javaweb之Session完成用户登录

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><title>首页</title></head><body><!-- ${user.username}取出session域中的user对象，显示它的username -->欢迎您：${user.username}<a href="/day07/login.jsp">登录</a><a href="/day07/servlet/LogoutServlet">注销</a><br /><br /><br /></body></html>

package test.login;import java.io.IOException;import java.io.PrintWriter;import java.util.ArrayList;import java.util.List;import javax.servlet.ServletException;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;//用户登陆servletpublic class LoginServlet extends HttpServlet {public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {String username = request.getParameter("username");String password = request.getParameter("password");List<User> list = DB.getAll();for (User user : list) {// 如果用户登录成功if (user.getUsername().equals(username)&& user.getPassword().equals(password)) {HttpSession session = request.getSession();// 手动设置session的有效期为30分钟String sessionId = session.getId();Cookie cookie = new Cookie("JSESSIONID", sessionId);cookie.setMaxAge(60 * 30);cookie.setPath(request.getContextPath());response.addCookie(cookie);// 登录成功后要存入用户的登录状态，key是用户对象的String形式value就是用户对象(model)！！别的页面应该能用到session.setAttribute("user", user);// 重定向到首页，URL重写方式String url = response.encodeRedirectURL(request.getContextPath() + "/index.jsp");response.sendRedirect(url);return;}}response.setCharacterEncoding("UTF-8");response.setHeader("Content-type", "text/html;charset=UTF-8");PrintWriter out = response.getWriter();out.print("用户名或密码错误");}public void doPost(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {doGet(request, response);}}// 模拟存储用户的数据库class DB {private static List<User> list = new ArrayList<User>();static {list.add(new User("aaa", "123"));list.add(new User("bbb", "123"));list.add(new User("ccc", "123"));}public static List<User> getAll() {return list;}}

package test.login;import java.io.IOException;import java.io.PrintWriter;import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;//注销servletpublic class LogoutServlet extends HttpServlet {public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {response.setCharacterEncoding("UTF-8");response.setHeader("Content-type", "text/html;charset=UTF-8");PrintWriter out = response.getWriter();HttpSession session = request.getSession(false);if (session == null) {// 没登录，重定向到首页String url = response.encodeRedirectURL(request.getContextPath()+ "/index.jsp");response.sendRedirect(url);return;}// 从session中移除登录状态session.removeAttribute("user");// 重定向到首页，URL重写方式String url = response.encodeRedirectURL(request.getContextPath()+ "/index.jsp");response.sendRedirect(url);}public void doPost(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {doGet(request, response);}}

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><title>用户登录</title></head><body><form action="/day07/servlet/LoginServlet" method="post">用户名：<input type="text" name="username" /><br> 密码：<input type="password" name="password" /><br> <input type="submit" value="登录" /></form></body></html>