使用三个Servlet实现简单登录验证
功能描述:
1. LoginServlet.java: 登录界面Servlet
2. LoginClServlet.java: 用户名和密码校验业务处理
3. WelcomeServlet.java: 登录成功的欢迎界面
-----------------------------------------------------
1. LoginServlet.java:
public class LoginServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
// 设置编码
resp.setCharacterEncoding("GBK");
// 创建输出流
PrintWriter out = resp.getWriter();
// 创建登录页面
out.print("<html>");
out.print("<body>");
out.print("<form action='loginCl' method='POST'>");
out.print("用户名: <input type='text' name='userName'/><br/>");
out.print("密码: <input type='password' name='password'/><br/>");
out.print("<input type='submit' value='登录'/>");
out.print("</form>");
out.print("</body>");
out.print("</html>");
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
this.doGet(req, resp);
}
}
2. web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<!-- 登录界面Servlet -->
<servlet>
<servlet-name>login</servlet-name>
<servlet-class>com.itcast.servlet.LoginServlet</servlet-class>
</servlet>
<!-- 登录处理Servlet -->
<servlet>
<servlet-name>loginCl</servlet-name>
<servlet-class>com.itcast.servlet.LoginClServlet</servlet-class>
</servlet>
<!-- 欢迎页面Servlet -->
<servlet>
<servlet-name>welcome</servlet-name>
<servlet-class>com.itcast.servlet.WelcomeServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>login</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>loginCl</servlet-name>
<url-pattern>/loginCl</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>welcome</servlet-name>
<url-pattern>/welcome</url-pattern>
</servlet-mapping>
</web-app>
3. LoginClServlet.java:
@SuppressWarnings("serial")
public class LoginClServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
// 获取参数
String userName = req.getParameter("userName");
String password = req.getParameter("password");
// 简单校验
if ("Peter".equals(userName) && "123".equals(password)) {
// 跳转到成功页面
resp.sendRedirect("welcome");
} else {
// 跳转到登录界面
resp.sendRedirect("login");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
this.doGet(req, resp);
}
}
4. WelcomeServlet.java:
public class WelcomeServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
resp.setCharacterEncoding("GBK");
PrintWriter out = resp.getWriter();
out.print("<h2>欢迎来访!</h2>");
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
this.doGet(req, resp);
}
}
-------------------------------------------------
测试:
------------------------------------------------------------
功能: 同一用户不同页面共享数据, 传递用户名和密码
方法1: sendRedirect重定向
LoginClServlet.Java:
resp.sendRedirect("welcome?userName=" + userName + "&password=" + password);
WelcomeServlet.Java:
resp.setContentType("text/html;charset=UTF-8"); // 告诉浏览器发送的是html片段, 否则有点浏览器会不解析
out.print("<h2>欢迎来访! 用户名: " + userName
+ ", 密码: " + password + "</h2>");
测试:
URL中显示用户信息, 不安全! 重定向地址栏变化, 改用转发, 地址栏没有变化:
req.getRequestDispatcher("welcome?userName=" + userName + "&password=" + password).forward(req, resp);
方法2: 使用隐藏表单传递数据
功能: LoginServlet 向 LoginClServlet 传递用户id
LoginServlet.java:
out.print("<input type='hidden' name='id' value='007'/>");
LoginClServlet.java:
String id = req.getParameter("id");
System.out.println("id: " + id);
测试:
页面不显示该控件, 但是后台打印:
浙公网安备 33010602011771号