javaweb学习23:Filter实现权限拦截

javaweb学习23:Filter实现权限拦截

  • 监听器:GUI编程中经常使用;

  • 过滤器:重点理解过滤器;

 

  • 需求:

    • 用户登录后才能进入主页!

    • 用户注销后就不能进入主页了!

    • 核心:Session的用法;

 

  • 思路:

    • 1,用户登录之后,向Session中放入用户的数据;

    • 2,进入主页的时候,要判断用户是否已经登录;要求:过滤器实现;

 

 

  • 代码案例:login.jsp

    <%@ page contentType="text/html;charset=UTF-8" language="java" %>
    <html>
    <head>
        <title>Title</title>
    </head>
    <body>

    <form action="/servlet/login" method="post">
        用户名:<input type="text" name="username">
        <br>
        <input type="submit">
    </form>

    </body>
    </html>

  • 代码案例:success.jsp

    <%@ page contentType="text/html;charset=UTF-8" language="java" %>
    <html>
    <head>
        <title>成功页面</title>
    </head>
    <body>
    <%--
    <%
        Object user_session = request.getSession().getAttribute("USER_SESSION");
        if(user_session==null){
            response.sendRedirect("/login.jsp");
        }
    %>--%>


    <h1>主页</h1>

    <p>
        <a href="/servlet/logout">注销</a>
    </p>

    </body>
    </html>

  • 代码案例:error.sjp

    <%@ page contentType="text/html;charset=UTF-8" language="java" %>
    <html>
    <head>
        <title>错误</title>
    </head>
    <body>

    <h1>错误</h1>

    <p>
        <a href="/login.jsp">返回首页</a>
    </p>

    </body>
    </html>

  • 代码案例:登录Servlet

    public class LoginServlet extends HttpServlet {

        @Override
        protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
            //获取前端请求的参数:
            String username = req.getParameter("username");
            if(username.equals("admin")){//登录成功
                req.getSession().setAttribute("USER_SESSION",req.getSession().getId());
                //登录成功之后,重定向到成功页面
                resp.sendRedirect("/sys/success.jsp");
            }else{//登录失败

                resp.sendRedirect("/error.jsp");

            }


        }

        @Override
        protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
            doGet(req, resp);
        }
    }

  • 代码案例:退出Servlet


    public class LogoutServlet  extends HttpServlet {

        @Override
        protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

            //移除登录的那个session即可实现推出操作:
            Object user_session = req.getSession().getAttribute("USER_SESSION");
            if(user_session !=null ){
                req.getSession().removeAttribute("USER_SESSION");
                resp.sendRedirect("/login.jsp");
            }else{
                resp.sendRedirect("/login.jsp");
            }

        }

        @Override
        protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
            doGet(req, resp);
        }
    }

  • 代码案例:过滤器


    /**
     * 过滤器
     */
    public class SysFilter implements Filter {


        public void init(FilterConfig filterConfig) throws ServletException {

        }

        public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
            System.out.println("开始处理...");
            HttpServletRequest req=(HttpServletRequest)request;
            HttpServletResponse resp=(HttpServletResponse)response;
            Object username = req.getSession().getAttribute("USER_SESSION");

            if(username == null){
                resp.sendRedirect("/error.jsp");
            }

            chain.doFilter(request,response);//放行
            System.out.println("结束处理...");
        }

        public void destroy() {

        }
    }

  • 代码案例:web.xml

    <?xml version="1.0" encoding="UTF-8"?>
    <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
             version="4.0">
        

        <!--注册一个Servlet-->
        <servlet>
            <servlet-name>loginServlet</servlet-name>
            <servlet-class>com.servlet.LoginServlet</servlet-class>
        </servlet>

        <servlet-mapping>
            <servlet-name>loginServlet</servlet-name>
            <url-pattern>/servlet/login</url-pattern>
        </servlet-mapping>


        <!--注册一个Servlet-->
        <servlet>
            <servlet-name>logoutServlet</servlet-name>
            <servlet-class>com.servlet.LogoutServlet</servlet-class>
        </servlet>

        <servlet-mapping>
            <servlet-name>logoutServlet</servlet-name>
            <url-pattern>/servlet/logout</url-pattern>
        </servlet-mapping>


        <!--配置Filter过滤器-->
        <filter>
            <filter-name>SysFilter</filter-name>
            <filter-class>com.lesson.demo01.SysFilter</filter-class>
        </filter>

        <filter-mapping>
            <filter-name>SysFilter</filter-name>
            <!--只要是/servlet/的任何请求,都会经过这个过滤器 -->
            <url-pattern>/sys/*</url-pattern>
        </filter-mapping>


    </web-app>

     

 

posted @   gzs1024  阅读(149)  评论(0编辑  收藏  举报
相关博文:
·  javaweb学习22:过滤器Filter
·  SpringMVC学习16:验证用户是否登录/拦截器
·  狂神说 javaweb 27集:Filter 实现权限拦截
·  filter 权限拦截实现
·  Filter实现权限拦截
阅读排行:
· 震惊!C++程序真的从main开始吗?99%的程序员都答错了
· 【硬核科普】Trae如何「偷看」你的代码?零基础破解AI编程运行原理
· 单元测试从入门到精通
· 上周热点回顾(3.3-3.9)
· winform 绘制太阳,地球,月球 运作规律
点击右上角即可分享
微信分享提示
AI IDE Trae