案例需求:编写一个jsp servlet程序,在login.jsp发起login.do登录请求,当输入的用户名是abc密码是123时,则判断是登录成功,其它暂时认为是登录失败。当用户登录成功时,将用户名放入session对象中并跳转到main.jsp。当用户登录失败时向request对象中存放一个msg消息,内容是登录失败。再发送一个orderInfo.do的查看订单信息的请求,可以跳转到orderInfo.jsp。在上面程序的基础上,写一个过滤器,要求用户登录成功才能查看订单信息。
案例实现:
● login.jsp:
<%@ page language="java" contentType="text/html; charset=utf-8"
pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" " http://www.w3.org/TR/html4/loose.dtd"> ;
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Insert title here</title>
</head>
<body>
<form action="login.do"> 用户名:<input type="text" name="username" > <br> 密码: <input type="password" name="userpassword" > <br> <input type="submit" value="登录"> <span>${msg}</span> </form>
</body>
</html>
● main.jsp:
<%@ page language="java" contentType="text/html; charset=utf-8"
pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" " http://www.w3.org/TR/html4/loose.dtd"> ;
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Insert title here</title>
</head>
<body>
<h1> 欢迎 ${username} </h1>
</body>
</html>
● orderInfo.jsp:
<%@ page language="java" contentType="text/html; charset=utf-8"
pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" " http://www.w3.org/TR/html4/loose.dtd"> ;
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Insert title here</title>
</head>
<body>
<h1> 查看订单信息中.... </h1>
</body>
</html>
● XdlUserLoginController.java :
package com.xdl.controller;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.annotation.WebServlet;
@WebServlet("/login.do")
public class XdlUserLoginController extends HttpServlet {
@Override protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // 获取页面请求参数 String username = request.getParameter("username"); String userpassword = request.getParameter("userpassword"); System.out.println("登录中..."); if("abc".equals(username) && "123".equals(userpassword)){ request.getSession().setAttribute("username", username); response.sendRedirect("main.jsp"); }else{ request.setAttribute("msg", "登录失败"); request.getRequestDispatcher("login.jsp"). forward(request, response); } }
}
● XdlOrderInfoController.java:
package com.xdl.controller;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@WebServlet("/orderInfo.do")
public class XdlOrderInfoController extends HttpServlet {
private static final long serialVersionUID = 1L; protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.getRequestDispatcher("orderInfo.jsp"). forward(request, response); }
}
● 检查登录的过滤器:
package com.xdl.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@WebFilter("*.do")
public class XdlCheckLoginFilter implements Filter {
@Override public void destroy() { } @Override public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain chain) throws IOException, ServletException { // 放行 如果用户已经登录了 则放行 如果没登录则跳转到 登录页面 // 注意 登录请求时不能拦截的 是否登录参考的是 session 有没有 username HttpServletRequest request = (HttpServletRequest)arg0; HttpServletResponse response = (HttpServletResponse)arg1; String servletPath = request.getServletPath(); if("/login.do".equals(servletPath)){ chain.doFilter(arg0, arg1); }else{ /* System.out.println("此路是我开 此树是我栽 要想从此过 留下李伟杰"); chain.doFilter(arg0, arg1); System.out.println("你回来了? 怎么又是你 你走吧"); */ String username = (String) request.getSession().getAttribute ("username"); if(username == null){ // 跳转到登录页面 response.sendRedirect("login.jsp"); }else{ chain.doFilter(arg0, arg1); } } }
}