通过过滤器对一批页面或Servlet统一进行身份验证
运行本例,直接进入loginsuccess.jsp页面,会弹出提示信息
过滤器实现类FilterLogin.java
public class FilterLogin extends HttpServlet implements Filter {
private FilterConfig filterConfig;
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
throws IOException, ServletException {
HttpSession session=((HttpServletRequest)request).getSession();
response.setCharacterEncoding("utf-8");
if(session.getAttribute("user")==null){ //判断session是否由user这个对象
PrintWriter out=response.getWriter(); //创建一个输出流
//如果为空则通过javascript脚本输出提示并跳转到index页面
out.println("<script language=javascript>alert('您还没有登录');window.location.href='../index.jsp';</script>");
}else{
filterChain.doFilter(request, response);
}
}
@Override
public void init(FilterConfig arg0) throws ServletException {
this.filterConfig=filterConfig;
}
}
JavaBean类User
public class User {
private String username;
private String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
用户登录页面index.jsp页面
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
<script type="text/javascript">
function checkEmpty(){
if(document.form.name.value==""){
alert("用户名不能为空");
document.form.name.focus();
return false;
}
if(document.form.password.value==""){
alert("密码不能为空");
document.form.password.focus();
return false;
}
}
</script>
</head>
<body>
<h3> </h3>
<p align="center">使用过滤器身份验证</p>
<form name="form" method="post" action="loginresult.jsp" onSubmit="return checkEmpty()">
<table width="220" border="1" align="center" cellpadding="0" cellspacing="0" cgcolor="808080">
<tr>
<td align="center">用户名</td>
<td><input type="text" name="name"></td>
</tr>
<tr>
<td align="center">密码</td>
<td><input type="password" name="password"></td>
</tr>
<tr>
<td align="center" colspan="2">
<input type="submit" name="Submit" value="登录">
<input type="submit" value="退出">
</td>
</tr>
</table>
</body>
</html>
创建loginresult.jsp页面,在user对象的session中执行跳转到下一页面
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@page import="com.cn.zj.Filter.User" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<%
request.setCharacterEncoding("utf-8");
String name=request.getParameter("name");
String password=request.getParameter("password");
User user=new User();
user.setUsername(name);
user.setPassword(password);
session.setAttribute("user",user);
response.sendRedirect("filter/loginsuccess.jsp");
%>
</body>
</html>
创建loginsuccess.jsp页面
<%@ page contentType="text/html; charset=gb2312" language="java" import="java.sql.*" errorPage="" %>
<%@ page import="com.cn.zj.Filter.User"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>使用过滤器身份验证</title>
</head>
<body><div align="center">
<table width="333" height="285" cellpadding="0" cellspacing="0">
<tr>
<td align="center">
<p>您己成功登录</p>
<p><br>
<a href="backtrack.jsp">返回</a>
</p></td>
</tr>
</table>
</div>
</body>
</html>
backtrack.jsp页面
<%
session.invalidate();
out.print("<script language='javascript'>window.location.href='../index.jsp';</script>");
%>
web.xml文件配置
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<filter>
<filter-name>filterUSer</filter-name>
<filter-class>com.cn.zj.Filter.FilterLogin</filter-class>
</filter>
<filter-mapping>
<filter-name>filterUser</filter-name>
<url-pattern>/filter/*</url-pattern>
</filter-mapping>