狂神说 javaweb 27集：Filter 实现权限拦截

本文主要是介绍狂神说 javaweb 27集：Filter 实现权限拦截，对大家解决编程问题具有一定的参考价值，需要的程序猿们随着小编来一起学习吧！

27，Filter 实现权限拦截

用户登录之后才能进入主页！用户注销后就不能进入主页了！

1. 用户登录之后，向Sesison中放入用户的数据

2. 进入主页的时候要判断用户是否已经登录；要求：在过滤器中实现！

login.jsp

 <%@ page contentType="text/html;charset=UTF-8" language="java" %>
 <html>
 <head>
     <title>Title</title>
 </head>
 <body>
 <h1>登录页面</h1>
 <form action="/servlet/login" method="get">
     用户名:<input type="text" name="username"> <br>
     <input type="submit"name="登录">
 </form>
 ​
 </body>
 </html>

LoginServelt.java

 public class LoginServelt extends HttpServlet {
     @Override
     protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
 ​
 ​
 ​
         //获取前端的参数
 ​
         String username = req.getParameter( "username" );
 ​
         if (username.equals( "admin" )){//登录成功
             req.getSession( ).setAttribute( Constant.USER_SESSION,req.getSession().getId());
             resp.sendRedirect( "/sys/success.jsp" );
         }else{//登录失败
             resp.sendRedirect( "/error.jsp" );
 ​
         }
 ​
     }
 ​
     @Override
     protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
         doGet( req, resp );
     }
 }

error.jsp

 <%@ page contentType="text/html;charset=UTF-8" language="java" %>
 <html>
 <head>
     <title>Title</title>
 </head>
 <body>
 <h1>错误</h1>
 <h3>没有权限，用户错误</h3>
 ​
 <a href="/login.jsp">返回登录页面</a>
 ​
 </body>
 </html>

success.jsp

 <%@ page contentType="text/html;charset=UTF-8" language="java" %>
 <html>
 <head>
     <title>Title</title>
 </head>
 <body>
 <%--
 <%
     Object user_session = request.getSession().getAttribute( "USER_SESSION" );
     if(user_session == null){
         response.sendRedirect( "/login.jsp" );
     }
 %>
 --%>
 ​
 ​
 <h1>主页</h1>
 ​
 <p><a href="/servlet/logout">注销</a></p>
 </body>
 </html>

LogoutServlet.java

 public class LogoutServlet extends HttpServlet {
     @Override
     protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
 ​
         Object user_session = req.getSession().getAttribute( Constant.USER_SESSION );
         if (user_session != null){
             req.getSession().removeAttribute( Constant.USER_SESSION );
             resp.sendRedirect( "/login.jsp" );
         }else{
             resp.sendRedirect( "/login.jsp" );
         }
 ​
     }
 ​
     @Override
     protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
         doGet( req, resp );
     }
 }

SysFilter.java

 public class SysFilter implements Filter {
     public void init(FilterConfig filterConfig) throws ServletException {
 ​
     }
 ​
     public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
 ​
 ​
        /* if (req.getSession( ).setAttribute( Constant.USER_SESSION).level ==VIP1){
             response.sendRedirect( "/vip1.jsp" );
 ​
         }
         if (req.getSession( ).setAttribute( Constant.USER_SESSION).level ==VIP2){
             response.sendRedirect( "/vip2.jsp" );
 ​
         }
         if (req.getSession( ).setAttribute( Constant.USER_SESSION).level ==VIP3){
             response.sendRedirect( "/vip3.jsp" );
 ​
         }*/
 ​
         //ServletRequest   HttpServletRequest
 ​
         HttpServletRequest request = (HttpServletRequest) req;
         HttpServletResponse response = (HttpServletResponse) resp;
 ​
         Object user_session = request.getSession().getAttribute( Constant.USER_SESSION);
 ​
         if (request.getSession().getAttribute( Constant.USER_SESSION) == null){
             response.sendRedirect( "/error.jsp" );
         }
 ​
         chain.doFilter( request,response );
 ​
     }
 ​
     public void destroy() {
 ​
     }
 }

xml

 <servlet>
     <servlet-name>LoginServelt</servlet-name>
     <servlet-class>com.study.servlet.LoginServelt</servlet-class>
 </servlet>
 <servlet-mapping>
     <servlet-name>LoginServelt</servlet-name>
     <url-pattern>/servlet/login</url-pattern>
 </servlet-mapping>
 ​
 <servlet>
     <servlet-name>LogoutServlet</servlet-name>
     <servlet-class>com.study.servlet.LogoutServlet</servlet-class>
 </servlet>
 <servlet-mapping>
     <servlet-name>LogoutServlet</servlet-name>
     <url-pattern>/servlet/logout</url-pattern>
 </servlet-mapping>
 ​
 <filter>
     <filter-name>SysFilter</filter-name>
     <filter-class>com.study.filter.SysFilter</filter-class>
 </filter>
 <filter-mapping>
     <filter-name>SysFilter</filter-name>
     <!--只要是/servlet的任何请求，会经过这个过滤器，都会被过滤-->
     <url-pattern>/sys/*</url-pattern>
 </filter-mapping>

这篇关于狂神说 javaweb 27集：Filter 实现权限拦截的文章就介绍到这儿，希望我们推荐的文章对大家有所帮助，也希望大家多多支持为之网！