用过滤器解决MVC添加书本信息时的登录安全问题
一:View addBook.jsp
1 <%@page language="java" contentType="text/html; charset=utf-8" 2 pageEncoding="utf-8" import="java.util.*" import="nuc.sw.EL.bean.EL"%> 3 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 4 <html> 5 <head> 6 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> 7 <title>Insert title here</title> 8 </head> 9 <body> 10 <form action="ELServlet" method="post"> 11 <table align="left" > 12 <tr> 13 <td>书名:</td> 14 <td><input type="text" name="bookName"></td> 15 </tr> 16 <tr> 17 <td>作者:</td> 18 <td><input type="text" name="authorName"></td> 19 </tr> 20 <tr> 21 <td>定价:</td> 22 <td><input type="text" name="bookPrice"></td> 23 </tr> 24 <tr> 25 <td><input type="submit" value="添加"></td> 26 </tr> 27 </table> 28 </form> 29 </body> 30 </html>
二:Model nuc.sw.EL.bean EL.java
1 package nuc.sw.EL.bean;
2
3 public class EL {
4 private String bookName;
5 private String authorName;
6 private float bookPrice;
7 public String getBookName() {
8 return bookName;
9 }
10 public void setBookName(String bookName) {
11 this.bookName = bookName;
12 }
13 public String getAuthorName() {
14 return authorName;
15 }
16 public void setAuthorName(String authorName) {
17 this.authorName = authorName;
18 }
19 public Float getBookPrice() {
20 return bookPrice;
21 }
22 public void setBookPrice(Float bookPrice) {
23 this.bookPrice = bookPrice;
24 }
25
26 }
三:Control nuc.sw.EL.servlet ELServlet.java
1 package nuc.sw.EL.servlet;
2
3 import java.io.IOException;
4 import java.util.ArrayList;
5 import java.util.List;
6
7 import javax.servlet.ServletException;
8 import javax.servlet.http.HttpServlet;
9 import javax.servlet.http.HttpServletRequest;
10 import javax.servlet.http.HttpServletResponse;
11
12 import nuc.sw.EL.bean.EL;
13
14 /**
15 * Servlet implementation class ELServlet
16 */
17 public class ELServlet extends HttpServlet {
18 private static final long serialVersionUID = 1L;
19
20 /**
21 * @see HttpServlet#HttpServlet()
22 */
23 public ELServlet() {
24 super();
25 // TODO Auto-generated constructor stub
26 }
27
28 /**
29 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
30 */
31 protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
32 // TODO Auto-generated method stub
33 response.getWriter().append("Served at: ").append(request.getContextPath());
34 }
35
36 /**
37 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
38 */
39 protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
40 // TODO Auto-generated method stub
41 //doGet(request, response);
42 EL el=new EL();
43 el.setBookName(request.getParameter("bookName"));
44 el.setAuthorName(request.getParameter("authorName"));
45 el.setBookPrice(Float.parseFloat(request.getParameter("bookPrice")));
46 //request.setAttribute("el", el);
47 List<EL> list;
48 if(request.getSession().getAttribute("booklist")==null){
49 list= new ArrayList<EL>();
50 list.add(el);
51 }
52 else{
53 list=(ArrayList<EL>)request.getSession().getAttribute("booklist");
54 list.add(el);
55 }
56
57 request.getSession().setAttribute("booklist", list);
58 request.getRequestDispatcher("showBookInfo.jsp").forward(request, response);
59 //request.getRequestDispatcher("addBook.jsp").forward(request, response);
60 }
61
62 }
四:显示书本信息 showBookInfo.jsp
1 <%@page language="java" contentType="text/html; charset=utf-8"
2 pageEncoding="utf-8" import="java.util.*,nuc.sw.EL.bean.EL"%>
3 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
4 <html>
5 <head>
6 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
7 <title>Insert title here</title>
8 </head>
9 <body>
10 <table align="right" border="1">
11 <caption>全部书籍信息</caption>
12 <tr>
13 <td>书名:</td>
14 <td>作者:</td>
15 <td>定价:</td>
16 </tr>
17 <%
18 Iterator<EL> iter=((ArrayList<EL>)session.getAttribute("booklist")).iterator();
19 while(iter.hasNext()){
20 pageContext.setAttribute("book",iter.next());
21 %>
22
23 <tr>
24 <td>${book.bookName} </td>
25 <td>${book.authorName} </td>
26 <td>${book.bookPrice} </td>
27 </tr>
28 <%
29 }
30 %>
31
32 </table>
33 <a href="addBook.jsp">继续添加</a>
34 </body>
35 </html>
五:设置汉字乱码 nuc.sw.book.filter EncodingFilter.java
1 package nuc.sw.book.filter;
2
3 import java.io.IOException;
4 import javax.servlet.Filter;
5 import javax.servlet.FilterChain;
6 import javax.servlet.FilterConfig;
7 import javax.servlet.ServletException;
8 import javax.servlet.ServletRequest;
9 import javax.servlet.ServletResponse;
10
11 /**
12 * Servlet Filter implementation class EncodingFilter
13 */
14 public class EncodingFilter implements Filter {
15
16 /**
17 * Default constructor.
18 */
19 public EncodingFilter() {
20 // TODO Auto-generated constructor stub
21 }
22
23 /**
24 * @see Filter#destroy()
25 */
26 public void destroy() {
27 // TODO Auto-generated method stub
28 }
29
30 /**
31 * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
32 */
33 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
34 // TODO Auto-generated method stub
35 // place your code here
36
37 // pass the request along the filter chain
38 request.setCharacterEncoding("utf-8");
39 chain.doFilter(request, response);
40 }
41
42 /**
43 * @see Filter#init(FilterConfig)
44 */
45 public void init(FilterConfig fConfig) throws ServletException {
46 // TODO Auto-generated method stub
47 }
48
49 }
六:登陆页面 login.jsp
1 <%@ page language="java" contentType="text/html; charset=utf-8" 2 pageEncoding="utf-8"%> 3 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 4 <html> 5 <head> 6 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> 7 <title>登录页面</title> 8 </head> 9 <body> 10 <font color="red">${requestScope.error}</font> 11 <form action="loginServlet" method="post" > 12 用户名:<input type="text" name="username"><br> 13 密码:<input type="text" name="password"><br> 14 <input type="submit" value="登录"> 15 </form> 16 </body> 17 </html>
七:设置登录安全问题 nuc.sw.login.loginServlet loginServlet.java
1 package nuc.sw.login.LoginServlet; 2 3 import java.io.IOException; 4 import javax.servlet.ServletException; 5 import javax.servlet.http.HttpServlet; 6 import javax.servlet.http.HttpServletRequest; 7 import javax.servlet.http.HttpServletResponse; 8 9 /** 10 * Servlet implementation class loginServlet 11 */ 12 public class loginServlet extends HttpServlet { 13 private static final long serialVersionUID = 1L; 14 15 /** 16 * @see HttpServlet#HttpServlet() 17 */ 18 public loginServlet() { 19 super(); 20 // TODO Auto-generated constructor stub 21 } 22 23 /** 24 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) 25 */ 26 protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { 27 // TODO Auto-generated method stub 28 response.getWriter().append("Served at: ").append(request.getContextPath()); 29 } 30 31 /** 32 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) 33 */ 34 protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { 35 // TODO Auto-generated method stub 36 //doGet(request, response); 37 38 39 String userName=request.getParameter("username"); 40 String passWord=request.getParameter("password"); 41 //判断用户名面是否正确。如果正确,直接去addBook.jsp;不正确,就跳回登录页面,提示框显示错误。 42 if(userName.equals("张丹")&&passWord.equals("123")){ 43 //一次会话中,需要将信息放入Session中 44 request.getSession().setAttribute("user",userName); 45 request.getRequestDispatcher("addBook.jsp").forward(request, response); 46 } 47 else{ 48 request.setAttribute("error","用户名或者密码错误"); 49 request.getRequestDispatcher("login.jsp").forward(request, response); 50 } 51 } 52 53 }
八:设置登录过滤问题 nuc.sw.book.filter LoginFilter.java
1 package nuc.sw.login.LoginServlet; 2 3 import java.io.IOException; 4 import javax.servlet.ServletException; 5 import javax.servlet.http.HttpServlet; 6 import javax.servlet.http.HttpServletRequest; 7 import javax.servlet.http.HttpServletResponse; 8 9 /** 10 * Servlet implementation class loginServlet 11 */ 12 public class loginServlet extends HttpServlet { 13 private static final long serialVersionUID = 1L; 14 15 /** 16 * @see HttpServlet#HttpServlet() 17 */ 18 public loginServlet() { 19 super(); 20 // TODO Auto-generated constructor stub 21 } 22 23 /** 24 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) 25 */ 26 protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { 27 // TODO Auto-generated method stub 28 response.getWriter().append("Served at: ").append(request.getContextPath()); 29 } 30 31 /** 32 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) 33 */ 34 protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { 35 // TODO Auto-generated method stub 36 //doGet(request, response); 37 38 39 String userName=request.getParameter("username"); 40 String passWord=request.getParameter("password"); 41 //判断用户名面是否正确。如果正确,直接去addBook.jsp;不正确,就跳回登录页面,提示框显示错误。 42 if(userName.equals("张丹")&&passWord.equals("123")){ 43 //一次会话中,需要将信息放入Session中 44 request.getSession().setAttribute("user",userName); 45 request.getRequestDispatcher("addBook.jsp").forward(request, response); 46 } 47 else{ 48 request.setAttribute("error","用户名或者密码错误"); 49 request.getRequestDispatcher("login.jsp").forward(request, response); 50 } 51 } 52 53 }
九:运行结果
浙公网安备 33010602011771号