大家好,欢迎来到IT知识分享网。
权限校验
<%@ page pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<title>Insert title here</title>
</head>
<body>
<form action="${pageContext.request.contextPath}/login" method="post">
<h2>登陆页面</h2>
用户名:<input name="name" value="磨时间"/> <br/><br/>
密 码:<input name="pwd" type="password" value="123456"/> <br/><br/>
<input value="提交" type="submit"/> <br/><br/>
</form>
</body>
</html>@SuppressWarnings("serial")
@WebServlet(urlPatterns= {"/login","/logout"})
public class LoginServlet extends HttpServlet{
@Override
protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String path = req.getServletPath();
if("/login".equals(path)) {
doLogin(req,resp);
}else if("/logout".equals(path)){
doLogout(req,resp);
}
}
private void doLogout(HttpServletRequest req, HttpServletResponse resp) throws IOException {
req.getSession().invalidate();
resp.sendRedirect("index.html");
}
protected void doLogin(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//获取请求参数方法1
String name = req.getParameter("name");
String pwd = req.getParameter("pwd");
//获取请求参数方法2
Map<String, String[]> map = req.getParameterMap();
for(Entry<String, String[]> entry : map.entrySet()) {
System.out.println(entry.getKey() + " -- " + entry.getValue()[0]);
}
//获取请求参数方法3
Enumeration<String> names = req.getParameterNames();
System.out.println(names.nextElement());
// 这就是演示 可以自己改 随意写的
if("磨时间".equals(name) && "123456".equals(pwd)) {
req.getSession().setAttribute("name", name);
resp.sendRedirect("admin/success.jsp");
}else {
resp.sendRedirect("login.jsp");
}
// resp.getWriter().print("<h1>请求参数:" + name + " -- " + pwd + "</h1>");
}
}
过滤器添加权限
public class LoginFilter implements Filter{ @Override public void destroy() { } @Override public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) throws IOException, ServletException { //1.获取Session HttpServletRequest req = (HttpServletRequest)arg0; HttpServletResponse resp = (HttpServletResponse)arg1; HttpSession session = req.getSession(); //2.通过Session获取name绑定值 Object obj = session.getAttribute("name"); //3.判断name是否为null,为空跳转到登陆页面 if(obj==null) { resp.sendRedirect("/login.jsp"); return; } //4.判断name是否不为null,放行 arg2.doFilter(arg0, arg1); } @Override public void init(FilterConfig arg0) throws ServletException { } } 配置 web.xml
<filter> <filter-name>EncodingFilter</filter-name> <filter-class>cn.xxxx.filter.EncodingFilter</filter-class> <init-param> <param-name>encoding</param-name> <param-value>UTF-8</param-value> </init-param> </filter> <filter-mapping> <filter-name>EncodingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter> <filter-name>LoginFilter</filter-name> <filter-class>cn.xxxx.filter.LoginFilter</filter-class> </filter> <filter-mapping> <filter-name>LoginFilter</filter-name> <url-pattern>/admin/*</url-pattern><!-- 约定大于配置,那些路径下才过滤,那些不过滤 --> </filter-mapping>
这里要多加注意
字符编码
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException {
String encoding = config.getInitParameter("encoding");
req.setCharacterEncoding(encoding);
resp.setContentType("text/html;charset=UTF-8");
chain.doFilter(req, resp);
}
@Override
public void init(FilterConfig config) throws ServletException {
this.config = config;
}web.xml
<filter> <filter-name>encodingFilter</filter-name> <filter-class>cn.laonian.filter.EncodingFilter</filter-class> <init-param> <param-name>encoding</param-name> <param-value>UTF-8</param-value> </init-param> </filter> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>字符过滤
//接收前端数据的功能增强 public class MyHttpServletRequest extends HttpServletRequestWrapper{ private HttpServletRequest req; public MyHttpServletRequest(HttpServletRequest req) { super(req); this.req = req; } //到时在Servlet获取请求参数的时候实际上调用的是这个方法,名字可以自定义,但是最好一样,方便理解 @Override public String getParameter(String name) {//常用 Map<String, String[]> map = getParameterMap(); String[] values = map.get(name); return values == null?null:values[0]; } //到时在Servlet获取请求参数的时候实际上调用的是这个方法,名字可以自定义,但是最好一样,方便理解 @Override public Map<String, String[]> getParameterMap() {//用的比较少 //获取请求参数 Map<String, String[]> map = req.getParameterMap(); //将敏感数据替换掉 for(Entry<String, String[]> set : map.entrySet()) { String[] values = set.getValue(); // for(String str : values) {//不能用这个,否则替换不了 // str = str.replaceAll("傻逼", "***"); // } for(int i = 0 ; i < values.length;i++ ) { //返回值是被替换的值 values[i] = values[i].replaceAll("傻逼", "***"); } } return map; } //到时在Servlet获取请求参数的时候实际上调用的是这个方法,名字可以自定义,但是最好一样,方便理解 @Override public String[] getParameterValues(String name) {//复选框 return getParameterMap().get(name); } }过滤器
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { MyHttpServletRequest req = new MyHttpServletRequest((HttpServletRequest) request); chain.doFilter(req, response); }
顺手点个赞呗!~
免责声明:本站所有文章内容,图片,视频等均是来源于用户投稿和互联网及文摘转载整编而成,不代表本站观点,不承担相关法律责任。其著作权各归其原作者或其出版社所有。如发现本站有涉嫌抄袭侵权/违法违规的内容,侵犯到您的权益,请在线联系站长,一经查实,本站将立刻删除。 本文来自网络,若有侵权,请联系删除,如若转载,请注明出处:https://yundeesoft.com/52101.html
