经常可以看到一些网站需要输入口令才可以查看,这个效果是怎么实现的呢,现在来模拟一个场景,有一个网站必须登录之后才能继续,只需要设计一个登录拦截器(过滤器)就可以了:
项目大致如下:
大概逻辑是这样子的:
效果预览:
项目Github地址:
拦截器的代码:
1 package org.cc.practice.filter; 2 3 import java.io.IOException; 4 5 import javax.servlet.Filter; 6 import javax.servlet.FilterChain; 7 import javax.servlet.FilterConfig; 8 import javax.servlet.ServletException; 9 import javax.servlet.ServletRequest;10 import javax.servlet.ServletResponse;11 import javax.servlet.http.HttpServletRequest;12 13 import org.cc.practice.entity.User;14 15 public class LoginFilter implements Filter {16 17 @Override18 public void init(FilterConfig filterConfig) throws ServletException {19 20 }21 22 @Override23 public void doFilter(ServletRequest request, ServletResponse response,24 FilterChain chain) throws IOException, ServletException {25 26 //在过滤器中检查是否已经登录27 28 HttpServletRequest req=(HttpServletRequest) request;29 30 User user=(User) req.getSession().getAttribute("user");31 32 if(user==null && !req.getRequestURI().endsWith("login.jsp") && !req.getRequestURI().endsWith("loginServlet")){33 req.getRequestDispatcher("login.jsp").forward(request,response);34 }else{35 chain.doFilter(request,response);36 }37 38 }39 40 @Override41 public void destroy() {42 43 }44 45 }
检查session,如果没有登录并且也不是去登录页面的话就跳转到登录页面让其登录,登录页面部分代码如下:
1
LoginServlet:
1 package org.cc.practice.servlet; 2 3 import java.io.IOException; 4 5 import javax.servlet.ServletException; 6 import javax.servlet.http.HttpServlet; 7 import javax.servlet.http.HttpServletRequest; 8 import javax.servlet.http.HttpServletResponse; 9 10 import org.cc.practice.entity.User;11 import org.cc.practice.service.UserService;12 import org.cc.practice.service.impl.UserServiceImpl;13 14 public class LoginServlet extends HttpServlet {15 16 private UserService userService;17 18 public LoginServlet() {19 userService=new UserServiceImpl();20 }21 22 @Override23 protected void doGet(HttpServletRequest req, HttpServletResponse resp)24 throws ServletException, IOException {25 process(req,resp);26 }27 28 @Override29 protected void doPost(HttpServletRequest req, HttpServletResponse resp)30 throws ServletException, IOException {31 process(req,resp);32 }33 34 private void process(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException{35 36 req.setCharacterEncoding("UTF-8");37 resp.setContentType("text/html;charset=utf-8");38 39 String username=req.getParameter("username");40 String passwd=req.getParameter("passwd");41 42 boolean errorHappened=false;43 if(username==null || "".equals(username.trim())){44 req.setAttribute("usernameError","用户名不能为空");45 errorHappened=true;46 }47 if(passwd==null || "".equals(passwd.trim())){48 req.setAttribute("passwdError","密码不能为空");49 errorHappened=true;50 }51 if(errorHappened){52 req.getRequestDispatcher("login.jsp").forward(req,resp);53 return;54 }55 56 User user=new User();57 user.setUsername(username);58 user.setPasswd(passwd);59 60 user=userService.login(user);61 62 if(user==null){63 req.setAttribute("loginError","用户名或密码不正确");64 req.getRequestDispatcher("login.jsp").forward(req,resp);65 return;66 }else{67 req.getSession().setAttribute("user",user);68 // req.getRequestDispatcher("index.jsp").forward(req,resp);69 resp.sendRedirect("index.jsp");70 return ;71 }72 73 }74 75 }
实体:
1 package org.cc.practice.entity; 2 3 public class User { 4 5 private String id; 6 private String username; 7 private String passwd; 8 9 public String getId() {10 return id;11 }12 13 public void setId(String id) {14 this.id = id;15 }16 17 public String getUsername() {18 return username;19 }20 21 public void setUsername(String username) {22 this.username = username;23 }24 25 public String getPasswd() {26 return passwd;27 }28 29 public void setPasswd(String passwd) {30 this.passwd = passwd;31 }32 33 }
service层代码:
UserService:
1 package org.cc.practice.service; 2 3 import org.cc.practice.entity.User; 4 5 public interface UserService { 6 7 public User login(User user); 8 9 public User findUserById(String id);10 11 }
UserServiceImpl:
1 package org.cc.practice.service.impl; 2 3 import org.cc.practice.dao.UserDao; 4 import org.cc.practice.dao.impl.UserDaoImpl; 5 import org.cc.practice.entity.User; 6 import org.cc.practice.service.UserService; 7 8 public class UserServiceImpl implements UserService { 9 10 private UserDao userDao;11 12 public UserServiceImpl() {13 userDao=new UserDaoImpl();14 }15 16 @Override17 public User login(User user) {18 return userDao.login(user);19 }20 21 @Override22 public User findUserById(String id) {23 return userDao.findUserById(id);24 }25 26 }
Dao层代码:
UserDao:
1 package org.cc.practice.dao; 2 3 import org.cc.practice.entity.User; 4 5 public interface UserDao { 6 7 public User login(User user); 8 9 public User findUserById(String id);10 11 }
UserDaoImpl:
1 package org.cc.practice.dao.impl; 2 3 import java.sql.Connection; 4 import java.sql.PreparedStatement; 5 import java.sql.ResultSet; 6 import java.sql.SQLException; 7 8 import org.cc.practice.dao.UserDao; 9 import org.cc.practice.entity.User;10 import org.cc.practice.util.DbUtil;11 12 public class UserDaoImpl implements UserDao {13 14 @Override15 public User login(User user) {16 17 String sql="SELECT id,username,passwd FROM t_user WHERE username=? and passwd=?";18 19 Connection conn=null;20 PreparedStatement pstmt=null;21 ResultSet rs=null;22 23 User u=null;24 25 try {26 conn=DbUtil.getConnection();27 pstmt=conn.prepareStatement(sql);28 29 pstmt.setString(1,user.getUsername());30 pstmt.setString(2,user.getPasswd());31 32 rs=pstmt.executeQuery();33 34 if(rs.next()){35 u=new User();36 u.setId(rs.getString("id"));37 u.setUsername(rs.getString("username"));38 u.setPasswd(rs.getString("passwd"));39 }40 41 } catch (SQLException e) {42 e.printStackTrace();43 }finally{44 DbUtil.close(rs);45 DbUtil.close(pstmt);46 DbUtil.close(conn);47 }48 49 return u;50 }51 52 @Override53 public User findUserById(String id) {54 55 String sql="SELECT id,username,passwd FROM t_user WHERE id=?";56 57 Connection conn=null;58 PreparedStatement pstmt=null;59 ResultSet rs=null;60 61 User u=null;62 63 try {64 conn=DbUtil.getConnection();65 pstmt=conn.prepareStatement(sql);66 67 pstmt.setString(1,id);68 69 rs=pstmt.executeQuery();70 71 if(rs.next()){72 u=new User();73 u.setId(rs.getString("id"));74 u.setUsername(rs.getString("username"));75 u.setPasswd(rs.getString("passwd"));76 }77 78 } catch (SQLException e) {79 e.printStackTrace();80 } finally{81 DbUtil.close(rs);82 DbUtil.close(pstmt);83 DbUtil.close(conn);84 }85 86 return null;87 }88 89 }
工具类:
DbUtil:
1 package org.cc.practice.util; 2 3 import java.io.IOException; 4 import java.sql.Connection; 5 import java.sql.DriverManager; 6 import java.sql.PreparedStatement; 7 import java.sql.ResultSet; 8 import java.sql.SQLException; 9 import java.util.Properties;10 11 12 public class DbUtil {13 14 private static Properties db;15 16 static{17 try {18 db=new Properties();19 db.load(Thread.currentThread().getContextClassLoader().getResourceAsStream("db.properties"));20 Class.forName(db.getProperty("driver"));21 } catch (IOException e) {22 e.printStackTrace();23 } catch (ClassNotFoundException e) {24 e.printStackTrace();25 }26 }27 28 public static Connection getConnection(){29 30 Connection conn=null;31 32 try {33 // conn=DriverManager.getConnection("jdbc:mysql:///test_001","root","toor");34 conn=DriverManager.getConnection(db.getProperty("url"),db);35 } catch (SQLException e) {36 e.printStackTrace();37 }38 39 return conn;40 }41 42 public static void close(Connection conn){43 try {44 if(conn!=null && !conn.isClosed()){45 conn.close();46 }47 } catch (SQLException e) {48 e.printStackTrace();49 }50 }51 52 public static void close(PreparedStatement pstmt){53 try {54 if(pstmt!=null && !pstmt.isClosed()){55 pstmt.close();56 }57 } catch (SQLException e) {58 e.printStackTrace();59 }60 }61 62 public static void close(ResultSet rs){63 try {64 if(rs!=null && !rs.isClosed()){65 rs.close();66 }67 } catch (SQLException e) {68 e.printStackTrace();69 }70 }71 72 }
数据库配置文件:
driver=com.mysql.jdbc.Driverurl=jdbc:mysql:///test_004user=rootpassword=toor
服务器配置文件:
web.xml
1 27 8 9 11 12index.jsp 1013 16 17loginServlet 14org.cc.practice.servlet.LoginServlet 1518 21 22loginServlet 19/loginServlet 2023 26 27loginFilter 24org.cc.practice.filter.LoginFilter 2528 31 32loginFilter 29/* 30
数据库创建文件:
1 drop table if exists t_user ;2 create table t_user (3 id int primary key auto_increment ,4 username varchar(20) not null unique,5 passwd varchar(20) not null6 )charset utf8;7 8 insert into t_user(username,passwd) values("root","toor");9 insert into t_user(username,passwd) values("casper","qwerty");