jsp:通过Session控制登陆时间和内部页面的访问

Posted dYb

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了jsp:通过Session控制登陆时间和内部页面的访问相关的知识,希望对你有一定的参考价值。

一,通过session的关闭浏览器销毁,和使用getAttribute设置session对象值来控制页面用户是否有权限进入。

1,以下是登陆页面的代码,使用表单提交数据给一个servlet进行数据的处理

<form action="com.in.User" method="post">
<div class="loginbox">
<div class="errorbox"><i class="error"></i>用户名或密码错误,请重新输入!</div>
<div class="logongroup">
<input class="intext" type="text" name="UserName" placeholder="用户名" />
<i class="user"></i>
</div>
<div class="logongroup">
<input class="intext" type="password" name="PassWord" placeholder="密码" />
<i class="password"></i>
</div>
<div class="logongroup submitbox">
<button class="submitbtn" type="submit">&nbsp;&nbsp;</button>
</div>
</div>
</form>

2,创建一个名为User的servlet页面

    在doget方法中创建session对象,使用setAttribute方法为其赋值,

package com.in;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class User extends HttpServlet {

    /**
     * Constructor of the object.
     */
    public User() {
        super();
    }

    /**  
     * Destruction of the servlet. <br>
     */
    public void destroy() {
        super.destroy(); // Just puts "destroy" string in log
        // Put your code here
    }

    /**
     * The doGet method of the servlet. <br>
     *
     * This method is called when a form has its tag value method equals to get.
     * 
     * @param request the request send by the client to the server
     * @param response the response send by the server to the client
     * @throws ServletException if an error occurred
     * @throws IOException if an error occurred
     */
    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        HttpSession session=request.getSession();
        session.setAttribute("user","yes");
        request.getRequestDispatcher("default.jsp").forward(request, response);
        
    }

    /**
     * The doPost method of the servlet. <br>
     *
     * This method is called when a form has its tag value method equals to post.
     * 
     * @param request the request send by the client to the server
     * @param response the response send by the server to the client
     * @throws ServletException if an error occurred
     * @throws IOException if an error occurred
     */
    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
    }

    /**
     * Initialization of the servlet. <br>
     *
     * @throws ServletException if an error occurs
     */
    public void init() throws ServletException {
        // Put your code here
    }

}

 3,在登陆之后的页面中加入以下代码,以控制页面的访问权限。

    放在<body>的下方,如果session为空或不等于上面赋的值,便跳转到登陆页面,重新为session赋值。

<%
        String aa=(String)session.getAttribute("user");
        if(!"yes".equals(aa)&&aa==null){
        response.sendRedirect("longin.jsp");
        }
 %>

 

以上是关于jsp:通过Session控制登陆时间和内部页面的访问的主要内容,如果未能解决你的问题,请参考以下文章

如何jsp使用filter防止页面不登陆就访问

JSP中解决session超时跳转到登陆页面并跳出iframe框架或局部区域的方法

JSP中怎样用session保存并验证用户登录信息

php中怎么用session来控制页面的访问权限?

jsp不用框架,如何实现用户登陆后显示用户信息,隐藏登陆框

jsp应用-实现用户登陆功能