欢迎大家来到IT世界,在知识的湖畔探索吧!
权限校验
<%@ page pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<title>Insert title here</title>
</head>
<body>
<form action="${pageContext.request.contextPath}/login" method="post">
<h2>登陆页面</h2>
用户名:<input name="name" value="磨时间"/> <br/><br/>
密 码:<input name="pwd" type="password" value="123456"/> <br/><br/>
<input value="提交" type="submit"/> <br/><br/>
</form>
</body>
</html>
欢迎大家来到IT世界,在知识的湖畔探索吧!
欢迎大家来到IT世界,在知识的湖畔探索吧!@SuppressWarnings("serial")
@WebServlet(urlPatterns= {"/login","/logout"})
public class LoginServlet extends HttpServlet{
@Override
protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String path = req.getServletPath();
if("/login".equals(path)) {
doLogin(req,resp);
}else if("/logout".equals(path)){
doLogout(req,resp);
}
}
private void doLogout(HttpServletRequest req, HttpServletResponse resp) throws IOException {
req.getSession().invalidate();
resp.sendRedirect("index.html");
}
protected void doLogin(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//获取请求参数方法1
String name = req.getParameter("name");
String pwd = req.getParameter("pwd");
//获取请求参数方法2
Map<String, String[]> map = req.getParameterMap();
for(Entry<String, String[]> entry : map.entrySet()) {
System.out.println(entry.getKey() + " -- " + entry.getValue()[0]);
}
//获取请求参数方法3
Enumeration<String> names = req.getParameterNames();
System.out.println(names.nextElement());
// 这就是演示 可以自己改 随意写的
if("磨时间".equals(name) && "123456".equals(pwd)) {
req.getSession().setAttribute("name", name);
resp.sendRedirect("admin/success.jsp");
}else {
resp.sendRedirect("login.jsp");
}
// resp.getWriter().print("<h1>请求参数:" + name + " -- " + pwd + "</h1>");
}
}
过滤器添加权限
public class LoginFilter implements Filter{
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2)
throws IOException, ServletException {
//1.获取Session
HttpServletRequest req = (HttpServletRequest)arg0;
HttpServletResponse resp = (HttpServletResponse)arg1;
HttpSession session = req.getSession();
//2.通过Session获取name绑定值
Object obj = session.getAttribute("name");
//3.判断name是否为null,为空跳转到登陆页面
if(obj==null) {
resp.sendRedirect("/login.jsp");
return;
}
//4.判断name是否不为null,放行
arg2.doFilter(arg0, arg1);
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}
配置 web.xml
欢迎大家来到IT世界,在知识的湖畔探索吧! <filter>
<filter-name>EncodingFilter</filter-name>
<filter-class>cn.xxxx.filter.EncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>EncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>cn.xxxx.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/admin/*</url-pattern><!-- 约定大于配置,那些路径下才过滤,那些不过滤 -->
</filter-mapping>
字符编码
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException {
String encoding = config.getInitParameter("encoding");
req.setCharacterEncoding(encoding);
resp.setContentType("text/html;charset=UTF-8");
chain.doFilter(req, resp);
}
@Override
public void init(FilterConfig config) throws ServletException {
this.config = config;
}
web.xml
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>cn.laonian.filter.EncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
字符过滤
//接收前端数据的功能增强
public class MyHttpServletRequest extends HttpServletRequestWrapper{
private HttpServletRequest req;
public MyHttpServletRequest(HttpServletRequest req) {
super(req);
this.req = req;
}
//到时在Servlet获取请求参数的时候实际上调用的是这个方法,名字可以自定义,但是最好一样,方便理解
@Override
public String getParameter(String name) {//常用
Map<String, String[]> map = getParameterMap();
String[] values = map.get(name);
return values == null?null:values[0];
}
//到时在Servlet获取请求参数的时候实际上调用的是这个方法,名字可以自定义,但是最好一样,方便理解
@Override
public Map<String, String[]> getParameterMap() {//用的比较少
//获取请求参数
Map<String, String[]> map = req.getParameterMap();
//将敏感数据替换掉
for(Entry<String, String[]> set : map.entrySet()) {
String[] values = set.getValue();
// for(String str : values) {//不能用这个,否则替换不了
// str = str.replaceAll("傻逼", "***");
// }
for(int i = 0 ; i < values.length;i++ ) {
//返回值是被替换的值
values[i] = values[i].replaceAll("傻逼", "***");
}
}
return map;
}
//到时在Servlet获取请求参数的时候实际上调用的是这个方法,名字可以自定义,但是最好一样,方便理解
@Override
public String[] getParameterValues(String name) {//复选框
return getParameterMap().get(name);
}
}
过滤器
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
MyHttpServletRequest req = new MyHttpServletRequest((HttpServletRequest) request);
chain.doFilter(req, response);
}
顺手点个赞呗!~
免责声明:本站所有文章内容,图片,视频等均是来源于用户投稿和互联网及文摘转载整编而成,不代表本站观点,不承担相关法律责任。其著作权各归其原作者或其出版社所有。如发现本站有涉嫌抄袭侵权/违法违规的内容,侵犯到您的权益,请在线联系站长,一经查实,本站将立刻删除。 本文来自网络,若有侵权,请联系删除,如若转载,请注明出处:https://itzsg.com/49373.html