用户的登录和注销是最常见的Web应用案例,当一个应用的客户登录了以后,其他所有的会话都得知道这个用户已经登录还很有可能得提取用户的昵称予以显示等等,所以,只有把登录成功的用户的信息放入到Session中才能够办到使所有的Servlet都能访问到用户的登录状态,
第一是登录的界面,是HTML的一个表单,非常的简单
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>登陆界面</title></head><body><form action="/Web/servlet/LoginServlet" method="post">帐号:<input type="text" name="username"><br>密码:<input type="password" name="password"><br><input type="submit" value="登录"></form></body></html>
第二是处理登录信息的LoginServlet
package com.bird.login; import java.io.IOException; import java.io.PrintWriter; import java.util.ArrayList; import java.util.List; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class LoginServlet extends HttpServlet { /** * @category 使用Session处理用户登陆 * @author Bird */ private static final long serialVersionUID = 1L; public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setCharacterEncoding("UTF-8"); response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.getWriter(); String username = request.getParameter("username"); String password = request.getParameter("password"); List<User> list = Db.getAll(); for(User u: list){ if(u.getUsername().equals(username) && u.getPassword().equals(password)){ request.getSession().setAttribute("user", u);//登录成功,将用户数据放入到Session中 response.sendRedirect("/Web/index.jsp"); return;//进行重定向,并且下面的代码不再执行 } } out.write("您的应户名或密码错误"); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request,response); } } class Db{ public static List<User> list = new ArrayList<User>(); static{ list.add(new User("aaa","123")); list.add(new User("bbb","123")); list.add(new User("ccc","123")); } public static List<User> getAll(){ return list; } }
这里有个小疑问,如果用户是在数据库中中,是把用户全部读出来再遍历快?还是直接在JDBC是查询来的快
第三,用户的信息封装在User对象中
package com.bird.login;/*** @category 封装用户的数据的对象* @author Bird**/public class User {private String username;private String password;public User() {}public User(String username, String password) {this.username = username;this.password = password;}public String getUsername() {return username;}public void setUsername(String username) {this.username = username;}public String getPassword() {return password;}public void setPassword(String password) {this.password = password;}}
第四是处理用户注销的Servlet
package com.bird.login; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class LoginOutServlet extends HttpServlet { /** * @category 退出登录的Servlet,注销 * @author Bird */ private static final long serialVersionUID = 1L; public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession session = request.getSession(false);//防止创建Session if(session == null){ response.sendRedirect("/Web/index.jsp"); return; } session.removeAttribute("user"); response.sendRedirect("/Web/index.jsp"); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { } }
第五是最终的显示界面
%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><title>My JSP 'index.jsp' starting page</title></head><body>欢迎您,${user.username} <br><a href="/Web/servlet/LoginOutServlet">退出登录</a></body></html>