect("/web1_war_exploded/loginMgr.html");
}
}
}
package com.wyy.servletProject.servlet.controller;
import com.wyy.servletProject.entity.Admin;
import com.wyy.servletProject.entity.Manager;
import com.wyy.servletProject.service.AdminService;
import com.wyy.servletProject.service.imlp.AdminServiceimpl;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
import java.util.List;
@WebServlet(value = "/showallcontroller")
public class ShowAllAdminController extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//通过HTTPSession完成权限控制
HttpSession session = req.getSession();
Manager mgr = (Manager) session.getAttribute("mgr");
if (mgr != null){
//不等于空证明登陆过了
//只负责调用业务逻辑
AdminService adminService = new AdminServiceimpl();
List<Admin> adminList = adminService.showAllAdmin();
//request作用域存储数据
req.setAttribute("admins",adminList);
//通过转发跳转到显示结果的servlet
req.getRequestDispatcher("/showalljsp").forward(req,resp);
}else {
//空 == 没有登录,那么跳转到登录的操作
resp.sendRedirect("/web1_war_exploded/loginMgr.html");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
jsp
package com.wyy.servletProject.servlet.jsp;
import com.wyy.servletProject.entity.Admin;
import com.wyy.servletProject.entity.Manager;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
@WebServlet(value = "/showalljsp")
public class ShowallAdminJSP extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
Manager mgr = (Manager) session.getAttribute("mgr");
List<Admin> adminList = (List<Admin>) req.getAttribute("admins");
PrintWriter printWriter = resp.getWriter();
if (adminList != null){
printWriter.println("<html>");
printWriter.println("<head>");
printWriter.println("<meta charset='UTF-8'>");
printWriter.println("<title>结果页面</title>");
printWriter.println("</head>");
printWriter.println("<body>");
printWriter.println("<h1>欢迎您"+mgr.getUsername()+"</h1>");
printWriter.println("<table border = '1'>");
printWriter.println("<tr>");
printWriter.println(" <td>username</td>");
printWriter.println(" <td>password</td>");
printWriter.println(" <td>phone</td>");
printWriter.println(" <td>address</td>");
printWriter.println("</tr><br>");
for (Admin admin :adminList){
printWriter.println("<tr>");
printWriter.println(" <td>"+admin.getUsername()+"</td>");
printWriter.println(" <td>"+admin.getPassword()+"</td>");
printWriter.println(" <td>"+admin.getPhone()+"</td>");
printWriter.println(" <td>"+admin.getAddress()+"</td>");
printWriter.println("</tr><br>");
}
printWriter.println("</body>");
printWriter.println("</html>");
}else {
printWriter.println("<html>");
printWriter.println("<head>");
printWriter.println("<meta charset='UTF-8'>");
printWriter.println("<title>结果页面</title>");
printWriter.println("</head>");
printWriter.println("<body>");
printWriter.println("<h3>登陆失败</h3>");
printWriter.println("</body>");
printWriter.println("</html>");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
创建页面
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>管理员登录</title>
</head>
<body>
<form action="/web1_war_exploded/loginMgr" method="post">
用户名:<input type="text" name="username"/><br/>
密码:<input type="password" name="password"/><br/>
<input type="submit" value="登录">
</form>
</body>
</html>
在这里插入图片描述
Session保存验证码
package com.wyy.servletProject.servlet.controller;
import cn.dsna.util.images.ValidateCode;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import javax.xml.validation.Validator;
import java.io.IOException;
@WebServlet(value = "/createCode")
public class CreatCodeController extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//创建验证码图片
ValidateCode code = new ValidateCode(200,30,4,20);
String codes = code.getCode();
HttpSession session = req.getSession();
session.setAttribute("codes",codes);
//验证码图片响应给客户端
code.write(resp.getOutputStream());
}
}
package com.wyy.servletProject.servlet.controller;
import com.wyy.servletProject.entity.Manager;
import com.wyy.servletProject.service.ManagerService;
import com.wyy.servletProject.service.imlp.ManagerServiceImpl;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/loginMgr")
public class LoginManagerController extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//处理乱码
//收参
String username = req.getParameter("username");
String password = req.getParameter("password");
String inputVcode = req.getParameter("inputVcode");
String codes = (String) req.getSession().getAttribute("codes");
if (!inputVcode.isEmpty() && inputVcode.equalsIgnoreCase(codes)){
//调用业务方法
ManagerService managerService = new ManagerServiceImpl();
Manager mgr = managerService.login(username,password);
//处理结果,流程跳转
if (mgr != null){
//登陆成功
//将管理员信息存储在Session里
HttpSession session = req.getSession();
session.setAttribute("mgr",mgr);
//跳转 目标(showallcontroller)、方式(转发、重定向)
resp.sendRedirect("/web1_war_exploded/showallcontroller");
}else {
//登录失败 重新登陆
resp.sendRedirect("/web1_war_exploded/loginMgr.html");
}
}else {
//验证码错误
resp.sendRedirect("/web1_war_exploded/loginMgr.html");
}
}
}
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>管理员登录</title>
</head>
<body>
<form action="/web1_war_exploded/loginMgr" method="post">
用户名:<input type="text" name="username"/><br/>
密码:<input type="password" name="password"/><br/>
验证码:<input type="text" name="inputVcode"/><img src="/web1_war_exploded/createCode"><br/>
<input type="submit" value="登录">
</form>
</body>
</html>
10 ServletContext
●全局对象,也拥有作用域,对应一个Tomcat中的Web应用
●当Web服务 器启动时,会为每一个Web应用程序创建一块共享的存储区域(ServletContext)。
●ServletContext在Web服 务器启动时创建,服务器关闭时销毁。
10.1获取ServletContext对象
●GenericServlet提供 了getServletContext()方法。(推荐) this getServletContext();
●HttpServletRequest提供 了getServletContext()方法。(推荐)
●HttpSession提 供了getServletContext()方法。
package com.wyy.servletProject.servlet.controller;
import jakarta.servlet.ServletContext;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/ctxController")
public class ServletContextController extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//方式一 this getServletContext);
ServletContext servletContext = this.getServletContext();
//方式二 request对象获取
ServletContext servletContext1 = req.getServletContext();
//方式三 Session对象获取
HttpSession session = req.getSession();
ServletContext servletContext2 = session.getServletContext();
System.out.println(servletContext);
System.out.println(servletContext1);
System.out.println(servletContext2);
}
}
org.apache.catalina.core.ApplicationContextFacade@109a669b
org.apache.catalina.core.ApplicationContextFacade@109a669b
org.apache.catalina.core.ApplicationContextFacade@109a669b
结果一样
10.2ServletContext作用
- 获取项目的真实路径
- 获取项目上下文路径
- 全局容器
ServletContext拥有作用域,可以存储数据到全局容器中
●存储数据: servletContext.setAttribute(“name”,value);
●获取数据: servletContext getAttrbute(“name”);
●移除数据: servletContext.removeAttribute(“name”);
package com.wyy.servletProject.servlet.controller;
import jakarta.servlet.ServletContext;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(value = "/ctxController")
public class ServletContextController extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//方式一 this getServletContext);
ServletContext servletContext = this.getServletContext();
//获取项目的真实路径
System.out.println(servletContext.getRealPath("/"));
//获取项目的上下文路径
System.out.println(servletContext.getContextPath());
//全局容器
servletContext.setAttribute("context","info");
}
}
package com.wyy.servletProject.servlet.controller;
import jakarta.servlet.ServletContext;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet(value = "/showContext")
public class ShowContextController extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//先获取ServletContext对象
ServletContext servletContext = this.getServletContext();
String s = (String) servletContext.getAttribute("context");
System.out.println(s);
}
}
10.3ServletContext应用场景
统计当前项目访问次数
package com.wyy.counter;
import jakarta.servlet.ServletContext;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet(value = "/counterController")
public class counterController extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//获取ServletContext对象
ServletContext servletContext = req.getServletContext();
//获取计数器
Integer counter = (Integer) servletContext.getAttribute("counter");
//第一次访问counter为空
if (counter == null){
counter = 1;
servletContext.setAttribute("counter",counter);
}else {
counter++;
servletContext.setAttribute("counter",counter);
}
System.out.println("counter:"+ counter);
}
}
package com.wyy.counter;
import jakarta.servlet.ServletContext;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet(value = "/showCounterController")
public class ShowCounterController extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//获取ServletContext对象
ServletContext servletContext = req.getServletContext();
Integer counter = (Integer) servletContext.getAttribute("counter");
//第一次访问counter为空
if (counter == null){
counter = 1;
servletContext.setAttribute("counter",counter);
}else {
counter++;
servletContext.setAttribute("counter",counter);
}
System.out.println("show:"+ counter);
}
}
●HttpServletRequest: 一次请求,请求响应之前有效
●HttpSession: 一次会话开始,浏览器不关闭或不超时之前有效
●ServletContext: 服务器启动开始,服务器停止之前有效
11 过滤器
●执行地位在Servlet之前, 客户端发送请求时,会先经过Filter, 再到达目标Servlet中;响应时,会根据执行流程再次反向执行Filter
●可以解决多个Servlet共性代码的冗余问题(例如:乱码处理、登录验证)
11.1实现过程
●编写Java类 实现Filter接口
●在oFilter方 法中编写拦截逻辑
●设置拦截路径
package com.wyy.Filter;
import jakarta.servlet.*;
import jakarta.servlet.annotation.WebFilter;
import java.io.IOException;
@WebFilter(value = "/t")
public class MyFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
Filter.super.init(filterConfig);
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("===myfilter====");
//让请求继续
filterChain.doFilter(servletRequest,servletResponse);
System.out.println("====end====");
}
@Override
public void destroy() {
Filter.super.destroy();
}
}
package com.wyy.Filter;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet(value = "/t")
public class TargetServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//
System.out.println("====target====");
}
}
11.2过滤器配置
注解配置
@WebFilter(value = "/t")
xml配置
package com.wyy.Filter;
import jakarta.servlet.*;
import java.io.IOException;
public class xmlFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
Filter.super.init(filterConfig);
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("Web.xml配置过滤器");
filterChain.doFilter(servletRequest,servletResponse);
}
@Override
public void destroy() {
Filter.super.destroy();
}
}
package com.wyy.Filter;
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet(value = "/test")
public class TestServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
System.out.println("TestServlet");
}
}
<filter>
<filter-name>xml</filter-name>
<filter-class>com.wyy.Filter.xmlFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>xml</filter-name>
<url-pattern>/test</url-pattern>
</filter-mapping>
拦截路径
后缀拦截
package com.wyy.Filter;
import jakarta.servlet.*;
import jakarta.servlet.annotation.WebFilter;
import jakarta.servlet.http.HttpServlet;
import java.io.IOException;
@WebFilter(value = "*.html")
public class HtmlFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
Filter.super.init(filterConfig);
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("拦截html请求");
filterChain.doFilter(servletRequest, servletResponse);
}
@Override
public void destroy() {
Filter.super.destroy();
}
}
通配符拦截
package com.wyy.Filter;
import jakarta.servlet.*;
import jakarta.servlet.annotation.WebFilter;
import java.io.IOException;
@WebFilter(value = "/*")
public class AllFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
Filter.super.init(filterConfig);
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("拦截所有请求");
filterChain.doFilter(servletRequest, servletResponse);
}
@Override
public void destroy() {
Filter.super.destroy();
}
}
11.3过滤器链和优先级
过滤器链
客户端对服务器请求之后,服务器调用Servlet之前会执行一组过滤器(多个过滤器),那么这组过滤器就称为一条过滤器链。
每个过滤器实现某个特定的功能,当第一t个ilter的dFiter方 法被调用时,Web服务器会创建一个代表Filter链的ilterChain对象传递给
该方法。在doFilter方法中, 开发人员如果调用了FilterChain对象的doFiter方法,则Web服务器会检查FilterChain对象中是否还有flter,
如果有,则调用第2个ilter,如果没有,则调用目标资源。
在一个Web应用中,可以开发编写多个Filter,这些Filter组合 起来称之为一个Filter链。 优先级:
●如果为注解的话,是按照类全名称的字符串顺序决定作用顺序
●如果web.xml, 按照filter-mapping注册顺序,从上往下
●web.xml配置 高于注解方式
●如果注解和web.xml同时配置,会创建多个过滤器对象,造成过滤多次。
11.4过滤器应用
解决编码
package com.wyy.Filter;
import jakarta.servlet.*;
import jakarta.servlet.annotation.WebFilter;
import jakarta.servlet.annotation.WebServlet;
import java.io.IOException;
@WebFilter(value = "/*")
public class EncodingFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
Filter.super.init(filterConfig);
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
//统一处理请求和响应的乱码
servletRequest.setCharacterEncoding("UTF-8");
servletResponse.setContentType("text/html;charset=utf-8");
filterChain.doFilter(servletRequest, servletResponse);
}
@Override
public void destroy() {
Filter.super.destroy();
}
}
权限验证
package com.wyy.servletProject.filter;
import com.wyy.servletProject.entity.Manager;
import jakarta.servlet.*;
import jakarta.servlet.annotation.WebFilter;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
@WebFilter(value = "/showallcontroller")
public class checkfilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
Filter.super.init(filterConfig);
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
//权限验证 验证管理员是否登录
//向下转型 拆箱
HttpServletRequest request = (HttpServletRequest)servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession();
Manager mgr = (Manager) session.getAttribute("mgr");
if (mgr != null){
filterChain.doFilter(request,response);
}else {
response.sendRedirect(request.getContextPath()+"/loginMgr.html");
}
}
@Override
public void destroy() {
Filter.super.destroy();
}
}
711
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
