login.jsp
<%@ page language="java" pageEncoding="UTF-8"%><html>
<head>
<title>登陆窗口</title>
<script type="text/javascript"> function login()
{ var vusername =document.all.username.value;
var vpassword = document.all.password.value;
var vusertype = document.all.usertype.value; if(vusername=="")
{
document.all.usernull.style.display="";
document.all.username.focus();
return ;
}
else
{
document.all.usernull.style.display="none";
}
if(vpassword == "")
{
document.all.pwdnull.style.display="";
document.all.password.focus();
return ;
}
else
{
document.all.pwdnull.style.display="none";
}
if(vusertype == "")
{
document.all.usertypenull.style.display="";
document.all.usertype.focus();
return ;
}
else
{
document.all.usertypenull.style.display="none";
}
document.all.login1.submit();
}
</script>
</head>
<body>
<form action="login.do" method="post" name="login1" id="login1">
用户:<input type="text" name="username" id="username"/><span id="usernull" style="display: none;"><font color="red">用户名不能为空!!!</font></span><br>
密码:<input type="password" name="password" id="password" ><span id="pwdnull" style="display: none;"><font color="red">密码不能为空!!!</font></span><br>
类型:<select name="usertype" id="usertype">
<option value="">--请选择--</option>
<option value="4">编辑</option>
<option value="3">主编</option>
<option value="2">老师</option>
<option value="1">系统管理员</option>
<option value="0">超级管理员</option>
</select><span id="usertypenull" style="display: none;"><font color="red">请选择用户类型!!!</font></span><br>
<input type="button" name="loginBut" value="登陆" onClick="login()">
<input type="reset" value="重写 "/>
</form>
</body>
</html>
LoginFilter类
package com.zsw.ac.filter;import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginFilter implements Filter {
private String strRedirect = "";
protected FilterConfig filterConfig;
public void destroy() {
// TODO Auto-generated method stub
this.filterConfig = null;
}
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
// TODO Auto-generated method stub
HttpServletRequest hreq = (HttpServletRequest) req;
HttpServletResponse hres = (HttpServletResponse) res;
HttpSession session = hreq.getSession(true);
String isLogin = "";
strRedirect = "http://" + hreq.getServerName() + ":" + hreq.getServerPort() +hreq.getContextPath()+ "/login.jsp";
System.out.println("web URL 路径:"+strRedirect);
try { if (null != session.getAttribute("username")) {
isLogin = session.getAttribute("username").toString();
System.out.println();
}
if (!isLogin.equals("")) {
System.out.println("验证通过");
chain.doFilter(req, res);
} else {
hres.sendRedirect(strRedirect);
}
} catch (Exception e) {
e.printStackTrace();
}
}
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
this.filterConfig = arg0;
}
}
Action类
/*
* Generated by MyEclipse Struts
* Template path: templates/java/JavaClass.vtl
*/
package com.zsw.login.action;import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;import com.zsw.ac.superadmin.service.SuperAdminService;
import com.zsw.ac.superadmin.vo.SuperAdmin;
import com.zsw.login.form.LoginForm;/**
* MyEclipse Struts
* Creation date: 06-18-2008
*
* XDoclet definition:
* @struts.action path="/login" name="loginForm" input="/login.jsp" scope="request" validate="true"
*/
public class LoginAction extends Action {
/*
* Generated Methods
*/ /**
* Method execute
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {
LoginForm loginForm = (LoginForm) form;
/*接收客户端提交的参数*/
//用户名
String uname = loginForm.getUsername();
//密码
String pwd = loginForm.getPassword();
//级别
int utype = loginForm.getUsertype();
//路径
System.out.println(uname);
System.out.println(pwd);
System.out.println(utype);
String path = "login";
System.out.println("****************8");
if (loginForm.getUsertype() == utype) {
//定义一个超级管理员对象
SuperAdmin supAdmin = null;
//调用service层,返回SuperAdmin对象
supAdmin = new SuperAdminService().login(uname, pwd);
if (supAdmin != null) {
//如果不为空设置到request中去
System.out.println("****************8");
request.setAttribute("name", supAdmin.getMyName());
request.setAttribute("password", supAdmin.getSupPassword());
request.setAttribute("pank", supAdmin.getSuperPank());
path = "suploginsuc";//
//返回
return mapping.findForward(path);
} }
return mapping.findForward(path);
}
}
web.xml是过滤所用请求
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.zsw.ac.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
为什么不出效果,当填写了用户名和密码提交后,出现死循环不停的往控制台打印web URL 路径:http://localhost:8080/ArticleCharge/login.jsp
我用的是struts框架
<%@ page language="java" pageEncoding="UTF-8"%><html>
<head>
<title>登陆窗口</title>
<script type="text/javascript"> function login()
{ var vusername =document.all.username.value;
var vpassword = document.all.password.value;
var vusertype = document.all.usertype.value; if(vusername=="")
{
document.all.usernull.style.display="";
document.all.username.focus();
return ;
}
else
{
document.all.usernull.style.display="none";
}
if(vpassword == "")
{
document.all.pwdnull.style.display="";
document.all.password.focus();
return ;
}
else
{
document.all.pwdnull.style.display="none";
}
if(vusertype == "")
{
document.all.usertypenull.style.display="";
document.all.usertype.focus();
return ;
}
else
{
document.all.usertypenull.style.display="none";
}
document.all.login1.submit();
}
</script>
</head>
<body>
<form action="login.do" method="post" name="login1" id="login1">
用户:<input type="text" name="username" id="username"/><span id="usernull" style="display: none;"><font color="red">用户名不能为空!!!</font></span><br>
密码:<input type="password" name="password" id="password" ><span id="pwdnull" style="display: none;"><font color="red">密码不能为空!!!</font></span><br>
类型:<select name="usertype" id="usertype">
<option value="">--请选择--</option>
<option value="4">编辑</option>
<option value="3">主编</option>
<option value="2">老师</option>
<option value="1">系统管理员</option>
<option value="0">超级管理员</option>
</select><span id="usertypenull" style="display: none;"><font color="red">请选择用户类型!!!</font></span><br>
<input type="button" name="loginBut" value="登陆" onClick="login()">
<input type="reset" value="重写 "/>
</form>
</body>
</html>
LoginFilter类
package com.zsw.ac.filter;import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginFilter implements Filter {
private String strRedirect = "";
protected FilterConfig filterConfig;
public void destroy() {
// TODO Auto-generated method stub
this.filterConfig = null;
}
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
// TODO Auto-generated method stub
HttpServletRequest hreq = (HttpServletRequest) req;
HttpServletResponse hres = (HttpServletResponse) res;
HttpSession session = hreq.getSession(true);
String isLogin = "";
strRedirect = "http://" + hreq.getServerName() + ":" + hreq.getServerPort() +hreq.getContextPath()+ "/login.jsp";
System.out.println("web URL 路径:"+strRedirect);
try { if (null != session.getAttribute("username")) {
isLogin = session.getAttribute("username").toString();
System.out.println();
}
if (!isLogin.equals("")) {
System.out.println("验证通过");
chain.doFilter(req, res);
} else {
hres.sendRedirect(strRedirect);
}
} catch (Exception e) {
e.printStackTrace();
}
}
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
this.filterConfig = arg0;
}
}
Action类
/*
* Generated by MyEclipse Struts
* Template path: templates/java/JavaClass.vtl
*/
package com.zsw.login.action;import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;import com.zsw.ac.superadmin.service.SuperAdminService;
import com.zsw.ac.superadmin.vo.SuperAdmin;
import com.zsw.login.form.LoginForm;/**
* MyEclipse Struts
* Creation date: 06-18-2008
*
* XDoclet definition:
* @struts.action path="/login" name="loginForm" input="/login.jsp" scope="request" validate="true"
*/
public class LoginAction extends Action {
/*
* Generated Methods
*/ /**
* Method execute
* @param mapping
* @param form
* @param request
* @param response
* @return ActionForward
*/
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {
LoginForm loginForm = (LoginForm) form;
/*接收客户端提交的参数*/
//用户名
String uname = loginForm.getUsername();
//密码
String pwd = loginForm.getPassword();
//级别
int utype = loginForm.getUsertype();
//路径
System.out.println(uname);
System.out.println(pwd);
System.out.println(utype);
String path = "login";
System.out.println("****************8");
if (loginForm.getUsertype() == utype) {
//定义一个超级管理员对象
SuperAdmin supAdmin = null;
//调用service层,返回SuperAdmin对象
supAdmin = new SuperAdminService().login(uname, pwd);
if (supAdmin != null) {
//如果不为空设置到request中去
System.out.println("****************8");
request.setAttribute("name", supAdmin.getMyName());
request.setAttribute("password", supAdmin.getSupPassword());
request.setAttribute("pank", supAdmin.getSuperPank());
path = "suploginsuc";//
//返回
return mapping.findForward(path);
} }
return mapping.findForward(path);
}
}
web.xml是过滤所用请求
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.zsw.ac.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
为什么不出效果,当填写了用户名和密码提交后,出现死循环不停的往控制台打印web URL 路径:http://localhost:8080/ArticleCharge/login.jsp
我用的是struts框架
解决方案 »
- 如何禁止svg图的放大缩小功能
- 求正则表达式(需要匹配连续空格中的除了第一个空格的其他空格)
- web开发问题,高分求助
- 在线急求一个struts+hibernate分页的例子 !!
- 关于 程序效率 和 开发难度 你们如何取舍?
- 求救阿,我用STRUTS开发的时候碰到了java.lang.NullPointerException异常,实在找不出来,求救
- 帮帮忙,怎样在client端检查一个文件的大小?什么方法都行?急!没分了,后补,多谢了!
- 请帮我看看为什么我的Switch...Case语句报错
- 特急!!请各位高手帮个忙!!
- myeclipse file路径在本地调试有效,为什么deployment到tomcat就找不到路径了
- 关于Sql语句中的一个疑问
- 限制上传图片大小和类型
楼主【sjzpc040529】截止到2008-07-02 13:26:38的历史汇总数据(不包括此帖):
发帖的总数量:6 发帖的总分数:210
结贴的总数量:6 结贴的总分数:210
无满意结贴数:0 无满意结贴分:0
未结的帖子数:0 未结的总分数:0
结贴的百分比:100.00% 结分的百分比:100.00%
无满意结贴率:0.00 % 无满意结分率:0.00 %
敬礼!
你必须放过与登陆有关的地址
比如:login.jsp和login.do之类的
解决办法可以在Action里判断,如果请求路径中包含login相关信息的,则不过滤,其它的过滤就OK了
我想放到request中,因为在session中不太安全,我觉得是哦
但是我放到request中的时候,当第二次请求就被过滤走了,还要重新登陆
我用的是struts框架,楼上的意思我不太明白,能说的清楚点吗
Action 里判断?有过滤器根本到不了 Action。应该在过滤器中作判断,如果请求的是 login.jsp 或 login.do 就不作是否登录的判断直接放行。
<url-pattern>/* </url-pattern>
楼主对站点的所有路径都设置了过滤器过滤
试想如下循环访问login.jsp页面->login.jsp设置了过滤器->过滤器过滤对login.jsp的请求->
过滤器发现对login.jsp的访问不符合访问要求->过滤器请求重定向到login.jsp->重新访问login.jsp->过滤器对login.jsp的访问进行过滤.......