实现:用户登陆之后才能进入主页,注销之后就不能进入主页
1、用户登录后,向Session中存入用户数据。
2、进入主页的时候要判断用户是否已经登录。
例:
先编写主页.jsp,即用户登录后的页面
%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>主页</title>
<style>
h1{
color: cadetblue;
}
</style>
</head>
<body>
<h1>这是主页,欢迎登录!</h1>
<hr>
<a href="/servlet/Logout">注销</a>
</body>
</html>
然后是登陆界面
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>欢迎登录</title>
</head>
<body>
<form action="/servlet/Login" method="post">
<input type="text" name="username" >
<input type="submit" value="登录">
</form>
<hr>
</body>
</html>
**
**
还有一个错误页面,作用是当作当用户错误输入信息或被拦截后的页面
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>错误页面</title>
</head>
<body>
<h1>很抱歉,你输入的密码不太对!</h1>
<hr>
<a href="/Login.jsp">返回登陆页面</a>
</body>
</html>
编写LoginServlet类处理登录事件
public class LoginServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//获得前端传过来的参数
String username = req.getParameter("username");
if (username.equals("admin")){
//登陆成功将登录信息放在Session中
req.getSession().setAttribute(Constant.USER_SESSION,req.getSession().getId());
resp.sendRedirect("/sys/success.jsp");
}else{
resp.sendRedirect("/Error.jsp");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
上述代码是将前端传统过来的参数username做比对,当比对成功时,将用户信息存到Session中,然后servlet重定向到登陆成功界面Success.jsp,当比对失败时,返回到错误界面。
然后是编写一个Logout类实现注销,用户注销后,清除Session,回到登陆界面
public class Logout extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
Object user_session = req.getSession().getAttribute(Constant.USER_SESSION);
if (user_session!=null){
req.getSession().removeAttribute(Constant.USER_SESSION);
resp.sendRedirect("/Login.jsp");
}else{
resp.sendRedirect("/Login.jsp");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
接下来编写SysFilter过滤器,原理是要访问Success.jsp时,必须要经过该过滤器。在用户点击注销时,Session被清空,所以经过过滤器时会被拦截下来,回到错误页面。
public class SysFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
if (request.getSession().getAttribute(Constant.USER_SESSION)==null){
response.sendRedirect("/Error.jsp");
}
filterChain.doFilter(req,resp);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void destroy() {
}
}
别忘了配置web.xml
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>com.tt.servlet.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/servlet/Login</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>Logout</servlet-name>
<servlet-class>com.tt.servlet.Logout</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Logout</servlet-name>
<url-pattern>/servlet/Logout</url-pattern>
</servlet-mapping>
<filter>
<filter-name>SysFilter</filter-name>
<filter-class>com.tt.filter.SysFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SysFilter</filter-name>
<url-pattern>/sys/*</url-pattern>
</filter-mapping>