目錄
一、上一節遺留問題及解決方法
在上一節中我們已經完成了兩個頁面,即登錄頁面和博客主頁,但我們發現,在瀏覽器中直接用博客主頁的url也能直接進入登陸後的頁面,這並不是我們想要的結果。因此本節重點解決這一問題。
解決方法也很簡單,利用Filter就可解決這一問題,在LoginServlet中如果我們驗證通過了用戶的登錄,那我們可以在session中添加一個user數據作爲標記。在Filter中我們再從session中獲取user,如果獲取到了,則代表我們是登陸進來的,正常執行後面的動作(即打開主頁),否則跳轉到登錄頁。最重要的一點是我們要在web.xml中配置Filter,將需要進行過濾的url添加進去(即將博客主頁添加進去)
二、關鍵代碼
LoginServlet.java
if(isLoing) {
//這個字符串將會在js中被接收
//1代表登錄成功
//2代表用戶名或密碼爲空
//3代表用戶名或密碼錯誤
//若登陸成功,則將用戶名存入session,後面在Fileter中進行檢測,如果session中有相應數據,則證明用戶是登陸進入的主頁,而不是直接通過url進入。
request.getSession().setAttribute("user",Account);
out.write("1");
}else if(Account==""||Password==""){
out.write("2");
}else {
out.write("3");
}
out.close();
LoginFilter.java
package com.blog.dong;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.catalina.User;
/**
* Servlet Filter implementation class LoginFilter
*/
@WebFilter("/LoginFilter")
public class LoginFilter implements Filter {
/**
* Default constructor.
*/
public LoginFilter() {
// TODO Auto-generated constructor stub
}
/**
* @see Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
// TODO Auto-generated method stub
// place your code here
// pass the request along the filter chain
HttpServletRequest httpServletRequest = (HttpServletRequest)request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
HttpSession session = httpServletRequest.getSession();
String user = (String)session.getAttribute("user");
if(user!=null) {
//如果session中存在user這個數據,則繼續下一步
chain.doFilter(httpServletRequest, httpServletResponse);
return;
}else {
//如果session中不存在user這個數據,則轉到登錄頁面
httpServletResponse.sendRedirect("/BlogDong/Login.html");
return;
}
}
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
// TODO Auto-generated method stub
}
}
web.xml
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.blog.dong.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/BlogCenter.html</url-pattern>
</filter-mapping>
三、結果
當輸入http://localhost:8080/BlogDong/BlogCenter.html
頁面將會跳轉到登錄頁