登陆后页面
<%-- Created by IntelliJ IDEA. User: Limbo Date: 2017/9/1 Time: 11:07 To change this template use File | Settings | File Templates. --%> <%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head> <title>Title</title> </head> <body> ${requestScope.message} <a href="/UserServlet?username=admin">查看所有员工</a> <a href="/UserServlet?username=edit">修改员工信息</a> <a href="/UserServlet?username=del">删除员工信息</a>||<<a href="FilterDemo.jsp">返回重新登录</a> </body> </html>
用户登陆Servlet
package com.limbo.Servlet; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; import java.util.ArrayList; import java.util.List; @WebServlet(name = "LoginServlet",urlPatterns = "/Login") public class LoginServlet extends HttpServlet { public List<String > setRole(String username){ List<String> list=null; if ("admin".equals(username)){ list=new ArrayList<String>(); list.add("/UserServlet?username=admin"); list.add("/UserServlet?username=edit"); list.add("/UserServlet?username=del"); }else if ("zhang".equals(username)){ list=new ArrayList<String>(); list.add("/UserServlet?username=admin"); } return list; } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession session=request.getSession(); String username=request.getParameter("username"); if (username!=null&&!"".equals(username)){ if (username.equals("admin")){ session.setAttribute("userroles",setRole(username)); }else if (username.equals("zhang")){ session.setAttribute("userroles",setRole(username)); } response.sendRedirect("admin.jsp"); }else { response.sendRedirect("index.jsp"); } } protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { } } 用户登陆Filter package com.limbo.Servlet; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; import java.util.List; @WebFilter(filterName = "LoginFilter",urlPatterns = "/UserServlet") public class LoginFilter implements Filter { public void destroy() { } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException { HttpServletRequest request1=(HttpServletRequest) request; HttpServletResponse response1=(HttpServletResponse) response; String servleturl=request1.getRequestURI(); StringBuffer requesturl=new StringBuffer(servleturl).append("?username="); String usernmae=request1.getParameter("username"); if (usernmae!=null&&!"".equals(usernmae)){ System.out.println(usernmae+"---------------"); requesturl.append(usernmae); } HttpSession session=request1.getSession(); List<String> userroleList=(List<String>) session.getAttribute("userroles"); if (userroleList!=null){ if (userroleList.contains(requesturl.toString())){ chain.doFilter(request,response); }else { request.setAttribute("message","对不起请重新登陆"); request.getRequestDispatcher("admin.jsp").forward(request1,response1); } } } public void init(FilterConfig config) throws ServletException { } }
