Loading

filter 权限拦截实现

27.Filter实现权限拦截

image-20211202175207924

登录页面login.jsp

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Title</title>
</head>
<body>

<form method="post" action="/servlet/login">
    <input type="text" name="username">
    <input type="submit">
</form>

</body>
</html>

错误页面error.jsp

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Title</title>
</head>
<body>

<h1>失败</h1>

<h1>没有权限,用户输入有误</h1>

<p><a href="login.jsp">返回登录页面</a></p>

</body>
</html>

登录接口LoginServlet

import com.zhang.utils.Constant;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;


public class LoginServlet extends HttpServlet {
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        String userName = req.getParameter("username");
        if ("admin".equals(userName)) {
            //登录成功
            req.getSession().setAttribute(Constant.USER_SESSION, req.getSession().getId());
            //跳转
            resp.sendRedirect("/sys/success.jsp");
        } else {
            //登录失败
            resp.sendRedirect("/error.jsp");

        }

    }

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        doGet(req, resp);
    }
}

注销页面LogoutServlet

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;


public class LogoutServlet extends HttpServlet {

    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

        Object userSession = req.getSession().getAttribute(Constant.USER_SESSION);
        if (userSession != null) {
            req.getSession().removeAttribute(Constant.USER_SESSION);
            //跳转到登录页面
            resp.sendRedirect("/login.jsp");
        } else {
            //跳转到登录页面
            resp.sendRedirect("/login.jsp");
        }
    }

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        doGet(req, resp);
    }
}

常量类Constant

public class Constant {

    public static final String USER_SESSION = "USER_SESSION";
}

过滤器LoginFilter

import com.zhang.utils.Constant;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;


public class LoginFilter implements Filter {
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse rep = (HttpServletResponse) response;
        Object userSession = req.getSession().getAttribute(Constant.USER_SESSION);
        if (userSession == null) {
            //跳转错误页面
            rep.sendRedirect("/error.jsp");
        }
        chain.doFilter(request, response);

    }

    public void destroy() {

    }
}

接口配置web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
                      http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
         version="3.1"
         metadata-complete="true">
    <servlet>
        <servlet-name>hello</servlet-name>
        <servlet-class>com.zhang.servlets.HelloServlet</servlet-class>
    </servlet>

    <servlet-mapping>
        <servlet-name>hello</servlet-name>
        <url-pattern>/hello</url-pattern>
    </servlet-mapping>

    <servlet-mapping>
        <servlet-name>hello</servlet-name>
        <url-pattern>/servlet/hello</url-pattern>
    </servlet-mapping>

    <servlet-mapping>
        <servlet-name>login</servlet-name>
        <url-pattern>/servlet/login</url-pattern>
    </servlet-mapping>

    <servlet>
        <servlet-name>login</servlet-name>
        <servlet-class>com.zhang.servlets.LoginServlet</servlet-class>
    </servlet>

    <servlet-mapping>
        <servlet-name>logout</servlet-name>
        <url-pattern>/servlet/logout</url-pattern>
    </servlet-mapping>

    <servlet>
        <servlet-name>logout</servlet-name>
        <servlet-class>com.zhang.servlets.LogoutServlet</servlet-class>
    </servlet>

    <filter>
        <filter-name>characterEncodingFilter</filter-name>
        <filter-class>com.zhang.filters.CharacterEncodingFilter</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>characterEncodingFilter</filter-name>
        <url-pattern>/servlet/*</url-pattern>
    </filter-mapping>


    <filter>
        <filter-name>loginFilter</filter-name>
        <filter-class>com.zhang.filters.LoginFilter</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>loginFilter</filter-name>
        <url-pattern>/sys/*</url-pattern>
    </filter-mapping>

    <!--    注册监听器-->
    <listener>
        <listener-class>com.zhang.listeners.OnLineCountListener</listener-class>
    </listener>

    <session-config>
        <session-timeout>10</session-timeout>
    </session-config>


</web-app>
posted @ 2022-03-08 17:09  Cn_FallTime  阅读(31)  评论(0编辑  收藏  举报