一,通过session的关闭浏览器销毁,和使用getAttribute设置session对象值来控制页面用户是否有权限进入。
1,以下是登陆页面的代码,使用表单提交数据给一个servlet进行数据的处理
<form action="com.in.User" method="post"> <div class="loginbox"> <div class="errorbox"><i class="error"></i>用户名或密码错误,请重新输入!</div> <div class="logongroup"> <input class="intext" type="text" name="UserName" placeholder="用户名" /> <i class="user"></i> </div> <div class="logongroup"> <input class="intext" type="password" name="PassWord" placeholder="密码" /> <i class="password"></i> </div> <div class="logongroup submitbox"> <button class="submitbtn" type="submit">登 录</button> </div> </div> </form>
2,创建一个名为User的servlet页面
在doget方法中创建session对象,使用setAttribute方法为其赋值,
package com.in; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class User extends HttpServlet { /** * Constructor of the object. */ public User() { super(); } /** * Destruction of the servlet. <br> */ public void destroy() { super.destroy(); // Just puts "destroy" string in log // Put your code here } /** * The doGet method of the servlet. <br> * * This method is called when a form has its tag value method equals to get. * * @param request the request send by the client to the server * @param response the response send by the server to the client * @throws ServletException if an error occurred * @throws IOException if an error occurred */ public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession session=request.getSession(); session.setAttribute("user","yes"); request.getRequestDispatcher("default.jsp").forward(request, response); } /** * The doPost method of the servlet. <br> * * This method is called when a form has its tag value method equals to post. * * @param request the request send by the client to the server * @param response the response send by the server to the client * @throws ServletException if an error occurred * @throws IOException if an error occurred */ public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { } /** * Initialization of the servlet. <br> * * @throws ServletException if an error occurs */ public void init() throws ServletException { // Put your code here } }
3,在登陆之后的页面中加入以下代码,以控制页面的访问权限。
放在<body>的下方,如果session为空或不等于上面赋的值,便跳转到登陆页面,重新为session赋值。
<% String aa=(String)session.getAttribute("user"); if(!"yes".equals(aa)&&aa==null){ response.sendRedirect("longin.jsp"); } %>