一、過濾器Filter實現對已註銷用戶強制訪問登錄後界面的攔截
1.實現功能
實現用戶登錄後才能進入主頁,註銷後及時輸入主頁url也不能進入主頁
2. 核心代碼
在需要登錄的文件夾加一個過濾器
HttpServletRequest request = (HttpServletRequest) servletRequest;
if (request.getSession().getAttribute(Constant.USER_SESSION)==null){
HttpServletResponse response = (HttpServletResponse) servletResponse;
response.sendRedirect(request.getContextPath()+"/LogOff");
}
filterChain.doFilter(servletRequest,servletResponse);//轉發給其他過濾器或者Servlet
3.框架
4.代碼
登錄頁面login.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Login</title>
</head>
<body>
<h1>登錄界面login.jsp</h1>
<form action="<%=request.getContextPath()%>/Login" method="post">
登錄名稱<input type="text" name="username" >
<br>
登錄密碼<input type="password" name="password">
<br>
<input type="submit" value="登錄">
</form>
</body>
</html>
2.實現登錄邏輯的Servlet ,Login.java
package com.bmft.loginInterception;
import com.bmft.util.Constant;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* 這個類是用戶在登錄界面
* 點擊登錄後實現跳轉邏輯的Servlet
*/
public class Login extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String username = req.getParameter("username");
String password = req.getParameter("password");
if (username == null || password == null){
System.out.println("====登錄失敗null====");
resp.sendRedirect("loginFailed.jsp");
}
else if (username.equals("root") && password.equals("123456")) {
req.getSession().setAttribute(Constant.USER_SESSION, req.getSession().getId());
System.out.println("====登錄成功====");
resp.sendRedirect("sys/homePage.jsp");
} else {
System.out.println("====登錄失敗====");
resp.sendRedirect("loginFailed.jsp");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
3.登錄失敗的頁面 loginFailed.jsp
<%--
Created by IntelliJ IDEA.
User: 25301
Date: 2020/6/19
Time: 10:39
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>登錄失敗</title>
</head>
<body>
<h1>登錄失敗!</h1>
<h2>賬號或者密碼錯誤</h2>
<a href="login.jsp">重新登錄</a>
</body>
</html>
3.登錄成功進入主頁之前的過濾器LoginFilter.java
package com.bmft.filter;
import com.bmft.util.Constant;
import javax.servlet.*;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* 過濾器步驟
* 1.導包:到一個正確Servlet下的包,實現 Filter
* 2.實現方法都Filter
* (1)實現過濾
* (2)釋放
* 3.配置過濾器web.xml
*/
public class LoginFilter implements Filter {
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("=====過濾器LoginFilter初始化=====");
}
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("=====LoginFilter過濾開始=====");
HttpServletRequest request = (HttpServletRequest) servletRequest;
if (request.getSession().getAttribute(Constant.USER_SESSION)==null){
HttpServletResponse response = (HttpServletResponse) servletResponse;
response.sendRedirect(request.getContextPath()+"/LogOff");
}
filterChain.doFilter(servletRequest,servletResponse);//轉發給其他過濾器或者Servlet
System.out.println("=====LoginFilter轉發完成,過濾結束======");
}
public void destroy() {
System.out.println("====LoginFilter過濾器銷燬=====");
}
}
4.登錄成功的主頁sys/ 目錄下的 homePage.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>主頁</title>
</head>
<body>
<h1 style="color: aqua">登錄成功!這裏是主頁homePage</h1>
<h2>登錄成功!id = :<%=request.getSession().getId()%></h2>
<a href="<%=request.getContextPath()%>/LogOff">註銷登錄</a>
</body>
</html>
5.登錄主頁下點擊註銷執行的Servlet,LogOff.java
package com.bmft.loginInterception;
import com.bmft.util.Constant;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* 這個類在用戶的登錄成功進入主頁的
* 時候點擊註銷登錄觸發 註銷操作,銷燬對應的 USER_SESSION 的值
* 然後跳轉登錄頁面
*/
public class LogOff extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
req.getSession().setAttribute(Constant.USER_SESSION,null);
resp.sendRedirect("login.jsp");
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
6.編碼過濾器 Filter01.java 實現編碼的設置
package com.bmft.filter;
import javax.servlet.*;
import java.io.IOException;
/**
* 過濾器步驟
* 1.導包:到一個正確Servlet下的包,實現 Filter
* 2.實現方法都Filter
* (1)實現過濾
* (2)釋放
* 3.配置過濾器web.xml
*/
public class Filter01 implements Filter {
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("=====Filter01過濾器初始化=====");
}
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("=====Filter01過濾開始=====");
servletRequest.setCharacterEncoding("utf-8");
servletResponse.setCharacterEncoding("utf-8");
servletResponse.setContentType("text/html;charset=UTF-8");
filterChain.doFilter(servletRequest,servletResponse);//轉發給其他過濾器或者Servlet
System.out.println("=====Filter01轉發完成,過濾結束======");
}
public void destroy() {
System.out.println("====Filter01過濾器銷燬=====");
}
}
7.web.xml的配置
<!--Login Servlet映射-->
<servlet>
<servlet-name>Login</servlet-name>
<servlet-class>com.bmft.loginInterception.Login</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Login</servlet-name>
<url-pattern>/Login</url-pattern>
</servlet-mapping>
<!--LogOff Servlet映射-->
<servlet>
<servlet-name>LogOff</servlet-name>
<servlet-class>com.bmft.loginInterception.LogOff</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LogOff</servlet-name>
<url-pattern>/LogOff</url-pattern>
</servlet-mapping>
<!--編碼過濾-->
<filter>
<filter-name>Filter01</filter-name>
<filter-class>com.bmft.filter.Filter01</filter-class>
</filter>
<filter-mapping>
<filter-name>Filter01</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--登錄攔截過濾 sys 文件夾-->
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.bmft.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/sys/*</url-pattern>
</filter-mapping>
5.頁面展示
1.登錄頁面login.jsp
2.錯誤登錄測試
3。返回重新登錄正確測試
4.不註銷的情況下複製登錄成功主頁鏈接,在另一個窗口打開
4.不註銷的情況下複製登錄成功主頁鏈接,在另一個瀏覽器(edge)打開
5.註銷後
刷新另一個窗口
二、錯誤與解決
1. 點擊登錄顯示404(相對路徑和絕對路勁的問題)
瞭解相對路徑和絕對路徑的區別使用
我的項目結構
1.絕對路徑
使用 /(反斜槓)會使用絕對路徑自動定義到 localhost:8080 目錄,而不是項目目錄,所以反斜槓一般配合項目路徑使用(例如)
<a href="<%=request.getContextPath()%>/LogOff">註銷登錄</a>
response.sendRedirect(request.getContextPath()+"/LogOff");
2.相對路徑:
不適用反斜槓,就是相對路徑,定義到 http://localhost:8080/filter02_war 目錄 (/filter02_war是你的項目)
相對路徑區別於絕對路徑(例如)
<a href="login.jsp">登錄</a>
resp.sendRedirect("login.jsp");
2.獲取的賬號密碼爲空
原因:使用req.getAttribute()獲取參數,應該是使用
req.getParameter(“password”);