登录成功后你可以把用户名保存到Session变量中,这样做后面的JSP页面里做一下判断例子如下
session.putValue("username",real_name);
session.putValue("level",level);
rs.close();
cnn.Close();
%>
<jsp:forward page="main.jsp"/>登录后页面:
<%
String name=(String)session.getValue("username");
String level=(String)session.getValue("level");
if(name==null){%>
<jsp:forward page="login.jsp"/>
<% }
session.putValue("username",real_name);
session.putValue("level",level);
rs.close();
cnn.Close();
%>
<jsp:forward page="main.jsp"/>登录后页面:
<%
String name=(String)session.getValue("username");
String level=(String)session.getValue("level");
if(name==null){%>
<jsp:forward page="login.jsp"/>
<% }
进行登陆检查,如果没有登陆就送到登录页可以作成一个登录检查的JSP在每个页面中include它
session.setAttribute("user_login","yes");
response.sendRedirect("main.jsp");然后在登录后要显示的页面main中加入判断session就行:
<%
//获得Session的值
String user_login=(String)session.getAttribute("user_login");
//判断Session是否为yes
if(user_login==null)
{
response.sendRedirect("index.jsp");
}
else
{
if(!user_login.equals("yes"))
{
response.sendRedirect("index.jsp");
}
}
%>
反正就是用session / 也可以用cokkie
一般每个比较重要的页面都要判断,发现没登入就转到登入提示页面。
package com.tjhq.SessionAuthorization;import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.FilterChain;
import java.io.IOException;
import javax.servlet.http.*;
import java.util.Iterator;public class SessionAuthorizationFilter implements Filter {
protected FilterConfig filterConfig; public void init(FilterConfig config) {
this.filterConfig = config;
} public void destroy() {
this.filterConfig = null;
} private String getFilePath(String filePathName) {
int pos = 0;
pos = filePathName.lastIndexOf(47);
if(pos != -1)
return filePathName.substring(0, pos);
pos = filePathName.lastIndexOf(92);
if(pos != -1)
return filePathName.substring(0, pos);
else
return filePathName;
} private String getFileName(String filePathName) {
int pos = 0;
pos = filePathName.lastIndexOf(47);
if(pos != -1)
return filePathName.substring(pos + 1, filePathName.length());
pos = filePathName.lastIndexOf(92);
if(pos != -1)
return filePathName.substring(pos + 1, filePathName.length());
else
return filePathName;
}
// Sets the URL we should redirect to in the session:
private String getCurrentURL(HttpServletRequest request) {
StringBuffer fullURL = new StringBuffer(request.getServletPath()); //HttpUtils.getRequestURL(request);
if (request.getQueryString() != null) {
fullURL.append("?").append(request.getQueryString());
}
return fullURL.toString();
} private boolean passed(ServletRequest request, ServletResponse response)
throws IOException, ServletException {
boolean result=false;
String objectName = this.filterConfig.getInitParameter("SESSION_NAME");//登录Session
String LogonPage = this.filterConfig.getInitParameter("LOGON_PAGE"); //登录页面
String ErrorPage = this.filterConfig.getInitParameter("ERRORPAGE");//无登录或权限无,错误提示。
String NotPermFiles = this.filterConfig.getInitParameter("NOTPERMFILES");//无需权限的页面。“ttt.htm;ss.jsp”
String NotPermPath = this.filterConfig.getInitParameter("NOTPERMPATH");//无需权限的 目录,此下的目录文件可直接访问。
HttpServletRequest req = (HttpServletRequest)request;
String FilePath = getFilePath(req.getServletPath());
String CurURLFileName = getFileName((HttpUtils.getRequestURL(req)).toString());
if (CurURLFileName.equals(LogonPage)||CurURLFileName.equals(ErrorPage)||(NotPermFiles.indexOf(CurURLFileName.toUpperCase())!=-1)) return true;
if (NotPermPath.indexOf(FilePath)!=-1) return true;
HttpSession session = req.getSession(false);
Object object=session.getAttribute(objectName);
if(object!=null){
return true
}
return false;
} public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
throws IOException, ServletException{
if (passed(request,response))
filterChain.doFilter(request, response);
else{
HttpServletResponse res = (HttpServletResponse)response;
String errorPage=this.filterConfig.getInitParameter("ERROR_PAGE");
res.sendRedirect(errorPage);
}
}
}web.xml: <filter>
<filter-name>sessionAuthorizationFilter</filter-name>
<filter-class>com.tjhq.training.struts.userperm.SessionAuthorizationFilter</filter-class>
<init-param>
<param-name>ERROR_PAGE</param-name>
<param-value>/login.shtml</param-value>
</init-param>
<init-param>
<param-name>SESSION_NAME</param-name>
<param-value>Training.authorization</param-value>
</init-param>
<init-param>
<param-name>LOGON_PAGE</param-name>
<param-value>Logon.do</param-value>
</init-param>
<init-param>
<param-name>ERRORPAGE</param-name>
<param-value>Error.jsp</param-value>
</init-param>
<init-param>
<param-name>NOTPERMFILES</param-name>
<param-value>INDEX.JSP</param-value>
</init-param>
<init-param>
<param-name>NOTPERMPATH</param-name>
<param-value>/TR_PUB,/menu</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>sessionAuthorizationFilter</filter-name>
<url-pattern>*.htm</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>sessionAuthorizationFilter</filter-name>
<url-pattern>*.html</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>sessionAuthorizationFilter</filter-name>
<url-pattern>*.doc</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>sessionAuthorizationFilter</filter-name>
<url-pattern>*.jpg</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>sessionAuthorizationFilter</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>