Session 起航 登录会话和注销请求 重定向和转发

【LoginServlet】

@WebServlet(name="loginServlet",urlPatterns = "/login")
public class LoginServlet extends HttpServlet{
    private static final Map<String,String> userDatabase = new Hashtable<>();

    static {
        userDatabase.put("user1","123456");
        userDatabase.put("user2","123456");
        userDatabase.put("user3","123456");
        userDatabase.put("user4","123456");
    }


    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        HttpSession session = req.getSession();
        if (req.getParameter("logout")!=null){
            session.invalidate();
            resp.sendRedirect("login");
            return;
        //     已经登录上的
        }else if (session.getAttribute("username")!=null){
            resp.sendRedirect("tickets");
            return;
        }
        req.setAttribute("loginFailed",false);
        req.getRequestDispatcher("/WEB-INF/jsp/view/login.jsp").forward(req,resp);
    }

    @Override
    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        HttpSession session = req.getSession();
        //注销
        if (req.getParameter("logout")!=null){
            session.invalidate();
            resp.sendRedirect("login");
            return;
        //    登录会话
        }else if (session.getAttribute("username")!=null){
            resp.sendRedirect("tickets");
            return;
        }
        String username = req.getParameter("username");
        String userpassword = req.getParameter("userpassword");
        if (username == null || userpassword == null ||
                !LoginServlet.userDatabase.containsKey(username)||
                !userpassword.equals(LoginServlet.userDatabase.get(username))){
            req.setAttribute("loginFailed",true);
            req.getRequestDispatcher("/WEB-INF/jsp/view/login.jsp")
                    .forward(req,resp);
        }else {
            session.setAttribute("username",username);
            req.changeSessionId();//登录更新会话id
            resp.sendRedirect("tickets");
        }
    }
}

【重定向和转发】

转发是服务器行为。

重定向是客户端行为。

【login.jsp】

  <h2>登录</h2>
    <%
        if ((boolean)request.getAttribute("loginFailed")){
            out.println("您输入的密码或用户名不对");
        }
    %>
    <form action="<c:url value="/login"/>" method="post">
        用户名<br />
        <input type="text" name="username" /><br />
        密码<br />
        <input type="password" name="userpassword" value="banana" /><br />
        <input type="submit" value="登录"/>
    </form>