非法用户登录拦截
实现当用户未登录时,无法跳转到出登录页面以外的任何页面,拦截用户仍在登陆页面;当用户登录成功即可跳转到其他页面
1、实体类
package com.springmvc.entity; public class User { private Integer uid; private String userName; private String password; private String realName; public Integer getUid() { return uid; } public void setUid(Integer uid) { this.uid = uid; } public String getUserName() { return userName; } public void setUserName(String userName) { this.userName = userName; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public String getRealName() { return realName; } public void setRealName(String realName) { this.realName = realName; } }
2、interceptorLogin.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head> <title>登录</title> </head> <body> <form action="/my/login" method="post"> 用户名<input type="text" name="user"/><br/> 密码<input type="password" name="password"/> <input type="submit" value="登录"/> </form> </body> </html>
3、success.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head> <title>success</title> </head> <body> <h1>登陆成功!</h1> </body> </html>
4、 MyController
package com.springmvc.Controller; import com.springmvc.entity.User; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import javax.servlet.http.HttpServletRequest; @Controller @RequestMapping("/my") public class MyController { @RequestMapping(value = "/login" ,produces = "text/json;charset=utf-8") public String login(User user, HttpServletRequest request){ return "success"; } }
5、 LoginFilter
package com.springmvc.filter; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import java.io.IOException; @WebFilter(urlPatterns = {"/*"}) public class LoginFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest servletRequest=(HttpServletRequest) request; //放行URL if(servletRequest.getRequestURI().equals("/my/login")){ filterChain.doFilter(request,response); } Object user = servletRequest.getSession().getAttribute("user"); if (user==null){ servletRequest.getRequestDispatcher("interceptorLogin.jsp").forward(request,response); }else { //放行请求 filterChain.doFilter(request,response); } } @Override public void destroy() { } }