写一个保护jsp,就叫protect.jsp 代码 <% response.setHeader("Cache-Control","no-cache"); //Forces caches to obtain a new copy of the page from the origin server response.setHeader("Cache-Control","no-store"); //Directs caches not to store the page under any circumstance response.setDateHeader("Expires", 0); //Causes the proxy cache to see the page as "stale" response.setHeader("Pragma","no-cache"); //HTTP 1.0 backward compatibility
//cookies User user = (User)session.getAttribute(Constants.LOGGED_USER_INFO); User _user = null; UserBusiness business = new UserBusiness(); if(user==null && (_user=business.isCookieValid(request)) == null){ response.sendRedirect(this.getServletContext().getContextPath()+"/index.jsp"); } if(_user!=null){ user = _user; } %>在你需要用户登陆后才可以访问的jsp里面,<%include page="protect.jsp"%> 搞定.
UserBusiness business = new UserBusiness(); if(user==null && (_user=business.isCookieValid(request)) == null){ response.sendRedirect(this.getServletContext().getContextPath()+"/index.jsp");这段代码是处理用户“记住密码”后保存到cookie中的。你可以按照实际需要,拿掉它。 直接用if(user==null){ response.sendRedirect(this.getServletContext().getContextPath()+"/index.jsp"); } index.jsp是你的登陆页面
Cookie,session?
你说的很对,方法貌似都试过了
我清楚session,TL说不需要session晕。 很郁闷啊。大哥帮忙解决下吧。
logout就清理登录信息。每次刷新页面去检查登录信息是否正确。
信息存到session或cookie中。
window.open()里面的url可以是你后台处理的servlet。
如果不能弹出窗我就不知道了
<script language="JavaScript">
if (top.location == self.location && opener) {
opener.location.replace("<%=path%>/login.jsp");
self.close();
}
else {
top.location.replace("<%=path%>/login.jsp");
}
alert("登录超时或者尚未登录,请重新登录!");
</script>同时配置filter,过滤掉直接调用action/servlet的请求(session中没有正确信息的请求)。
貌似把登陆的用户名放到session里了。
页面检查session? 如何做呢?给个实例吧? 谢谢。
logout 退出之后,多个中间页面,空的,仅仅多跳转一次。跳去首页。
这样在首页 点后退。也仅仅后退到中间页面,会执行这个中间页面跳转,又回去了首页
可以如此:
logout仍然去servlet做注销之类,
完了转进到a.jsp
a.jsp的body的onload里面,或页面里面,直接
document.locatioin="login.jsp";
就算它后退到a.jsp,但是a.jsp一加载,马上又回到login.jsp了。
不过不知道用户狂点后退导致a.jsp都没加载会不会回去就需要试过才知道了。
package smc.web.action;import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import javax.ejb.CreateException;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;import java.io.IOException;
import smc.web.form.*;
import smc.session.login.*;
import smc.toolkit.jndi.CJndiNamesFactory;
import smc.toolkit.*;
import smc.toolkit.dto.status.CPrintStatusDTO;
import java.util.*;public class CLoginAction extends Action {
public ActionForward execute(
ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response)
throws IOException, ServletException { /*
Properties properties = System.getProperties();
Enumeration enmu = properties.keys();
while(enmu.hasMoreElements())
{
String strKey = (String)enmu.nextElement();
String strValue = (String)properties.getProperty(strKey);
System.out.println(strKey + ":" + strValue);
}
*/ response.setHeader("Cache-Control", "no-cache");
response.setHeader("Pragma", "no-cache");
response.setDateHeader("Expires", 0);
String strError = "";
//
// String op = request.getParameter("op");
// System.out.println("op.........." + op);
// if (op != null) {
//
// //request.getSession().invalidate();
//
// return mapping.findForward("loginagin");
// } else {
/*
Enumeration enu = request.getHeaderNames();
while(enu.hasMoreElements())
{
String strHeader = (String)enu.nextElement();
System.out.println(strHeader +":" + request.getHeader(strHeader));
}
*/
System.out.println("Url: " + request.getRequestURL()); int nReturn = 0;
try {
CLoginInfoHome loginInfoHome =
(CLoginInfoHome) CEJBHomeFactory.getFactory().lookUpHome(
CLoginInfoHome.class,
CJndiNamesFactory.JNDI_LOGIN);
CLoginInfo loginInfo = loginInfoHome.create(); CLoginForm loginForm = (CLoginForm) form;
String strUser = loginForm.getStrUser();
String strPassword = loginForm.getStrPassword(); if (loginInfo.isFirstLogin()) {
return mapping.findForward("menuPage");
}
nReturn = loginInfo.isLoginValid(strUser, strPassword); if (nReturn == 0) {
request.getSession().invalidate();
request.getSession().setAttribute("User", strUser); //save client os infomation
String strUserAgent =
(String) request.getHeader("User-Agent");
System.out.println(strUserAgent);
getClientOSType(strUserAgent, request); CPrintStatusDTO statusDTO;
if (request.getSession().getAttribute("printStatusDTO")
== null) {
statusDTO = new CPrintStatusDTO();
statusDTO.clear();
if (loginInfo.isPrintLogin(strUser)) {
statusDTO.setStrLoginType("PRINT");
statusDTO.setStrLoginPrintCom(
loginInfo.getPrintcom());
if (smc
.toolkit
.database
.util
.CUpdateDatabase
.isPrintComHasFtp(loginInfo.getPrintcom()))
//statusDTO.getStrPrintComCode()))//loginInfo.getPrintcom(strUser)))
{
statusDTO.setStrHasFtp("true");
}
} else {
statusDTO.setStrLoginType("SMC");
}
statusDTO.setStrStatus("init");
request.getSession().setAttribute(
"printStatusDTO",
statusDTO);
}
if (loginInfo.isPrintLogin(strUser)) {
return mapping.findForward("printPage");
} else {
return mapping.findForward("menuPage");
}
}
} catch (Exception e) {
e.printStackTrace();
}
switch (nReturn) {
case 1 :
{
strError = "database";
break;
}
case 2 :
{
strError = "user";
break;
}
case 3 :
{
strError = "password";
break;
}
case 4 :
{
strError = "userinvalid";
break;
}
}// }
request.setAttribute("Error", strError);
return mapping.findForward("inputErrorPage"); } private void getClientOSType(
String strOSInfo,
HttpServletRequest request) {
HttpSession session = request.getSession();
int iPosition; //ネ。オテチスクィコナヨョシ莊トトレネン。」
iPosition = strOSInfo.indexOf("(");
if (iPosition > -1) {
strOSInfo = strOSInfo.substring(iPosition + 1, strOSInfo.length());
} iPosition = strOSInfo.indexOf(")");
if (iPosition > -1) {
strOSInfo = strOSInfo.substring(0, iPosition);
} if ((strOSInfo.indexOf("Window") > -1)
|| (strOSInfo.indexOf("Win2000") > -1)) {
session.setAttribute("OSType", "Window");
} else if (strOSInfo.indexOf("Linux") > -1) {
session.setAttribute("OSType", "Linux");
} else if (strOSInfo.indexOf("Mac") > -1) {
if (strOSInfo.indexOf("5.0") > 0)
session.setAttribute("OSType", "Mac9");
else if (strOSInfo.indexOf("5.23") > 0)
session.setAttribute("OSType", "Mac10");
}
}
}
后退的话直接就是读缓存的。
代码
<%
response.setHeader("Cache-Control","no-cache"); //Forces caches to obtain a new copy of the page from the origin server
response.setHeader("Cache-Control","no-store"); //Directs caches not to store the page under any circumstance
response.setDateHeader("Expires", 0); //Causes the proxy cache to see the page as "stale"
response.setHeader("Pragma","no-cache"); //HTTP 1.0 backward compatibility
//cookies
User user = (User)session.getAttribute(Constants.LOGGED_USER_INFO);
User _user = null;
UserBusiness business = new UserBusiness();
if(user==null && (_user=business.isCookieValid(request)) == null){
response.sendRedirect(this.getServletContext().getContextPath()+"/index.jsp");
}
if(_user!=null){
user = _user;
}
%>在你需要用户登陆后才可以访问的jsp里面,<%include page="protect.jsp"%>
搞定.
if(user==null && (_user=business.isCookieValid(request)) == null){
response.sendRedirect(this.getServletContext().getContextPath()+"/index.jsp");这段代码是处理用户“记住密码”后保存到cookie中的。你可以按照实际需要,拿掉它。
直接用if(user==null){
response.sendRedirect(this.getServletContext().getContextPath()+"/index.jsp");
}
index.jsp是你的登陆页面