已经登录的话可以进行下一步操作,没有登录的话就跳转到登录页。是否是在管理页面获取用户的登录名看是否存在,然后在判断跳转到哪??可不可以写一下关键的代码?谢谢各位大神了!!!!
给你详细讲一下。
比如系统有个登陆页面(login.jsp):
name:_________
password:____________
(登陆按钮)
你按下登陆按钮,就根据name和password去数据库里面查,如果判断有此用户并且密码正确,就设置一个session的键对应的值,键名字自己取,统一即可,比如"userInfo",代码就是servlet的doPost里面
HttpSession session = request.getSession();
Hashtable userInfo = new Hashtable();
userInfo.setAttribute("userName", request.getParameter("userName");
userInfo.setAttribute("passWords", Util.toSecret( request.getParameter("passWords)); //密码最好加密
session.setAttribute("userInfo", userInfo);
session是在一定时期(超时时间内)一直存在的,这段时间内你可以随时判断用户是否合法,否则就退回登陆页面。
在任何除了登陆页面以外的页面访问,只需判断有没有这个键值,没就到登陆页面,否则进正常页面。(最好写在servlet中,让servlet当页面控制器)代码如下:
if ( session.getAttribute("userInfo")==null ) {
response.sendRedirect(request.getServletContext.getPath() + "/login.jsp");
} else {
request.getRequestDispatcher("/正常页面.jsp").forward(request,response);
}
比如系统有个登陆页面(login.jsp):
name:_________
password:____________
(登陆按钮)
你按下登陆按钮,就根据name和password去数据库里面查,如果判断有此用户并且密码正确,就设置一个session的键对应的值,键名字自己取,统一即可,比如"userInfo",代码就是servlet的doPost里面
HttpSession session = request.getSession();
Hashtable userInfo = new Hashtable();
userInfo.setAttribute("userName", request.getParameter("userName");
userInfo.setAttribute("passWords", Util.toSecret( request.getParameter("passWords)); //密码最好加密
session.setAttribute("userInfo", userInfo);
session是在一定时期(超时时间内)一直存在的,这段时间内你可以随时判断用户是否合法,否则就退回登陆页面。
在任何除了登陆页面以外的页面访问,只需判断有没有这个键值,没就到登陆页面,否则进正常页面。(最好写在servlet中,让servlet当页面控制器)代码如下:
if ( session.getAttribute("userInfo")==null ) {
response.sendRedirect(request.getServletContext.getPath() + "/login.jsp");
} else {
request.getRequestDispatcher("/正常页面.jsp").forward(request,response);
}
温馨提示:答案为网友推荐,仅供参考
第1个回答 2011-12-09
在用户登陆的时候,后台写上:
User user = new User(xxxxxx); //建立user对象
request.getSession().setAttribute("user", user); // 保存到session
在前台,你加上:
User user = session.getAttribute("user");
if(user==null) {
response.sendRedirect("login.jsp");
} else {
// 读取 user信息
}
User user = new User(xxxxxx); //建立user对象
request.getSession().setAttribute("user", user); // 保存到session
在前台,你加上:
User user = session.getAttribute("user");
if(user==null) {
response.sendRedirect("login.jsp");
} else {
// 读取 user信息
}
第2个回答 2011-12-09
用户登录后把登录信息存入session,然后可以在web.xml中的filter或者validate中去判断~
第3个回答 2011-12-09
你好 可以写一个拦截器, 每次用户请求都将进行拦截,判断是否登录,如果没有登录将返回登录页.这种拦截也是一种很好的解决方案.我们一般都把用户放入session中以便作一些操作,我有一个简单的拦截器例子,当然使用之前是要通过web.xml进行参数配置的 给你作下参考,
package com.manage.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
/**
* @author RiesLing
*
*/
public class CheckLoginFilter implements Filter {
public static boolean isContains(String container, String[] regx) {
boolean result = false;
for (int i = 0; i < regx.length; i++) {
if (container.indexOf(regx[i]) != -1) {
return true;
}
}
return result;
}
public FilterConfig config;
public void setFilterConfig(FilterConfig config) {
this.config = config;
}
public FilterConfig getFilterConfig() {
return config;
}
@SuppressWarnings("static-access")
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpreq = (HttpServletRequest) request;
@SuppressWarnings("unused")
HttpServletResponse httpres = (HttpServletResponse) response;
HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper(
(HttpServletResponse) response);
String logonStrings = config.getInitParameter("logonStrings");
String includeStrings = config.getInitParameter("includeStrings");
String redirectPath = httpreq.getContextPath()
+ config.getInitParameter("redirectPath");
String disabletestfilter = config.getInitParameter("disabletestfilter");
if (disabletestfilter.toUpperCase().equals("Y")) {
chain.doFilter(request, response);
return;
}
String[] logonList = logonStrings.split(";");
String[] includeList = includeStrings.split(";");
Object user = httpreq.getSession().getAttribute("userSession");
if (user == null) {
if (!this.isContains(httpreq.getRequestURI(), includeList)) {
chain.doFilter(request, response);
return;
}
if (this.isContains(httpreq.getRequestURI(), logonList)) {
chain.doFilter(request, response);
return;
}
wrapper.sendRedirect(redirectPath);
} else {
chain.doFilter(request, response);
}
}
public void destroy() {
this.config = null;
}
public void init(FilterConfig filterConfig) throws ServletException {
this.config = filterConfig;
}
}
package com.manage.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
/**
* @author RiesLing
*
*/
public class CheckLoginFilter implements Filter {
public static boolean isContains(String container, String[] regx) {
boolean result = false;
for (int i = 0; i < regx.length; i++) {
if (container.indexOf(regx[i]) != -1) {
return true;
}
}
return result;
}
public FilterConfig config;
public void setFilterConfig(FilterConfig config) {
this.config = config;
}
public FilterConfig getFilterConfig() {
return config;
}
@SuppressWarnings("static-access")
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpreq = (HttpServletRequest) request;
@SuppressWarnings("unused")
HttpServletResponse httpres = (HttpServletResponse) response;
HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper(
(HttpServletResponse) response);
String logonStrings = config.getInitParameter("logonStrings");
String includeStrings = config.getInitParameter("includeStrings");
String redirectPath = httpreq.getContextPath()
+ config.getInitParameter("redirectPath");
String disabletestfilter = config.getInitParameter("disabletestfilter");
if (disabletestfilter.toUpperCase().equals("Y")) {
chain.doFilter(request, response);
return;
}
String[] logonList = logonStrings.split(";");
String[] includeList = includeStrings.split(";");
Object user = httpreq.getSession().getAttribute("userSession");
if (user == null) {
if (!this.isContains(httpreq.getRequestURI(), includeList)) {
chain.doFilter(request, response);
return;
}
if (this.isContains(httpreq.getRequestURI(), logonList)) {
chain.doFilter(request, response);
return;
}
wrapper.sendRedirect(redirectPath);
} else {
chain.doFilter(request, response);
}
}
public void destroy() {
this.config = null;
}
public void init(FilterConfig filterConfig) throws ServletException {
this.config = filterConfig;
}
}
第4个回答 2011-12-09
设置个session 再判断session是否为空追问
能不能写一下关键的几句代码,session理解的不是很透,谢谢!!!!
追答设置session.setAttribute( "Username", "username的值 ");
获取session.getAttribute( "Username");
