Session会话登陆案例
需求:
登陆成功后显示用户名,不成功跳转到登陆页面。
方案:
1.页面提交登陆信息
2.获取表单信息,如果登陆成功,将用户名存入session对象中。如果登陆不成功,重定向到失败页面。
3.登陆成功后,在用户主页面,判断 session不为null且存在指定的属性才视为登陆成功!才能访问资源。
4.安全退出时,删除session对象中的登陆名username属性即可。
原理:
登陆页面:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html> <head> <title>login.html</title> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="this is my page"> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <!--<link rel="stylesheet" type="text/css" href="./styles.css">--> </head> <body> <form action="/test/LoginServlet" method="post"> 用户名:<input type="text" name="username"/><br/> 密码:<input type="password" name="pwd"/><br/> <input type="submit" value="提交"/> </form> </body></html>
登陆Servlet:
package com.cn.session;import java.io.IOException;import java.io.PrintWriter;import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;/*** Author:Liu Zhiyong(QQ:1012421396)* Version:Version_1* Date:2016年12月4日13:23:26* Desc:Session会话登陆案例*/public class LoginServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.setCharacterEncoding("utf-8"); /* * 获取提交的参数 */ String username = request.getParameter("username"); String pwd = request.getParameter("pwd"); if("木丁西".equals(username) && "666666".equals(pwd)){//登陆成功 /* * 将用户名存入session域对象 */ HttpSession session = request.getSession(); session.setAttribute("username", username); response.sendRedirect(request.getContextPath() + "/IndexServlet"); }else{//登陆失败 response.sendRedirect(request.getContextPath() + "/fail.html"); } } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { this.doGet(request, response); }}
主页Servlet:
package com.cn.session;import java.io.IOException;import java.io.PrintWriter;import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;public class IndexServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html; charset=utf-8"); //获取session对象 HttpSession session = request.getSession(false); /** * 1.在用户主页,判断session不为空且存在指定的属性才视为登陆成功!才能访问资源。 */ //没有登陆成功,跳转到登陆界面 if(session == null){ response.sendRedirect(request.getContextPath() + "/login.html"); return; } PrintWriter writer = response.getWriter(); //取出会话数据 String username = (String)session.getAttribute("username"); /** * 2.不存在指定的属性,没有登陆成功,跳转到登陆界面 */ if(username == null){ response.sendRedirect(request.getContextPath() + "/login.html"); return; } String html = ""; html += "<html><body>欢迎回来," + username + ", <a href='/test/LogoutServlet'>安全退出</a></body></html>"; writer.write(html); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { this.doGet(request, response); }}
安全退出Servlet:
package com.cn.session;import java.io.IOException;import java.io.PrintWriter;import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;public class LogoutServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html; charset=utf-8"); /** * 安全退出: * 删除session对象中的登陆名username的属性即可 */ //获取当前session HttpSession session = request.getSession(false); if(session != null){ if(session.getAttribute("username") == null){ response.getWriter().write("<html><body>您还尚未登陆,请先!<a href='" + request.getContextPath() + "/login.html'>登录</a></body></hmtl>"); return; }// session.invalidate();//销毁session的对象 session.removeAttribute("username");//移除登陆名username的属性即可! response.getWriter().write("<html><body>退出成功!<a href='" + request.getContextPath() + "/login.html'>登录</a></body></hmtl>"); }else{ response.getWriter().write("<html><body>您还尚未登陆,请先!<a href='" + request.getContextPath() + "/login.html'>登录</a></body></hmtl>"); } } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { this.doGet(request, response); }}
效果: