解析
- 编写一个应用,用户登录成功之后到达欢迎界面。为了防止某些用户直接访问欢迎页面,用过滤器来实现session的检查。
先写login.jsp和status.jsp,把基本框架搭好,status.jsp的内容很简单,就两行
login.jsp
status.jsp
登录成功
退出登录
然后把验证逻辑给写了,注意一下我在这里仅仅只判断了用户名和密码是否为空,若不为空则提交表单。真正的匹配判断我放在了ValidationServlet
function validate() {
let account = loginForm.account.value
let pwd = loginForm.pwd.value
if (account == "" || pwd == "") {
alert("用户名、密码不能为空")
} else {
loginForm.submit()
}
}
把ValidationServlet给写了
@WebServlet(name = "validationServlet", urlPatterns = {"/validationServlet"})
public class ValidationServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// 处理响应乱码
response.setContentType("text/html;charset=utf-8");
// 处理请求乱码
request.setCharacterEncoding("utf-8");
String account = request.getParameter("account");
String pwd = request.getParameter("pwd");
if (account != null && pwd != null){
if (account.equals("tom") && pwd.equals("123")){ // 在这里判断
HttpSession session = request.getSession();
session.setAttribute("account", account); // 通过了验证,就要把用户名存在session中,方便后面做过滤
response.sendRedirect("chapter9/9_5/status.jsp"); // 重定向到status.jsp
}
else {
response.sendRedirect("chapter9/9_5/login.jsp"); // 验证失败,回到login.jsp
}
}
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}
最后写LoginFilter,我根据url的后缀来确定是否要启用过滤器。如果之前已经登录成功,那么说明session内一定存有account,可根据这个判断是否要访问欢迎界面
@WebFilter(filterName = "LoginFilter", urlPatterns = {"*.jsp"})
public class LoginFilter implements Filter {
public void init(FilterConfig config) throws ServletException {
}
public void destroy() {
}
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
HttpServletRequest request = (HttpServletRequest) req; // 强制把参数req转换为HttpServletRequest类型,不然无法使用getSession
HttpServletResponse response = (HttpServletResponse) resp; // 同理
HttpSession session = request.getSession();
String requestURL = request.getRequestURI().toString(); // 获取url
String account = (String) session.getAttribute("account");
if (account == null && requestURL.contains("9_5/status.jsp")) {
response.sendRedirect("login.jsp");
}
chain.doFilter(request, response);
}
}
此外,还可以写一个LogOutServlet,记得让status.jsp的超链接给链接上
@WebServlet(name = "LogOutServlet", urlPatterns = {"/logOutServlet"})
public class LogOutServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// 处理响应乱码
response.setContentType("text/html;charset=utf-8");
// 处理请求乱码
request.setCharacterEncoding("utf-8");
HttpSession session = request.getSession();
session.invalidate(); // 清空session,即清除了登录状态
response.sendRedirect("chapter9/9_5/login.jsp");
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}
代码
login.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
登录
status.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
登录状态
登录成功
退出登录
validation.js
function validate() {
let account = loginForm.account.value
let pwd = loginForm.pwd.value
if (account == "" || pwd == "") {
alert("用户名、密码不能为空")
} else {
loginForm.submit()
}
}
ValidationServlet.java
package chapter9.servlet;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(name = "validationServlet", urlPatterns = {"/validationServlet"})
public class ValidationServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// 处理响应乱码
response.setContentType("text/html;charset=utf-8");
// 处理请求乱码
request.setCharacterEncoding("utf-8");
String account = request.getParameter("account");
String pwd = request.getParameter("pwd");
if (account != null && pwd != null){
if (account.equals("tom") && pwd.equals("123")){
HttpSession session = request.getSession();
session.setAttribute("account", account);
response.sendRedirect("chapter9/9_5/status.jsp");
}
else {
response.sendRedirect("chapter9/9_5/login.jsp");
}
}
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}
LoginFilter.java
package chapter9.filter;
import javax.servlet.*;
import javax.servlet.annotation.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebFilter(filterName = "LoginFilter", urlPatterns = {"*.jsp"})
public class LoginFilter implements Filter {
public void init(FilterConfig config) throws ServletException {
}
public void destroy() {
}
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
HttpSession session = request.getSession();
String requestURL = request.getRequestURI().toString();
String account = (String) session.getAttribute("account");
if (account == null && requestURL.contains("9_5/status.jsp")) {
response.sendRedirect("login.jsp");
}
chain.doFilter(request, response);
}
}
LogOutServlet.java
package chapter9.servlet;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebServlet(name = "LogOutServlet", urlPatterns = {"/logOutServlet"})
public class LogOutServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// 处理响应乱码
response.setContentType("text/html;charset=utf-8");
// 处理请求乱码
request.setCharacterEncoding("utf-8");
HttpSession session = request.getSession();
session.invalidate();
response.sendRedirect("chapter9/9_5/login.jsp");
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}
