最新下载
热门教程
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
javaweb设计中filter粗粒度权限控制代码示例
时间:2022-06-29 01:15:11 编辑:袖梨 来源:一聚教程网
1 说明
我们给出三个页面:index.jsp、user.jsp、admin.jsp。
index.jsp:谁都可以访问,没有限制;
user.jsp:只有登录用户才能访问;
admin.jsp:只有管理员才能访问。
2 分析
设计User类:username、password、grade,其中grade表示用户等级,1表示普通用户,2表示管理员用户。
当用户登录成功后,把user保存到session中。
创建LoginFilter,它有两种过滤方式:
如果访问的是user.jsp,查看session中是否存在user;
如果访问的是admin.jsp,查看session中是否存在user,并且user的grade等于2。
3 代码
LoginServlet com.cug.web.servlet.LoginServlet LoginServlet /LoginServlet index.jsp UserFilter com.cug.filter.UserFilter UserFilter /user/* AdminFilter com.cug.filter.AdminFilter AdminFilter /admin/*
LoginServlet.java
package com.cug.web.servlet; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import com.cug.domain.User; import com.cug.web.service.UserService; public class LoginServlet extends HttpServlet{ @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { req.setCharacterEncoding("utf-8"); resp.setContentType("text/html;charset=utf-8"); String username = req.getParameter("username"); String password = req.getParameter("password"); User user = UserService.login(username, password); if(user == null){ req.setAttribute("msg", "用户名或者密码错误"); req.getRequestDispatcher("/login.jsp").forward(req, resp); } else{ req.getSession().setAttribute("user", user); req.getRequestDispatcher("index.jsp").forward(req,resp); } } }
UserService
package com.cug.web.service; import java.util.HashMap; import java.util.Map; import com.cug.domain.User; public class UserService { private static Mapusers = new HashMap (); static{ users.put("zhu", new User("zhu", "123", 2)); users.put("xiao", new User("xiao", "123", 1)); } public static User login(String username, String password){ User user = users.get(username); if(user == null) return null; if(!user.getPassword().equals(password)) return null; return user; } }
AdminFilter
package com.cug.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import com.cug.domain.User; public class AdminFilter implements Filter{ @Override public void destroy() { } @Override public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { req.setCharacterEncoding("utf-8"); resp.setContentType("text/html;charset=utf-8"); HttpServletRequest request = (HttpServletRequest)req; User user = (User)request.getSession().getAttribute("user"); if(user == null){ resp.getWriter().print("用户还没有登陆"); request.getRequestDispatcher("/login.jsp").forward(req, resp); } if(user.getGrade() < 2){ resp.getWriter().print("您的等级不够"); return; } chain.doFilter(req, resp); } @Override public void init(FilterConfig arg0) throws ServletException { } }
UserFilter
package com.cug.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import com.cug.domain.User; public class UserFilter implements Filter{ @Override public void destroy() { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { request.setCharacterEncoding("utf-8"); response.setContentType("text/html;charset=utf-8"); HttpServletRequest httpReq = (HttpServletRequest)request; User user = (User)httpReq.getSession().getAttribute("user"); if(user == null){ request.getRequestDispatcher("/login.jsp").forward(request, response); } chain.doFilter(request, response); } @Override public void init(FilterConfig filterConfig) throws ServletException { } }
User
package com.cug.domain; public class User { private String username; private String password; private int grade; public User() { super(); } public User(String username, String password, int grade) { super(); this.username = username; this.password = password; this.grade = grade; } public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public int getGrade() { return grade; } public void setGrade(int grade) { this.grade = grade; } @Override public String toString() { return "User [username=" + username + ", password=" + password + ", grade=" + grade + "]"; } }
html
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %>My JSP 'admin.jsp' starting page admin.jsp
${user.username }
首页
用户页
系统管理员
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %>My JSP 'user.jsp' starting page user.jsp
${user.username }
首页
用户登陆界面
管理员登陆界面
用户登录
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %>My JSP 'login.jsp' starting page ${msg }
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %>My JSP 'index.jsp' starting page index.jsp
${user.username }
首页
用户登陆界面
管理员登陆界面
相关文章
- 《燕云十六声》红尘无眼完成图文攻略 12-25
- 《燕云十六声》阴阳如影完成图文攻略 12-25
- 《燕云十六声》悬檐之下四架椽屋图文攻略 12-25
- 《燕云十六声》2024最新公测时间介绍 12-25
- 《燕云十六声》有没有藏宝阁 12-25
- 《燕云十六声》制作公司介绍 12-25