2-5作业检查
相关代码:
index.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%String flag = request.getParameter("flag"); %>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
<script type="text/javascript">
var flag= <%=flag%>;
if(flag == "1"){
alert("你尚未登录;或者账号在异地登录;请重新登录");
}
</script>
</head>
<body>
<form action = "save.jsp" method="get" class = "login">
账号<input name = "username" type="text" placeholder = "请输入账号">
密码<input name = "password" type="text" placeholder = "请输入密码">
<input name="submit" type = "submit" value = "登录">
</form>
</body>
</html>
相关代码:
save.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
<%
String username = request.getParameter("username");
String password = request.getParameter("password");
//把账号存到LoginUser属性中
session.setAttribute("LoginUser",username);
response.sendRedirect("show.jsp");
%>
</body>
</html>
相关代码:
show.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
<img alt="无法显示" src="images/111.png">
</body>
</html>
相关代码:
web.xml配置过滤器
<filter>
<filter-name>Filter1</filter-name>
<filter-class>com.imooc.project2.Filter1</filter-class>
</filter>
<filter-mapping>
<filter-name>Filter1</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
相关代码:
过滤器
package com.imooc.project2;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Servlet Filter implementation class Filter1
*/
@WebFilter("/Filter1")
public class Filter1 implements Filter {
/**
* Default constructor.
*/
public Filter1() {
// TODO Auto-generated constructor stub
}
/**
* @see Filter#destroy()
*/
public void destroy() {
// TODO Auto-generated method stub
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
// TODO Auto-generated method stub
// place your code here
// pass the request along the filter chain
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse)response;
//当另一处登录的时候,对应的session对象被销毁;此时会使loginUser为null
String loginUser = (String)req.getSession().getAttribute("LoginUser");
String url = req.getRequestURI();
if(url.equals("/FirstProject/index.jsp") || url.equals("/FirstProject/") || url.equals("/FirstProject/save.jsp") ){
chain.doFilter(req, res);
}
else {
if(loginUser == null) {
System.out.println("a");
System.out.println(url);
res.sendRedirect("index.jsp?flag=1");
}
else chain.doFilter(req, res);}
}
/**
* @see Filter#init(FilterConfig)
*/
public void init(FilterConfig fConfig) throws ServletException {
// TODO Auto-generated method stub
}
}
相关代码:
缓存存放类
package com.imooc.project2;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpSession;
public class LoginCheck {
private static LoginCheck instance = new LoginCheck();
private Map<String,String>LoginSessionId=new HashMap<String,String>();
//key值:登录用户登录名,value值:登录用户sessionId
private Map<String,HttpSession>LoginSession=new HashMap<String,HttpSession>();
//key值:登录用户sessionId,value值:登录用户session对象
public LoginCheck() {}
public static LoginCheck getInstance() {
return instance;
}
public void setSessionIdByUsername(String username , String sessionId) {
this.LoginSessionId.put(username,sessionId);
}
public void setSessionById(String sessionId , HttpSession session) {
this.LoginSession.put(sessionId,session);
}
public String getSessionIdByUsername(String username) {
return LoginSessionId.get(username);
}
public HttpSession getSessionBySessionId(String sessionId) {
return LoginSession.get(sessionId);
}
}
相关代码:
监听器
package com.imooc.project2;
import javax.servlet.annotation.WebListener;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionAttributeListener;
import javax.servlet.http.HttpSessionBindingEvent;
@WebListener
public class LoginListener implements HttpSessionAttributeListener {
@Override
public void attributeAdded(HttpSessionBindingEvent event) {
// TODO Auto-generated method stub
//获取session属性值:也就是输入的账号
String userNumber = (String)event.getValue();
//获取session属性名;
String username = event.getName();
//获取当前session对象
HttpSession session = event.getSession();
//获取当前sessionId
String sessionId = session.getId();
//获取缓存的sessionId
String sessionId2 = LoginCheck.getInstance().getSessionIdByUsername(userNumber);
if(username.equals("LoginUser")) {
if(sessionId2==null) {}
else {
HttpSession session2 = LoginCheck.getInstance().getSessionBySessionId(sessionId2);
//撤销session
session2.invalidate();
}
}
LoginCheck.getInstance().setSessionById(sessionId, session);
LoginCheck.getInstance().setSessionIdByUsername(userNumber, sessionId);
}
@Override
public void attributeRemoved(HttpSessionBindingEvent arg0) {
// TODO Auto-generated method stub
}
@Override
public void attributeReplaced(HttpSessionBindingEvent arg0) {
// TODO Auto-generated method stub
}
}
125
收起
正在回答 回答被采纳积分+1
1回答
-
rock221 #1
问题1:老师,这样写的话,有一个小bug吧。
if(url.equals("/FirstProject/index.jsp") || url.equals("/FirstProject/") || url.equals("/FirstProject/save.jsp") ){
chain.doFilter(req, res);
}当没有登录的时候,直接
"/FirstProject/save.jsp"
这个url,那么就放行了, 进入到这个页面了阿。
问题2:
我自己测试了下,如果对这个保存账号信息的页面放行的话,并没有实现响应重定向阿。为什么呢?页面弹出了
代码如下
1<!DOCTYPE html><br><html><br><head><br><meta charset="UTF-8"><br><title>2-5作业</title><br></head><br><body><br> <div style="margin-left:40px;"><br> <h1>系统登录</h1><br> </div><br> <form action="/servlet/login"id="form"method="post"><br> <ul style="list-style-type: none"><br> <li >用户名:</li><br> <li><input id="name"name="nm"style="width:200px;"></li><br> <li>密码:</li><br> <li><input type="password"id="password"name="password"style="width:200px;"></li><br> <li style="margin-top:10px;"><input type="submit"value="登录"id="btn"></li><br> </ul><br> </form><br> <script type="text/javascript"><br>//创建登录事件:<br> document.getElementById("form").onsubmit=function(){<br> //正则表达式设置登录信息<br> var regexN=/^[a-z|A-Z|0-q]{1,10}$/;<br> var regexP=/^[a-z|A-Z|0-q]{1,10}$/;<br> //获取登录和密码的value值<br> var name=document.getElementById("name").value;<br> var password=document.getElementById("password").value;<br> //进行匹配<br> if(regexN.test(name)==false){<br> alert("用户名不符合当前格式!");<br> return false;<br> }else if(regexP.test(password)==false){<br> alert("密码不符合当前格式!");<br> return false;<br> }else{<br> alert("登录成功");<br> return true;<br> }<br> } <br><br> </script><br></body><br></html><br>1packagecom.imooc.homework2;<br><br><br>//2-5作业, 登录成功后存储账号信息到session,之后跳转到主页<br>import java.io.IOException;<br><br>import javax.servlet.ServletException;<br>import javax.servlet.annotation.WebServlet;<br>import javax.servlet.http.HttpServlet;<br>import javax.servlet.http.HttpServletRequest;<br>import javax.servlet.http.HttpServletResponse;<br>import javax.servlet.http.HttpSession;<br><br>/**<br> * Servlet implementation class LoginServlet<br> */<br>@WebServlet("/servlet/login")<br>public class LoginSessionServlet extends HttpServlet {<br> private static final long serialVersionUID = 1L;<br><br> /**<br> * @see HttpServlet#HttpServlet()<br> */<br> public LoginSessionServlet() {<br> super();<br> // TODO Auto-generated constructor stub<br> }<br><br> /**<br> * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)<br> */<br> protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {<br> // TODO Auto-generated method stub<br> response.getWriter().append("Served at: ").append(request.getContextPath());<br> }<br><br> /**<br> * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)<br> */<br> protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {<br> //获取信息前端账号,密码<br> String name=request.getParameter("nm");<br> String password=request.getParameter("password");<br> //获取session对象<br> HttpSession session=request.getSession();<br> //把账号信息存到session中<br> session.setAttribute("LoginUser", name);<br> //响应重定向到主页;<br> response.sendRedirect("/homepage.html");<br><br><br> }<br><br>}<br>1packagecom.imooc.homework2;<br><br>importjava.io.IOException;<br>importjava.util.List;<br><br>importjavax.servlet.Filter;<br>importjavax.servlet.FilterChain;<br>importjavax.servlet.FilterConfig;<br>importjavax.servlet.ServletContext;<br>importjavax.servlet.ServletException;<br>importjavax.servlet.ServletRequest;<br>importjavax.servlet.ServletResponse;<br>importjavax.servlet.http.HttpServletRequest;<br>importjavax.servlet.http.HttpServletResponse;<br><br>//2-5作业,过滤器:<br>public class LoginSessionFilter implements Filter {<br><br> @Override<br> public void destroy() {<br> // TODO Auto-generated method stub<br><br> }<br><br> @Override<br> public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)<br> throws IOException, ServletException {<br> //获取前端账号信息,在session中<br> HttpServletRequest req=(HttpServletRequest)request;<br> HttpServletResponse res=(HttpServletResponse)response;<br> String loginUser=(String)req.getSession().getAttribute("LoginUser");<br> //获取当前uri<br> String uri=req.getRequestURI();<br> System.out.println("本次获取的uri:"+uri);<br> //进行判断<br> if(uri.startsWith("/login")|| uri.startsWith("/servlet/login")) { //当访问的url开头为login的时候,不拦截,直接放行,进入到登录页面;<br> chain.doFilter(request, response);<br> //因为前端已判定过了。如果账号信息不对的话,是无法提交的,所以这里的name肯定是正确的信息;<br> }else if(loginUser!=null){ //如果loginUser的值!=null的时候,说明登录成功了,跳转到主页;<br> System.out.println("本次账号信息:"+loginUser);<br><br> chain.doFilter(request, response);<br><br> }else { <br> //如果session中的账号(loginUser)等于空的时候,当另一处登录的时候,对应的session对象被销毁<br> //或者当为登录的时候,<br> res.sendRedirect("/error.html"); //拦截一切未登录的uri;<br><br> }<br><br> }<br><br> @Override<br> public void init(FilterConfig filterConfig) throws ServletException {<br> // TODO Auto-generated method stub<br><br> }<br><br>}<br>1<?xmlversion="1.0"encoding="UTF-8"?><br><web-appxmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns="http://xmlns.jcp.org/xml/ns/javaee"xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"id="WebApp_ID"version="3.1"><br> <display-name>homework-listener</display-name><br> <welcome-file-list><br> <welcome-file>index.html</welcome-file><br> <welcome-file>index.htm</welcome-file><br> <welcome-file>index.jsp</welcome-file><br> <welcome-file>default.html</welcome-file><br> <welcome-file>default.htm</welcome-file><br> <welcome-file>default.jsp</welcome-file><br> </welcome-file-list><br><!-- Servletcontext 实现 --><br><!-- <filter><br> <filter-name>LoginFilter</filter-name><br> <filter-class>com.imooc.homework.LoginFilter</filter-class><br> </filter><br> <filter-mapping><br> <filter-name>LoginFilter</filter-name><br> <url-pattern>/*</url-pattern><br> </filter-mapping><br> <listener><br> <listener-class>com.imooc.homework.LoginListener</listener-class> <br> </listener><br> --><br><br><!-- session实现过滤器 --><br> <filter><br> <filter-name>LoginFilter</filter-name><br> <filter-class>com.imooc.homework2.LoginSessionFilter</filter-class><br> </filter><br> <filter-mapping><br> <filter-name>LoginFilter</filter-name><br> <url-pattern>/*</url-pattern><br> </filter-mapping><br><br></web-app><br>2021-03-28 12:35:38 -
同学你好,关于同学的问题:
1、if中对/FirstProject/save.jsp"进行判断,如果直接访问/FirstProject/save.jsp",不会被拦截。
2、测试同学的代码,可以重定向。web.xml中对所有的路径进行了拦截,如果不是以/login和/servlet/login的路径访问,会被重定向至/error.html,由于/error.html不被放行,则会一直被拦截,如:
在同学的截图中,是访问/servlet/login,所以被放行了,在LoginSessionServlet类中的doGet()方法,向页面追加了“Served at:”输出语句,如:
建议同学有问题,新开一个问答描述。
祝学习愉快~
2021-03-28 15:23:52
相似问题
登录后可查看更多问答,登录/注册
java工程师2020版
- 参与学习 人
- 提交作业 9403 份
- 解答问题 16556 个
综合就业常年第一,编程排行常年霸榜,无需脱产即可学习,北上广深月薪过万 无论你是未就业的学生还是想转行的在职人员,不需要基础,只要你有梦想,想高薪
了解课程
恭喜解决一个难题,获得1积分~
来为老师/同学的回答评分吧