JSP基本登录模Ⅹ(Servlet过滤器验证Session)
来源:互联网 发布:淘宝店铺关注人数排名 编辑:程序博客网 时间:2024/04/30 03:45
http://mgc.name/article.asp?id=124
使用Servlet过滤器验证Session
登录模块至少需要以下几个页面:
JSP模块:
1.输入用户信息页面(login.jsp);
2.登录成功欢迎页面(pass.jsp)(检查Session设置);
3.注销登录页面(logout.jsp)。
Servlet模块:
1.检查Cookie页面(index.mgc)(servlet:CheckCookie.java);
2.用户合法性验证页面(check.mgc)(servlet:CheckMember.java);
Filter模块:
验证Session(SessionFilter.java);
DAO模块:
1.VO对象类(Member.java);
2.数据库操作接口类(MemberDAO.java);
3.数据库连接类(DataBaseConnection.java);
4.数据库操作类(DAOMemberImpl.java);
5.工厂类(DAOFactory.java)。
数据库:member.mdb
结构图:
---------------------------------------------------------------------
index.mgc
|
|判断Cookie中有无用户名、密码
----------------------
| Y N |
| V
| login.jsp<--------------------
| |输入用户名、密码 |
| V |
---------------->check.mgc |
|调用DAO模块 |
查询数据库 V |
member.mdb<--->DAO |
|返回结果 |
V |
check.mgc |
|判断用户是否合法 |
--------------------- |
| Y N | |
V V |
pass.jsp 跳转--------------->|
| |
| 检查session是否含有用户名 |
----------------- |
| Y N | |
V V |
pass.jsp 跳转------------------------->|
| |
|注销 |
V |
logout.jsp------------------------------------>|
---------------------------------------------------------------------
CheckCookie.java:
01.package mgc.login.mvc.servlet; 02. 03.import java.io.*; 04.import javax.servlet.*; 05.import javax.servlet.http.*; 06.import mgc.dao.login.member.*; 07. 08.public class CheckCookie extends HttpServlet { 09. 10. 11. public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { 12. 13. this.doPost(request, response); 14. } 15. public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { 16. 17. String username=null; 18. String password=null; 19. //取得Cookie的全部属性 20. Cookie c[]=request.getCookies(); 21. int i; 22. for(i=0;i<c.length;i++) { 23. 24. if("username".equals(c[i].getName())) { 25. 26. //Cookie中有用户名,保存 27. username=c[i].getValue(); 28. } 29. if("password".equals(c[i].getName())) { 30. 31. //Cookie中有密码,保存 32. password=c[i].getValue(); 33. } 34. } 35. if(username!=null && password!=null) { 36. 37. //Cookie中含有用户名和密码,提交跳转到用户验证页面 38. request.setAttribute("username", username); 39. request.setAttribute("password",password); 40. request.getRequestDispatcher("check.mgc").forward(request,response); 41. } 42. else { 43. 44. //Cookie中没有用户名、密码,跳转到登录页面 45. response.sendRedirect("login.jsp"); 46. } 47. } 48. 49.}
login.jsp:
01.<%@ page contentType="text/html;charset=GB2312" %> 02.<%@ page import="java.util.*" %> 03.<html> 04. <head> 05. <title>登录</title> 06. </head> 07. 08. <body> 09. <center> 10. <h1>登录页面</h1> 11. <hr> 12.<% 13. //接收错误信息 14. List errors=(List)request.getAttribute("errors"); 15. if(errors!=null) { 16. 17. //有错误信息,全部打印 18. Iterator iter=errors.iterator(); 19. while(iter.hasNext()) { 20. 21.%> 22. <h4><font color="red">*<%=iter.next() %></font></h4> 23.<% 24. } 25. } 26.%> 27. <form action="check.mgc" method="post"> 28. <table> 29. <tr> 30. <td>用户名:</td> 31. <td><input type="text" name="username" value="${member.username } " /></td> 32. </tr> 33. <tr> 34. <td>密 码:</td> 35. <td><input type="password" name="password" /></td> 36. </tr> 37. <tr> 38. <td>Cookie选项:</td> 39. <td> 40. <input type="radio" name="cookie" value="nosave" checked>不保存 41. <input type="radio" name="cookie" value="save">保存1分钟 42. </td> 43. </tr> 44. <tr> 45. <td colspan="2" align="center"> 46. <input type="submit" value="登录" /> 47. <input type="reset" value="重置" /> 48. </td> 49. </tr> 50. </table> 51. </form> 52. </center> 53. </body> 54.</html>
CheckMember.java:
01.package mgc.login.mvc.servlet; 02. 03.import java.io.*; 04.import java.util.*; 05.import javax.servlet.*; 06.import javax.servlet.http.*; 07.import mgc.login.mvc.vo.*; 08.import mgc.login.mvc.factory.*; 09. 10.public class CheckMember extends HttpServlet { 11. 12. 13. public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { 14. 15. this.doPost(request, response); 16. } 17. public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { 18. 19. String username=request.getParameter("username"); 20. String password=request.getParameter("password"); 21. String savecookie=request.getParameter("cookie"); 22. List errors=new ArrayList(); 23. Member mem=new Member(); 24. mem.setUsername(username); 25. mem.setPassword(password); 26. mem.setErrors(errors); 27. String path="login.jsp"; 28. if(!mem.isEmpty()) { 29. 30. //用户名、密码不为空,验证 31. try{ 32. 33. //判断用户名、密码的合法性 34. if(DAOFactory.getMemberInstance().isUser(mem)) 35. { 36. //合法用户 37. //设置跳转页面为欢迎页面 38. path="pass.jsp"; 39. //设置session属性 40. request.getSession().setAttribute("username",mem.getUsername()); 41. if("save".equals(savecookie)) { 42. 43. //如果选择了保存Cookie选项,则保存Cookie 44. Cookie c1=new Cookie("username",mem.getUsername()); 45. Cookie c2=new Cookie("password",mem.getPassword()); 46. //设置Cookie保存时间为1分钟 47. c1.setMaxAge(60); 48. c2.setMaxAge(60); 49. response.addCookie(c1); 50. response.addCookie(c2); 51. } 52. } 53. else { 54. 55. errors.add("用户名或密码错误!"); 56. } 57. } 58. catch(Exception e) { 59. 60. System.out.println(e); 61. } 62. } 63. //保存错误信息 64. request.setAttribute("errors", errors); 65. //保存用户信息 66. request.setAttribute("member", mem); 67. //跳转 68. request.getRequestDispatcher(path).forward(request, response); 69. } 70.}
pass.jsp:
01.<%@ page contentType="text/html;charset=GB2312" %> 02.<html> 03. <head> 04. <title>登录成功</title> 05. </head> 06. 07. <body> 08. <center> 09. <h1>登录成功!!</h1> 10. <hr> 11. <h3>欢迎<font size="12" color="red"> 12. <%--forward跳转为服务器端跳转,跳转后仍在check.jsp页面,可以继续使用usename参数 --%> 13. <%=request.getParameter("username") %> 14. </font>光临!</h3> 15. <p> 16. <a href="logout.jsp">注销登录</a> 17. </center> 18. </body> 19.</html>
logout.jsp:
01.<%@ page contentType="text/html;charset=GB2312" %> 02.<html> 03. <head> 04. <title>注销登录</title> 05. </head> 06. 07. <body> 08. <% 09. //使session失效 10. session.invalidate(); 11. %> 12. <center> 13. <h1>注销成功!</h1> 14. 3秒后跳转到登录页面 15. <p> 16. 如果没有跳转,请点<a href="login.jsp">这里</a> 17. <% 18. response.setHeader("refresh","3;URL=login.jsp"); 19. %> 20. </center> 21. </body> 22.</html>
SessionFilter.java:
01.package mgc.filter.test; 02. 03.import java.io.*; 04.import javax.servlet.*; 05.import javax.servlet.http.*; 06. 07.public class SessionFilter implements Filter { 08. 09. public void init(FilterConfig conf) throws ServletException { 10. 11. } 12. 13. public void doFilter(ServletRequest request,ServletResponse response,FilterChain chain ) throws IOException,ServletException { 14. 15. HttpServletRequest req = (HttpServletRequest) request; 16. String username = (String)req.getSession().getAttribute("username"); 17. if(username!=null) { 18. 19. //Session中含有用户名 20. chain.doFilter(request, response); 21. } 22. else { 23. 24. //Session中没有用户名,跳转到登录页面 25. req.getRequestDispatcher("login.jsp").forward(request, response); 26. } 27. } 28. 29. public void destroy() { 30. 31. } 32.}
Member.java:
01.package mgc.login.mvc.vo; 02. 03.import java.util.*; 04. 05.public class Member { 06. 07. private String username; 08. private String password; 09. private List errors; 10. 11. public void setUsername(String username) { 12. 13. this.username=username; 14. } 15. 16. public void setPassword(String password) { 17. 18. this.password=password; 19. } 20. 21. public void setErrors(List errors) { 22. 23. this.errors=errors; 24. } 25. 26. public String getUsername() { 27. 28. return this.username; 29. } 30. 31. public String getPassword() { 32. 33. return this.password; 34. } 35. 36. public List getErrors() { 37. 38. return this.errors; 39. } 40. 41. public boolean isEmpty() { 42. 43. boolean iserror=false; 44. if(this.username==null || "".equals(this.username)) { 45. 46. iserror=true; 47. this.errors.add("用户名不能为空!"); 48. } 49. if(this.password==null || "".equals(this.password)) { 50. 51. iserror=true; 52. this.errors.add("密码不能为空!"); 53. } 54. return iserror; 55. } 56. 57.}
MemberDAO.java:
1.package mgc.login.mvc.dao; 2. 3.import mgc.login.mvc.vo.*; 4. 5.public interface MemberDAO { 6. //判断用户是否合法 7. public boolean isUser(Member member) throws Exception; 8.}
DataBaseConnection.java:
01.package mgc.login.mvc.dbc; 02. 03.import java.sql.*; 04.import java.sql.DriverManager; 05. 06.public class DataBaseConnection { 07. 08. private final String DBDRIVER="sun.jdbc.odbc.JdbcOdbcDriver"; 09. private final String DBURL="jdbc:odbc:member"; 10. private Connection conn=null; 11. 12. public DataBaseConnection() { 13. try{ 14. Class.forName(DBDRIVER); 15. this.conn=DriverManager.getConnection(DBURL); 16. } 17. catch(Exception e){} 18. } 19. 20. public Connection getConnection() { 21. return this.conn; 22. } 23. 24. public void close() { 25. try{ 26. this.conn.close(); 27. } 28. catch(Exception e){} 29. } 30.}
DAOMemberImpl.java:
01.package mgc.login.mvc.impl; 02. 03.import java.sql.*; 04.import mgc.login.mvc.vo.*; 05.import mgc.login.mvc.dao.*; 06.import mgc.login.mvc.dbc.*; 07. 08.public class MemberDAOImpl implements MemberDAO { 09. public boolean isUser(Member member) throws Exception { 10. //设置标志,判断数据库中是否有符合查询条件的记录,true表示有,false表示没有 11. boolean is_user=false; 12. String sql="Select * FROM member Where username=? AND password=?"; 13. PreparedStatement pstmt=null; 14. ResultSet rs=null; 15. DataBaseConnection dbc=null; 16. try{ 17. dbc=new DataBaseConnection(); 18. pstmt=dbc.getConnection().prepareStatement(sql); 19. pstmt.setString(1, member.getUsername()); 20. pstmt.setString(2, member.getPassword()); 21. rs=pstmt.executeQuery(); 22. if(rs.next()){ 23. //有符合查询条件的记录 24. is_user=true; 25. } 26. rs.close(); 27. pstmt.close(); 28. } 29. catch(Exception e){ 30. throw new Exception("数据库操作失败"); 31. } 32. finally{ 33. dbc.close(); 34. } 35. return is_user; 36. } 37.}
DAOFactory.java:
01.package mgc.login.mvc.factory; 02. 03.import mgc.login.mvc.dao.*; 04.import mgc.login.mvc.impl.*; 05. 06.public class DAOFactory { 07. public static MemberDAO getMemberInstance() { 08. return new MemberDAOImpl(); 09. } 10.}
web.xml:
01. <servlet> 02. <servlet-name>CheckCookie</servlet-name> 03. <servlet-class>mgc.login.mvc.servlet.CheckCookie</servlet-class> 04. </servlet> 05. <servlet> 06. <servlet-name>CheckMember</servlet-name> 07. <servlet-class>mgc.login.mvc.servlet.CheckMember</servlet-class> 08. </servlet> 09. <filter> 10. <filter-name>SessionFilter</filter-name> 11. <filter-class>mgc.filter.test.SessionFilter</filter-class> 12. </filter> 13. 14. <servlet-mapping> 15. <servlet-name>CheckCookie</servlet-name> 16. <url-pattern>/login/filter/index.mgc</url-pattern> 17. </servlet-mapping> 18. <servlet-mapping> 19. <servlet-name>CheckMember</servlet-name> 20. <url-pattern>/login/filter/check.mgc</url-pattern> 21. </servlet-mapping> 22. <filter-mapping> 23. <filter-name>SessionFilter</filter-name> 24. <url-pattern> /login/filter/pass.jsp</url-pattern> 25. </filter-mapping>- JSP基本登录模Ⅹ(Servlet过滤器验证Session)
- JSP登录验证编码过滤器
- servlet&jsp简单登录验证
- JSP&Servlet 验证码登录
- 使用Servlet过滤器实现用户登录验证
- 使用Servlet过滤器实现用户登录验证
- servlet-LoginFilter-JSP登录状态过滤器
- JSP中filter过滤器验证用户登录
- JSP中filter过滤器验证用户登录
- JSP中filter过滤器验证用户登录(
- jsp实现登录验证的过滤器
- Servlet通过session进行登录验证
- 基于JSP+Servlet的用户登录验证
- JSP + Servlet实现登录验证码
- servlet+jsp实现验证码登录
- Servlet中过滤器的登录验证,编码设置
- servlet+jsp实现过滤器,防止用户未登录访问
- servlet+jsp实现过滤器 防止用户未登录访问
- word2007的大纲级别自动修改为1的解决办法
- 搜索某个网段内所有在线IP的一串命令
- 深入理解.NET内存回收机制
- 模拟CSDN登录
- fopen返回空指针
- JSP基本登录模Ⅹ(Servlet过滤器验证Session)
- 修改windows xp的mac地址
- 开博大吉
- 我只想再傻一次
- USACO算法系列四十五——wissqu
- 利用C++的模板模拟.net的代理语法
- ubuntu10.10一键安装LAMP
- CEdit 重绘
- 简单了解下POJO和PO
