有些網站需要登錄以后才能訪問網站內部資源,這就需要我們做一個過濾器,當用戶訪問網站內部資源時,要先經過過濾器,過濾器判斷是否有這個用戶,有則跳轉進入網站內部頁面,沒有則返回登錄頁面。

 

過濾器代碼:

package com.dr.course;

 

import java.io.IOException;

 

import javax.servlet.Filter;

import javax.servlet.FilterChain;

import javax.servlet.FilterConfig;

import javax.servlet.ServletException;

import javax.servlet.ServletRequest;

import javax.servlet.ServletResponse;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpSession;

 

import com.dr.common.Global;

import com.dr.vo.User;

 

public class IsLoginFilter implements Filter {

 

       public void destroy() {

             

       }

 

       public void doFilter(ServletRequest request, ServletResponse response,

                     FilterChain filterChain) throws IOException, ServletException {

             

              System.out.println("every request pass here");

              HttpServletRequest hrequest=(HttpServletRequest)request;

              HttpSession session=hrequest.getSession();

              User user =     (User)session.getAttribute(Global.USER);

              if(user == null){

                     //跳轉到登陸頁面

            hrequest.getRequestDispatcher("/index.jsp").forward(request,response);                 

              }

              filterChain.doFilter(request, response);

       }

 

       public void init(FilterConfig filterConfig) throws ServletException {

             

       }

 

}

 

LoginServlet類,進行登錄之后的處理:

package com.dr.course;

 

import java.io.IOException;

 

import javax.servlet.ServletException;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import javax.servlet.http.HttpSession;

 

import com.dr.common.Global;

import com.dr.vo.User;

 

public class LoginServlet extends HttpServlet{

      

       public void doPost(HttpServletRequest request,HttpServletResponse response)throws ServletException,IOException{

             

              String userName=request.getParameter("username");

              String passWord=request.getParameter("password");

             

          

            System.out.println("userName | " + userName);

            System.out.println("passWord | " + passWord);

            User user = new User();

            user.setUserName(userName);

            user.setPassWord(passWord);

            HttpSession session = request.getSession();

            //登錄成功,把User放到session,然后在攔截器中判斷

            //key--value

            session.setAttribute(Global.USER, user);

            request.getRequestDispatcher("/admin/main.jsp").forward(request, response);

             

             

             

       }

 

}

 

web.xml中配置如下:

- <filter>

  <filter-name>isLogin</filter-name>

  <filter-class>com.dr.course.IsLoginFilter</filter-class>

  </filter>

- <filter-mapping>

  <filter-name>isLogin</filter-name>

  <url-pattern>/admin/*</url-pattern>

  </filter-mapping>

- <servlet>

  <servlet-name>login</servlet-name>

  <servlet-class>com.dr.course.LoginServlet</servlet-class>

  </servlet>

- <servlet-mapping>

  <servlet-name>login</servlet-name>

  <url-pattern>/login</url-pattern>

  </servlet-mapping>


 未登錄界面:

成功登錄的界面: