案例:通过HttpSession判断用户是否登录
需求:实现登录一次即可,在一次会话内,可以反复多次访问WEB-INF/ welcome.html,如果没有登录过,跳转到登录页,登录成功后,可以访问
项目结构:
组件介绍:
login.html
<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <title>Title</title></head><body><form method="get" action="loginServlet.do"> 用户名:<input type="text" name="username" ><br/> 密码:<input type="password" name="password" ><br/> <input type="submit" ></form></body></html>
登录成功之后可以访问的资源
main.html
<!DOCTYPE html><html lang="en"><head> <meta charset="UTF-8"> <title>Title</title></head><body> this is main page</body></html>
LoginServlet
用来校验登录的,登录成功将用户信息存户HttpSession,否则回到登录页
package com.msb.servlet;import com.msb.pojo.User;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;import java.io.IOException;/** * @Author: Ma HaiYang * @Description: MircoMessage:Mark_7001 */@WebServlet(urlPatterns = "/loginServlet.do")public class LoginServlet extends HttpServlet { @Override protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { // 获取用户名和密码 String username = req.getParameter("username"); String password = req.getParameter("password"); // 如果用户名和密码为 msb 1234 if("msb".equals(username) && "1234".equals(password)){ // 将用户信息放在HTTPSession中 User user =new User(null, null, "msb", "1234"); HttpSession session = req.getSession(); session.setAttribute("user", user); // 登录成功 跳转至 main.html resp.sendRedirect(req.getContextPath()+"/mainServlet.do"); }else{ // 登录失败 回到login.html resp.sendRedirect(req.getContextPath()+"/login.html"); } }}
MainServlet
用来向main.html中跳转的,同时验证登录,登录过,可以直接跳转,否则回到登录页
package com.msb.servlet;import com.msb.pojo.User;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;import java.io.IOException;import java.util.logging.Handler;/** * @Author: Ma HaiYang * @Description: MircoMessage:Mark_7001 */@WebServlet(urlPatterns = "/mainServlet.do")public class MainServlet extends HttpServlet { @Override protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { //跳转至main.html HttpSession session = req.getSession(); User user = (User)session.getAttribute("user"); if(null != user){ // 判断如果登录过 允许跳转 HTTPSession中如果有登陆过的信息 req.getRequestDispatcher("/WEB-INF/main.html").forward(req,resp); }else{ // 如果没有登录过 回到登录去登录 HTTPSession中如果有登陆过的信息 resp.sendRedirect("login.html"); } }}
User
用来存储一个用户的信息的实体类对象
public class User implements Serializable { private Integer uid; private String realname; private String username; private String pasword;