重定向迴圈【過濾器Filter】
阿新 • • 發佈:2021-12-07
重定向迴圈【過濾器Filter】
1,問題如下:
2、列印一下請求的資源,發現:
3、分析原因:
問題出現在過濾器上,【web.xml 檔案的配置上,我們配置是過濾所有資源: /*】,過濾器是把所有請求都過濾,第一次在瀏覽器輸入 /login.jsp的請求,也被過濾器過濾了,導致它的使用者沒有儲存到session中。
4、解決:過濾器過濾之前需要進行判斷,當判斷為login.jsp 或者 loginServlet 的請求資源時,就不進行過濾,放行。
// System.out.println("當前正在過濾的資源:" + req.getRequestURI());//排除 掉過濾login.jsp 和 loginServlet的 情況 String requestUri = req.getRequestURI(); if(!("/login.jsp".equals(requestUri) || "/login".equals(requestUri))) { //過濾沒有登入的情況 Object user = req.getSession().getAttribute("USER_IN_SESSION"); if(user == null) { //沒有登入 resp.sendRedirect("/login.jsp");return; } }
❀ 最後,本例子的全部程式碼,包括配置檔案如下:
❀ 登入過濾器 CheckLoginFilter
package com.shan.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * 檢查登入的過濾器 * @author Huangyujun * */ public class CheckLoginFilter implements Filter{ @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { //型別轉換 HttpServletRequest req = (HttpServletRequest)request; HttpServletResponse resp = (HttpServletResponse)response; // System.out.println("當前正在過濾的資源:" + req.getRequestURI()); //排除 掉過濾login.jsp 和 loginServlet的 情況 String requestUri = req.getRequestURI(); if(!("/login.jsp".equals(requestUri) || "/login".equals(requestUri))) { //過濾沒有登入的情況 Object user = req.getSession().getAttribute("USER_IN_SESSION"); if(user == null) { //沒有登入 resp.sendRedirect("/login.jsp"); return; } } //放行 chain.doFilter(req, resp); } }
❀ 處理登入請求 LoginServlet
package com.shan.servlet; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * 登入的servlet * @author Huangyujun * */ @WebServlet("/login") public class LoginServlet extends HttpServlet{ @Override protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { //接收 處理 跳轉 String name = req.getParameter("username"); String password = req.getParameter("password"); System.out.println(name +"_" + password); //登入完就把使用者的賬號設定到session中去 req.getSession().setAttribute("USER_IN_SESSION", name); resp.sendRedirect("/welcome.jsp"); } }
❀ 登入介面的jsp login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"%> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>Insert title here</title> </head> <body> <form action="/login" method="post"> 賬號:<input type="text" name="username" required/><br/> 密碼:<input type="password" name="password"/><br/> <input type="submit" value="提交"/> </form> </body> </html>
❀ 歡迎、function1、function2、function3介面的jsp welcom.jsp、function1.jsp、function2.jsp、function3.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"%> <hr/> <a href="/function1.jsp">功能1</a> <a href="/function2.jsp">功能2</a> <a href="/function3.jsp">功能3</a>
<%@ page language="java" contentType="text/html; charset=UTF-8"%> <hr/> 功能1
<%@ page language="java" contentType="text/html; charset=UTF-8"%> <hr/> 功能3
<%@ page language="java" contentType="text/html; charset=UTF-8"%> <hr/> 功能2
❀web.xml 配置檔案
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd" id="WebApp_ID" version="4.0"> <display-name>filter-listener</display-name> <welcome-file-list> <welcome-file>index.html</welcome-file> <welcome-file>index.htm</welcome-file> <welcome-file>index.jsp</welcome-file> <welcome-file>default.html</welcome-file> <welcome-file>default.htm</welcome-file> <welcome-file>default.jsp</welcome-file> </welcome-file-list> <filter> <filter-name>CheckLoginFilter</filter-name> <filter-class>com.shan.filter.CheckLoginFilter</filter-class> </filter> <filter-mapping> <filter-name>CheckLoginFilter</filter-name> <!-- 對哪些資源做出過濾 --> <url-pattern>/*</url-pattern> </filter-mapping> </web-app>