采用过滤器的形式,实现对用户信息过滤。
1.login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Insert title here</title> </head> <body> <!-- 请求转发 --> <form action="UserLoginServletFiltere" method="post"> username:<input type="text" value="<%=null == request.getAttribute("username")?"" : request.getAttribute("username") %>" name="username"><br> password:<input type="text" name="password"><br> authority:<select name="authority"> <option value="1" <%="1".equals(request.getAttribute("authority"))?"selected = selected" : "" %>>common user</option> <option value="2" <%="2".equals(request.getAttribute("authority"))?"selected = selected" : "" %>>adminstrator</option> </select> <br> <input type="submit"> </form> </body> </html>
2.index.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <%@ page import="com.javabean.User" %> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Insert title here</title> </head> <body> <a href="QueryServletFilter">query</a><br> <% User user = (User)session.getAttribute("user"); if(null == user) { response.sendRedirect("login.jsp"); return; } if("2".equals(((User)session.getAttribute("user")).getAuthority())){ %> <a href="UpdateServletFilter">update</a> <%} %> </body> </html>
3.web.xml文件
<filter> <filter-name>loginFilter</filter-name> <filter-class>com.servlet.filter.SessionFilter</filter-class> </filter> <filter-mapping> <filter-name>loginFilter</filter-name> <url-pattern>/SessionFilter</url-pattern> </filter-mapping>
4.userLoginServlet.java
package com.servlet; import java.io.IOException; import javax.servlet.RequestDispatcher; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import com.javabean.User; public class UserLoginServlet extends HttpServlet { @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String username = (String)req.getParameter("username"); String password = (String)req.getParameter("password"); String authority = (String)req.getParameter("authority"); if("1".equals(authority)) { //登录的是普通用户 if("zhangsan".equals(username) && "123".equals(password)) { //将用户的信息放置到session中 User user = new User(); user.setUsername(username); user.setPassword(password); user.setAuthority(authority); HttpSession session = req.getSession(); session.setAttribute("user", user); req.getRequestDispatcher("index.jsp").forward(req, resp); return; } } else if("2".equals(authority)) { //登录的是系统管理员 if("lisi".equals(username) && "456".equals(password)) { //将用户的信息放置到session中 User user = new User(); user.setUsername(username); user.setPassword(password); user.setAuthority(authority); HttpSession session = req.getSession(); session.setAttribute("user", user); req.getRequestDispatcher("index.jsp").forward(req, resp); return; } } //表示登录失败 System.out.println("shibai"); //请求转发模式 // req.setAttribute("username", username); // req.setAttribute("authority",authority); // RequestDispatcher rd = req.getRequestDispatcher("login.jsp"); // rd.forward(req, resp); //重定向 resp.sendRedirect("login.jsp?error=true&username="+username+"&authority="+authority); } }
5.UpdateServlet
package com.servlet; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class QueryServletFilter extends HttpServlet { public void doPost(HttpServletRequest req,HttpServletResponse resp) throws ServletException,IOException { System.out.println("QureyServletFilter"); } public void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException,IOException { System.out.println("doGet"); doPost(req,resp); } }