filter登录验证 



LoginServlet.java
package com.exp.servlet;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.exp.model.User;
import com.exp.service.LoginServiceImpl;

/**
 * Servlet implementation class LoginServlet
 */
@WebServlet("/LoginServlet")
public class LoginServlet extends HttpServlet {
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        String autoLogin = request.getParameter("autoLogin");
        
        User user = new LoginServiceImpl().findUser(username,password);
        if(user != null){//登录成功
            //1.把用户数据保存在session中
            request.getSession().setAttribute("user", user);
            //2.响应客户端
            request.getRequestDispatcher("/main.jsp").forward(request, response);
        }else{
            //登录失败
            request.getSession().setAttribute("errMsg", "用户名和密码不正确");
            request.getRequestDispatcher("/login.jsp").forward(request, response);
        }
        
    }

}

 

LoginServiceImpl.java
package com.exp.service;

import com.exp.model.User;

public class LoginServiceImpl {
    User user = null;
    public User findUser(String username,String password){
        if("exp".equals(username) && "123".equals(password)){
            user = new User(username,password);
        }
        return user;
    }
}

 

LoginFilter.java
package com.exp.web.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

import com.exp.model.User;

public class LoginFilter implements Filter{

    @Override
    public void destroy() {
        // TODO Auto-generated method stub
        
    }
    @Override
    public void init(FilterConfig arg0) throws ServletException {
        // TODO Auto-generated method stub
        
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        //把ServletRequest接口转成 HttpServletRequest 对象
        HttpServletRequest mrequest = (HttpServletRequest) request;
        String uri = mrequest.getRequestURI();
        System.out.println(uri);
        if(uri.endsWith("login.jsp") || uri.endsWith("LoginServlet")){
            chain.doFilter(request, response);//放行
            return;
        }
        
        User user = (User) mrequest.getSession().getAttribute("user");
        if(user != null){
            chain.doFilter(request, response);//放行
        }else{
            mrequest.getSession().setAttribute("errMsg", "首先请登录");
            mrequest.getRequestDispatcher("login.jsp").forward(request, response);
        }
        
    }
}

 

posted @ 2019-03-06 00:35  expworld  阅读(121)  评论(0)    收藏  举报