判断用户是否登录，用户在没有登录访问页面时，自动跳转到登录页面（二）

采用过滤器的形式，实现对用户信息过滤。

1.login.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<!-- 请求转发 -->
<form action="UserLoginServletFiltere" method="post">
    username:<input type="text" value="<%=null == request.getAttribute("username")?"" : request.getAttribute("username") %>" name="username"><br>
    password:<input type="text" name="password"><br>
    
    authority:<select  name="authority">
    
        <option value="1" <%="1".equals(request.getAttribute("authority"))?"selected = selected" : "" %>>common user</option>
        <option value="2" <%="2".equals(request.getAttribute("authority"))?"selected = selected" : "" %>>adminstrator</option>
    </select>
    <br>
    <input type="submit">


    
</form>


</body>
</html>

2.index.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
    <%@ page import="com.javabean.User" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<a href="QueryServletFilter">query</a><br>
<% 
User user = (User)session.getAttribute("user");
if(null == user)
{
    response.sendRedirect("login.jsp");
    return;
}
    if("2".equals(((User)session.getAttribute("user")).getAuthority())){
            
%>
<a href="UpdateServletFilter">update</a>

<%} %>
</body>
</html>

3.web.xml文件

 <filter>
      <filter-name>loginFilter</filter-name>
      <filter-class>com.servlet.filter.SessionFilter</filter-class>
  </filter>
  
  <filter-mapping>
      <filter-name>loginFilter</filter-name>
      <url-pattern>/SessionFilter</url-pattern>
  </filter-mapping>
  

4.userLoginServlet.java

package com.servlet;

import java.io.IOException;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.javabean.User;

public class UserLoginServlet extends HttpServlet
{
    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp)
            throws ServletException, IOException
    {
        String username = (String)req.getParameter("username");
        String password = (String)req.getParameter("password");
        String authority = (String)req.getParameter("authority");
        
        if("1".equals(authority))
        {
            //登录的是普通用户
            if("zhangsan".equals(username) && "123".equals(password))
            {
                //将用户的信息放置到session中
                User user = new User();
                user.setUsername(username);
                user.setPassword(password);
                user.setAuthority(authority);
                
                HttpSession session = req.getSession();
                session.setAttribute("user", user);
                req.getRequestDispatcher("index.jsp").forward(req, resp);
                return;
            }
            
        }
        
        else  if("2".equals(authority))
        {
             //登录的是系统管理员
            if("lisi".equals(username) && "456".equals(password))
            {
                //将用户的信息放置到session中
                User user = new User();
                user.setUsername(username);
                user.setPassword(password);
                user.setAuthority(authority);
                
                HttpSession session = req.getSession();
                session.setAttribute("user", user);
                req.getRequestDispatcher("index.jsp").forward(req, resp);
                return;
                
            }
        }
        //表示登录失败
      
        System.out.println("shibai");
        
        //请求转发模式
//            req.setAttribute("username", username);
//            req.setAttribute("authority",authority);
//            RequestDispatcher rd = req.getRequestDispatcher("login.jsp");
//            rd.forward(req, resp);
        
        //重定向
        resp.sendRedirect("login.jsp?error=true&username="+username+"&authority="+authority);
    
    }
}

5.UpdateServlet

package com.servlet;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class QueryServletFilter extends HttpServlet
{
    
    public void doPost(HttpServletRequest req,HttpServletResponse resp)
        throws ServletException,IOException
        {
            System.out.println("QureyServletFilter");
        }
    
    public void doGet(HttpServletRequest req, HttpServletResponse resp)
        throws ServletException,IOException
        {
        System.out.println("doGet");
            doPost(req,resp);
          
        }
}