权限登录系统案例-Java Web开发实例
1、User.java
创建用户实例,包括:用户名、密码、权限三种属性
public class User
{
private String username;
private String password;
private String authority;
public String getUsername()
{
return username;
}
public void setUsername(String username)
{
this.username = username;
}
public String getPassword()
{
return password;
}
public void setPassword(String password)
{
this.password = password;
}
public String getAuthority()
{
return authority;
}
public void setAuthority(String authority)
{
this.authority = authority;
}
}2、UserLoginServlet.java
获取到前端用户界面输入的用户名、密码及权限参数,判断这三种属性是否正确,转向相应的处理页面。
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.shengsiyuan.bean.User;
public class UserLoginServlet extends HttpServlet
{
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException
{
User user = new User();
HttpSession session = req.getSession();
String username = req.getParameter("username");
String password = req.getParameter("password");
String authority = req.getParameter("authority");
if("1".equals(authority)){
//登录的是普通用户
if("zhangsan".equals(username) && "123".equals(password)){
// 将用户的信息放置到session当中
user.setUsername(username);
user.setPassword(password);
user.setAuthority(authority);
session.setAttribute("user", user);
//请求转发的形式转向下一步网页 req.getRequestDispatcher("/session/index.jsp").forward(req, resp);
}
else{
//1、重定向,客户端重新发送新的请求
resp.sendRedirect("session/login.jsp?username=" + username + "&authority=" + authority);
//2、请求转发
// req.setAttribute("username", username);
// req.setAttribute("password", password);
// req.setAttribute("authority", authority);
// RequestDispatcher rd = req.getRequestDispatcher("session/login.jsp");
// rd.forward(req, resp);
}
}
else if("2".equals(authority)){
//登录的是系统管理员
if("lisi".equals(username) && "456".equals(password)){
user.setUsername(username);
user.setPassword(password);
user.setAuthority(authority);
session.setAttribute("user", user);
req.getRequestDispatcher("/session/index.jsp").forward(req, resp);
}
else{
//1、重定向,客户端重新发送新的请求
resp.sendRedirect("session/login.jsp?username=" + username + "&authority=" + authority);
//2、请求转发
// req.setAttribute("username", username);
// req.setAttribute("password", password);
// req.setAttribute("authority", authority);
// RequestDispatcher rd = req.getRequestDispatcher("session/login.jsp");
// rd.forward(req, resp);
}
}
// 登录失败,防止用户通过地址栏的方式直接访问
else{
//1、重定向,客户端重新发送新的请求
resp.sendRedirect("session/login.jsp?username=" + username + "&authority=" + authority);
//2、请求转发
// req.setAttribute("username", username);
// req.setAttribute("password", password);
// req.setAttribute("authority", authority);
// RequestDispatcher rd = req.getRequestDispatcher("session/login.jsp");
// rd.forward(req, resp);
}
}
}
3、login.jsp
用户登录前端页面,用户可以输入相应代码
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<html>
<head>
<base href="<%=basePath%>">
head>
<body>
<% String username = request.getParameter("username");
String authority = request.getParameter("authority");
%>
<form action="UserLoginServlet" method="post">
username: <input type="text" name="username" value='<%= null == username ? "" : username %>'><br>
password: <input type="password" name="password"><br>
authority:
<select name="authority">
<option value="1" <%= "1".equals(authority) ? "selected='selected'" : ""%>>common user
<%= "2".equals(authority) ? "selected='selected'" : "" %>>administrator
submit" value="submit">
form>
body>
html>
4、index.jsp
验证正确的转向页面,可对不同权限的用户显示不同的功能按键。
<%@ page language="java" import="com.shengsiyuan.bean.User" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<html>
<head>
<base href="<%=basePath%>">
<title>My JSP 'index.jsp' starting pagetitle>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
head>
<body>
<% User user = (User)session.getAttribute("user");
if(null == user){
response.sendRedirect("session/login.jsp");
return;
}
%>
<a href="QueryServlet">querya><br>
<%if(((User)session.getAttribute("user")).getAuthority().equals("2")){ %>
<a href="UpdateServlet">updatea>
<%} %>
body>
html>
5、QueryServlet.jsp
查询功能
package com.shengsiyuan.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class QueryServlet extends HttpServlet
{
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException
{
HttpSession session = req.getSession();
//用户未登录
if(null == session.getAttribute("user")){
resp.sendRedirect("session/login.jsp");
return;
}
System.out.println("成功");
}
}
6、UpdateServlet.java
更新功能
package com.shengsiyuan.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.shengsiyuan.bean.User;
public class UpdateServlet extends HttpServlet
{
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException
{
HttpSession session = req.getSession();
//用户未登录
if (null == session.getAttribute("user")){
resp.sendRedirect("session/login.jsp");
return ;
}
User user = (User)session.getAttribute("user");
//普通用户
if("1".equals(user.getAuthority())){
System.out.println("失败");
}
//管理员
else {
System.out.println("成功");
}
}
}