用户登录之后才能进入主页!用户注销后就不能进入主页了!
用户登录之后,向Sesison中放入用户的数据
进入主页的时候要判断用户是否已经登录;要求:在过滤器中实现!
login.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head> <title>Title</title> </head> <body> <h1>登录页面</h1> <form action="/servlet/login" method="get"> 用户名:<input type="text" name="username"> <br> <input type="submit"name="登录"> </form> </body> </html>
LoginServelt.java
public class LoginServelt extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { //获取前端的参数 String username = req.getParameter( "username" ); if (username.equals( "admin" )){//登录成功 req.getSession( ).setAttribute( Constant.USER_SESSION,req.getSession().getId()); resp.sendRedirect( "/sys/success.jsp" ); }else{//登录失败 resp.sendRedirect( "/error.jsp" ); } } @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { doGet( req, resp ); } }
error.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head> <title>Title</title> </head> <body> <h1>错误</h1> <h3>没有权限,用户错误</h3> <a href="/login.jsp">返回登录页面</a> </body> </html>
success.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head> <title>Title</title> </head> <body> <%-- <% Object user_session = request.getSession().getAttribute( "USER_SESSION" ); if(user_session == null){ response.sendRedirect( "/login.jsp" ); } %> --%> <h1>主页</h1> <p><a href="/servlet/logout">注销</a></p> </body> </html>
LogoutServlet.java
public class LogoutServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { Object user_session = req.getSession().getAttribute( Constant.USER_SESSION ); if (user_session != null){ req.getSession().removeAttribute( Constant.USER_SESSION ); resp.sendRedirect( "/login.jsp" ); }else{ resp.sendRedirect( "/login.jsp" ); } } @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { doGet( req, resp ); } }
SysFilter.java
public class SysFilter implements Filter { public void init(FilterConfig filterConfig) throws ServletException { } public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { /* if (req.getSession( ).setAttribute( Constant.USER_SESSION).level ==VIP1){ response.sendRedirect( "/vip1.jsp" ); } if (req.getSession( ).setAttribute( Constant.USER_SESSION).level ==VIP2){ response.sendRedirect( "/vip2.jsp" ); } if (req.getSession( ).setAttribute( Constant.USER_SESSION).level ==VIP3){ response.sendRedirect( "/vip3.jsp" ); }*/ //ServletRequest HttpServletRequest HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) resp; Object user_session = request.getSession().getAttribute( Constant.USER_SESSION); if (request.getSession().getAttribute( Constant.USER_SESSION) == null){ response.sendRedirect( "/error.jsp" ); } chain.doFilter( request,response ); } public void destroy() { } }
xml
<servlet> <servlet-name>LoginServelt</servlet-name> <servlet-class>com.study.servlet.LoginServelt</servlet-class> </servlet> <servlet-mapping> <servlet-name>LoginServelt</servlet-name> <url-pattern>/servlet/login</url-pattern> </servlet-mapping> <servlet> <servlet-name>LogoutServlet</servlet-name> <servlet-class>com.study.servlet.LogoutServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>LogoutServlet</servlet-name> <url-pattern>/servlet/logout</url-pattern> </servlet-mapping> <filter> <filter-name>SysFilter</filter-name> <filter-class>com.study.filter.SysFilter</filter-class> </filter> <filter-mapping> <filter-name>SysFilter</filter-name> <!--只要是/servlet的任何请求,会经过这个过滤器,都会被过滤--> <url-pattern>/sys/*</url-pattern> </filter-mapping>