只有登录成功后，才能访问一些页面（2种方法：1.通过判断sesssion是否为空）2.过滤器Filter

1. 通过判断sesssion是否为空.在每个页面顶部加上如下代码

<%
String username=(String)session.getAttribute("username");
if(username==null){
String contextPath=request.getContextPath();
response.sendRedirect(contextPath+"/login.jsp");
}
%>

2. 过滤器的实现：

CheckUserFilter.java:

package day22BaseFilter.CheckUser;

import java.io.IOException;
import java.util.Arrays;
import java.util.List;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class CheckUserFilter implements Filter {
private String checkSeesionKey;
private String redirectURL;
private List notCheckURLList;
public void destroy() {
// TODO Auto-generated method stub

}

public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
/*System.out.println("checkSeesionKey=  "+this.checkSeesionKey);
System.out.println("redirectURL=  "+this.redirectURL);
System.out.println("notCheckURLList=  "+this.notCheckURLList);*/

HttpServletRequest req=(HttpServletRequest)request;
HttpServletResponse res=(HttpServletResponse)response;
//获取Servlet的路径
String servletPath=req.getServletPath();
System.out.println("servletPath=  "+servletPath);
//获取Session
HttpSession session=req.getSession();
//1.若访问路径包含/login.jsp,/LoginServlet
if(this.notCheckURLList!=null&&this.notCheckURLList.contains(servletPath)){
//1.1 放行
chain.doFilter(request, response);
}else{
String username=(String)session.getAttribute(this.checkSeesionKey);
//2.若不包含以上2种
//2.1 从session获取用户名，若不空，放行；若空，重定向到redirectURL指向的页码
if(username!=null){
chain.doFilter(request, response);
}else{
String contextPath=req.getContextPath();
res.sendRedirect(contextPath+this.redirectURL);
}
}
}

public void init(FilterConfig filterConfig) throws ServletException {
// 读取web.xml文件中初始化参数
ServletContext sc=filterConfig.getServletContext();
String checkSessionKey=sc.getInitParameter("checkSessionKey");
this.checkSeesionKey=checkSessionKey;

String redirectURL=sc.getInitParameter("redirectURL");
this.redirectURL=redirectURL;

String[] notCheckURLListStr=sc.getInitParameter("notCheckURLList").split(",");
List notCheckURLList=Arrays.asList(notCheckURLListStr);
this.notCheckURLList=notCheckURLList;

}

}

Web.xml:

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <!--
<context-param>
<param-name>testContext</param-name>
<param-value>xxxxxxxx</param-value>
</context-param>
-->
<context-param>
<param-name>checkSessionKey</param-name>
<param-value>username</param-value><!-- 相当于setAttribute中的key -->
</context-param>

<context-param>
<param-name>redirectURL</param-name>
<param-value>/login.jsp</param-value>
</context-param>

<context-param>
<param-name>notCheckURLList</param-name>
<param-value>/login.jsp,/LoginServlet</param-value>
</context-param>

<filter>
<filter-name>CheckUserFilter</filter-name>
<filter-class>day22BaseFilter.CheckUser.CheckUserFilter</filter-class>
</filter>

<filter-mapping>
<filter-name>CheckUserFilter</filter-name>
<url-pattern>/*</url-pattern>

<dispatcher>REQUEST</dispathcher>

<dispatcher>FORWARD</dispathcher>

 </filter-mapping> <!-- 注册filter --> <filter> <filter-name>CharacterEncodingFilter</filter-name> <filter-class>day22BaseFilter.CharacterEncoding.CharacterEncodingFilter</filter-class> <init-param> <param-name>encoding</param-name> <param-value>utf-8</param-value>
</init-param> <init-param> <param-name>test2</param-name> <param-value>a2</param-value> </init-param> </filter> <filter-mapping> <filter-name>CharacterEncodingFilter</filter-name> <!-- 拦截所有的请求 --> <url-pattern>/*</url-pattern> <!-- 拦截单个的jsp请求 <url-pattern>/a/b.jsp</url-pattern>
拦截所有jsp的请求 <url-pattern>*.jsp</url-pattern> 拦截所有的*.do请求 <url-pattern>/*</url-pattern> 拦截指定的Servlet请求 <servlet-name>LoginServlet</servlet-name> --> </filter-mapping> <servlet> <servlet-name>LoginServlet</servlet-name> <servlet-class>day22BaseFilter.CharacterEncoding.LoginServlet</servlet-class>
</servlet> <servlet-mapping> <servlet-name>LoginServlet</servlet-name> <url-pattern>/LoginServlet</url-pattern> </servlet-mapping> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list></web-app>

LoginServlet.java:

package day22BaseFilter.CharacterEncoding;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class LoginServlet extends HttpServlet {

public LoginServlet() {
super();
}

public void destroy() {
super.destroy(); // Just puts "destroy" string in log
}

public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request,response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
//request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
HttpSession session=request.getSession();

String username=request.getParameter("username");
ServletContext sc=this.getServletContext();
String checkSessionKey=sc.getInitParameter("checkSessionKey");
if(checkSessionKey!=null){
session.setAttribute(checkSessionKey, username);
//session.setAttribute("username", username);
}

System.out.println("username=  "+username);

request.getRequestDispatcher("/purview.jsp").forward(request, response);

}

public void init() throws ServletException {
}

}

login.jsp同上一页

purview.jsp

<%@ page language="java" contentType="text/html; charset=utf-8"
pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
purview.jsp 主页面
<br/>
<a href="${pageContext.request.contextPath }/purview1.jsp">purview1.jsp</a>
<br/>
<a href="${pageContext.request.contextPath }/purview2.jsp">purview2.jsp</a>
<br/>
<a href="${pageContext.request.contextPath }/purview3.jsp">purview3.jsp</a>
<br/>
<a href="${pageContext.request.contextPath }/purview4.jsp">purview4.jsp</a>

<br/>
</body>
</html>

purview1~4.jsp:

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
<%
String username=(String)session.getAttribute("username");
if(username==null){
String contextPath=request.getContextPath();
response.sendRedirect(contextPath+"/login.jsp");
}
%>
purview1.jsp
<br/>
<a href="${pageContext.request.contextPath }/purview.jsp">purview.jsp</a>
<br/>

</body>
</html>

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
purview2.jsp
<br/>
<a href="${pageContext.request.contextPath }/purview.jsp">purview.jsp</a>
<br/>

</body>
</html>