First, the configuration file web.xml
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd" id="WebApp_ID" version="4.0"> <display-name>lessons</display-name> <welcome-file-list> <welcome-file>index.jsp</welcome-file> <welcome-file>index.html</welcome-file> </welcome-file-list> <!-- 存储用户信息session的键 --> <context-param> <param-name>userSessionKey</param-name> <param-value>user</param-value> </context-param> <!-- 登录页面 --> <context-param> <param-name>loginPage</param-name> <param-value>/Login.jsp </ param-value > </ context-param > < filter > < filter-name > LoginFilter </ filter-name > < filter-class > com.zyz.util.LoginFilter </ filter-class > < / filter > <!- filter requests from / admin / * -> < filter-mapping > < filter-name > LoginFilter </ filter-name > < url-pattern > / admin / * </url-pattern> </filter-mapping> </web-app>
Second, the login authentication filter LoginFilter.java
package com.zyz.util; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import com.zyz.user.User; @WebFilter("/LoginFilter") public class LoginFilter implements Filter { private String userSessionKey;//存储用户的session键名 private String loginPage;//登录页面 public LoginFilter() { } public void destroy() { } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest=(HttpServletRequest)request; HttpServletResponse httpResponse=(HttpServletResponse) response; User user = (User) httpRequest.getSession (). GetAttribute (userSessionKey); // If there is no login, or the logged-in user role is not an administrator if (user == null || user.getRole () = = 0 ) { String servletPath = httpRequest.getServletPath (); if (servletPath.endsWith (". Jsp" )) { // session write down the url of the currently requested jsp file, so that you can jump to the file httpRequest.getSession () .setAttribute ("url", httpRequest.getContextPath () + servletPath); } // Jump to the login page httpResponse.sendRedirect (httpRequest.getContextPath () +loginPage); return ; } // If you have logged in and the role is administrator, let go. chain.doFilter (httpRequest, httpResponse); } public void init (FilterConfig fConfig) throws ServletException { ServletContext context = fConfig.getServletContext (); userSessionKey = context.getInitParameter ("userSessionKey"); // Get this from the configuration file web.xml Parameter loginPage = context.getInitParameter ("loginPage"); // Get this parameter from the configuration file web.xml } }
Three, login processing LoginHandlerServlet.java
package com.zyz.user; import java.io.IOException; import java.util.Enumeration; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; @WebServlet("/LoginHandlerServlet") public class LoginHandlerServlet extends HttpServlet { private static final long serialVersionUID = 1L; public LoginHandlerServlet() { super(); } protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { this.doPost(request, response); } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); String name = request.getParameter("name"); String password = request.getParameter ("password" ); if (name! = null &&! name.equals ("") && password! = null &&! password.equals ("" )) { User u = UserService.getInstance (). loginCheck (name, password); if (u == null ) { response.getWriter (). println ( "Username or password is wrong, will jump to <a href='Login.jsp'> login after 3 seconds </ a > Page ... " ); response.setHeader ( " refresh "," 3; url = Login.jsp " ); return ; } else { HttpSession session=request.getSession(); //跳转前清空所有的session Enumeration<String> em=session.getAttributeNames(); while(em.hasMoreElements()){ String attributeName=em.nextElement(); if(!attributeName.equals("url")) { session.removeAttribute(attributeName); } } session.setAttribute("user", u); String url; if(session.getAttribute("url")!=null){ url=session.getAttribute("url").toString(); }else{ url="index.jsp"; } response.sendRedirect(url); } } } }
Fourth, the login page Login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <% String name=""; String password=""; Cookie[] cookies=request.getCookies(); for(Cookie c:cookies){ if(c.getName().equals("name")){ name=c.getValue(); } if(c.getName().equals("password")){ password=c.getValue(); } } %> <!doctype html> <html lang="en"> <head> <meta charset="UTF-8"> <title>用户登录</title> <meta name="renderer" content="webkit|ie-comp|ie-stand"> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> <meta name="viewport" content="width=device-width,user-scalable=yes, minimum-scale=0.4, initial-scale=0.8,target-densitydpi=low-dpi" /> <meta http-equiv="Cache-Control" content="no-siteapp" /> <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" /> <link rel="stylesheet" href="./admin/css/font.css"> <link rel="stylesheet" href="./admin/css/xadmin.css"> <script type="text/javascript" src="https://cdn.bootcss.com/jquery/3.2.1/jquery.min.js"></script> <script src="./lib/layui/layui.js" charset="utf-8"></script> <script type="text/javascript" src="./admin/js/xadmin.js"></script> </head> <body class="login-bg"> <div class="login layui-anim layui-anim-up"> <div class="message">用户登录</div> <div id="darkbannerwrap"></div> <form method="post" class="layui-form" action="LoginHandlerServlet"> <input name="name" placeholder="用户名" type="text" lay-verify="required|username" class="layui-input" value="<%= name %>" > <hr class="hr15"> <input name="password" lay-verify="required|password" placeholder="密码" type="password" class="layui-input" value=<%= password %>> <hr class="hr15"> <input value="登录" lay-submit lay-filter="login" style="width:100%;" type="submit"> <hr class="hr20" > </form> </div> < script > $ ( function () { layui.use ( ' form ' , function () { var form = layui.form; // layer.msg ('玩命 卖 萌 中', function () { // // after closing Operation // )); // Listen to submit / * form.on ('submit (login)', function (data) { // alert (888) layer.msg (JSON.stringify (data.field), function ( ) { location.href = 'index.html' }); return false; }); * / / *form.verify ({ 'username': [/ \ w {6,20} /, 'Username must be 6 to 20 letters, numbers or underscores'], 'password': [/ \ w {6,12} /, 'Password must be 6 to 12 letters, numbers or underscores'] }) * / }); }) </ script > <!- End at the bottom- > </ body > </ html >