jsp实现登录验证的过滤器

1.新建一个Dynamic Web Project项目，里面新建1个filter文件、1个servlet文件和2个jsp文件，整体的框架如图所示：

2.LoginFilter.java里面的代码如下所示：

package filter;import java.io.IOException;import java.io.PrintWriter;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.annotation.WebFilter;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;@WebFilter(filterName = "loginFilter", urlPatterns = { "/*" })public class LoginFilter implements Filter {public void destroy() {}public void doFilter(ServletRequest request, ServletResponse response,FilterChain chain) throws IOException, ServletException {HttpServletRequest req = (HttpServletRequest) request;HttpServletResponse resp = (HttpServletResponse) response;HttpSession session = req.getSession(true);resp.setContentType("text/html;");resp.setCharacterEncoding("utf-8");PrintWriter out = resp.getWriter();String request_uri = req.getRequestURI();String ctxPath = req.getContextPath();String uri = request_uri.substring(ctxPath.length());if (uri.contains("login.jsp") || uri.contains("loginServlet")) {chain.doFilter(request, response);} else {if (session.getAttribute("user") != null) {chain.doFilter(request, response);} else {out.println("您没有登录，请先登录！3秒后回到登录页面。");resp.setHeader("refresh", "3;url=" + ctxPath + "/login.jsp");return;}}}public void init(FilterConfig fConfig) throws ServletException {}}

3.LoginServlet.java里面的代码如下所示：

package servlet;import java.io.IOException;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;@WebServlet(name = "loginServlet", urlPatterns = { "/loginServlet" })public class LoginServlet extends HttpServlet {private static final long serialVersionUID = 1L;protected void doGet(HttpServletRequest request,HttpServletResponse response) throws ServletException, IOException {doPost(request, response);}protected void doPost(HttpServletRequest request,HttpServletResponse response) throws ServletException, IOException {String username = request.getParameter("name");String password = request.getParameter("pwd");if ("filter".equals(username) && "filter".equals(password)) {HttpSession session = request.getSession(true);session.setAttribute("user", username);response.sendRedirect("loginSuccess.jsp");} else {response.sendRedirect("login.jsp");}}}

4.login.jsp里面的代码如下所示：

<%@page import="java.util.Date"%><%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8"%><!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>example</title></head><body bgcolor="lightPink"><form action="loginServlet" method="post"><table><tr><td>用户名：</td><td><input type="text" name="name" /></td></tr><tr><td>密码：</td><td><input type="password" name="pwd" /></tr><tr><td><input type="submit" value="提交" /></td><td><input type="reset" value="重置" /></td></tr></table></form></body></html>

5.loginSuccess.jsp里面的代码如下所示：

<%@page import="java.util.Date"%><%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8"%><!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>example</title></head><body><%String username = (String) session.getAttribute("user");%>恭喜<%=username%>登录成功！</body></html>

6.在浏览器里面输入http://localhost:8080/Servlet/login.jsp运行之后得到的结果如下所示：