好久没写 Web 程序了都忘了.临时用的.在网上搜搜写的.回忆一下当年刚上班时候的感觉.
大家看看是不是还有优化的地方,自己感觉不错 吼吼~~~
页面是 JSF 的,后台服务是一个主数据产品.
1.登录
@SuppressWarnings("unchecked") protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String username = request.getParameter("j_username"); String password = MD5.MD5Encode( request.getParameter("j_password")); String page = request.getContextPath() + "/faces/error.jsp"; // 未通过 // 主数据产品调用后台服务 LinkedHashMap<String, String> params = new LinkedHashMap<String, String>(); params.put("uid", username); params.put("password", password); String requestId = new Long((long) (Long.MAX_VALUE * Math.random())).toString(); Collection roles = new ArrayList(); roles.add("LoginClass"); try { DocumentRoot responseDocRoot = TCRMServices.invokeTCRMInquiry(requestId, "LoginClass", "zh", roles, "loginCompositeTxnBP", params); String resultCode = responseDocRoot.getTCRMService().getTxResponse().getTxResult().getResultCode(); // SUCCESS || FATAL if (resultCode.equals("SUCCESS")) { request.getSession().setAttribute("uid", username); page = request.getContextPath() + "/faces/index.jsp"; //成功 } } catch (Exception e) { // new CommonModelException("用户名和密码验证失败"); // 知道这样的处理不好,但产品特性,查询为空就抛异常.一时也没想到好的处理办法. } response.sendRedirect(page); }
2. 注销
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String exitPage = request.getParameter("logoutExitPage"); logger.debug("Logout exit page: " + exitPage); if (exitPage == null) { exitPage = "login.jsp"; } request.getSession().invalidate(); response.sendRedirect(exitPage); }
3. 过滤器
public class CheckLoginFilter implements Filter { public void destroy() { } public void init(FilterConfig filterConfig) throws ServletException { } public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; String uid = (String) request.getSession().getAttribute("uid"); String request_uri = request.getRequestURI().toLowerCase();// 得到用户请求的URI String ctxPath = request.getContextPath();// 得到web应用程序的上下文路径 // 登录和错误页面不过滤 if (request_uri.substring(ctxPath.length()).equals("/faces/login.jsp") || request_uri.substring(ctxPath.length()).equals("/faces/error.jsp")) { filterChain.doFilter(servletRequest, servletResponse); return; } // 另一个系统,要直接嵌入我们的数据页面.封装好的包.登录验证 if (LoginReclaim.getInstance().login(request)) { // 已经通过身份认证服务器认证 String username = LoginReclaim.getInstance().getUid(request);// 取得登录用户工号 request.getSession().setAttribute("uid", username); filterChain.doFilter(servletRequest, servletResponse); return; } // 用户登录验证 if (uid == null || "".equals(uid)) { // response.sendRedirect(request.getContextPath() + // "/faces/error.jsp"); PrintWriter out = response.getWriter(); //感觉这里写的挺有意思的,在网上查的. out.write("<script>window.top.location.href ='"+ request.getContextPath()+"/faces/error.jsp'</script>"); // request.getRequestDispatcher("/faces/error.jsp").forward(request, response); } else { filterChain.doFilter(servletRequest, servletResponse); } } }