so deaktivieren Sie den direkten Zugriff auf Seiten mit der url für den jsp-Seiten

Habe ich eine web-Anwendung. Alles funktioniert einwandfrei.Aber, wenn der Benutzer nicht eingeloggt Sie können immer noch Zugriff auf andere jsp-Seiten durch url. Ich will halt den url-Zugriff. Ich sah einige Beispiel-es zeigt die Verwendung von filtern. Ich bin der neue Filter " ich weiß nicht, wie es zu implementieren. Ich bin mit servlets, dao-und jsp-Seiten.

Bitte schlägt mich, wie es zu tun. Ich möchte einen filter für alle jsp-Seiten oder servlets.

web.xml

<?xml version="1.0" encoding="UTF-8"?>

    <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
        <filter>
            <filter-name>MyFilter</filter-name>
            <filter-class>com.eis.servlet.MyFilter</filter-class>
        </filter>
        <filter-mapping>
            <filter-name>MyFilter</filter-name>
            <url-pattern>/*</url-pattern>
        </filter-mapping>
        <servlet>
            <servlet-name>login</servlet-name>
            <servlet-class>com.eis.servlet.LoginServlet</servlet-class>
        </servlet>
        <servlet>
            <servlet-name>DayWiseServlet</servlet-name>
            <servlet-class>com.eis.servlet.DayWiseServlet</servlet-class>
        </servlet>
        <servlet>
            <servlet-name>RegisterServlet</servlet-name>
            <servlet-class>com.eis.servlet.RegisterServlet</servlet-class>
        </servlet>
        <servlet-mapping>
            <servlet-name>login</servlet-name>
            <url-pattern>/LoginServlet</url-pattern>
        </servlet-mapping>
        <servlet>
            <servlet-name>RetrieveServlet</servlet-name>
            <servlet-class>com.eis.servlet.RetrieveServlet</servlet-class>
        </servlet>
        <servlet-mapping>
            <servlet-name>RetrieveServlet</servlet-name>
            <url-pattern>/RetrieveServlet</url-pattern>
        </servlet-mapping>
        <servlet>
            <servlet-name>TimeSheet</servlet-name>
            <servlet-class>com.eis.servlet.TimeSheet</servlet-class>
        </servlet>
        <servlet-mapping>
            <servlet-name>TimeSheet</servlet-name>
            <url-pattern>/TimeSheet</url-pattern>
        </servlet-mapping>
        <servlet-mapping>
            <servlet-name>DayWiseServlet</servlet-name>
            <url-pattern>/DayWiseServlet</url-pattern>
        </servlet-mapping>
        <servlet-mapping>
            <servlet-name>RegisterServlet</servlet-name>
            <url-pattern>/RegisterServlet</url-pattern>
        </servlet-mapping>
        <welcome-file-list>
            <welcome-file>/index.jsp</welcome-file>
        </welcome-file-list>
        <session-config>
            <session-timeout>15</session-timeout>
        </session-config>
    </web-app>

loginservlet.java

public class LoginServlet extends HttpServlet{  

    private static final long serialVersionUID = 1L;  

    @Override
    public void doGet(HttpServletRequest request, HttpServletResponse response)    
            throws ServletException, IOException {    


        response.setContentType("text/html");    
        PrintWriter out = response.getWriter();    

        String n=request.getParameter("Emp_id");    
        String p=request.getParameter("Pwd");   
        String Usertype=request.getParameter("usertype"); 


        HttpSession session = request.getSession(false);  
        if(session!=null){
        session.setAttribute("name", n);  
        session.setAttribute("usertype", Usertype);
        }
        if(LoginDao.validate(n,p)){    
            RequestDispatcher rd=request.getRequestDispatcher("/daywise.jsp");    
            rd.forward(request,response);    
        }    
        else{    
            out.print("<p style=\"color:red\">Sorry Employee ID or password error</p>");    
            RequestDispatcher rd=request.getRequestDispatcher("/index.jsp");    
            rd.include(request,response);  

        }    

        out.close();    
    }
     protected void doPost(HttpServletRequest request,
            HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request, response);
    }


}   

meinfilter:

public class MyFilter implements Filter{  

@Override
public void init(FilterConfig config) throws ServletException {}  

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {  

    HttpServletRequest req = (HttpServletRequest)request;
    HttpServletResponse resp = (HttpServletResponse)response;

        if(null==((String) req.getSession().getAttribute("empid")) || ((String) req.getSession().getAttribute("empid")).equals("")){
            chain.doFilter(req, resp);
    } else {
      resp.sendRedirect("/WebTimeSheet/index.jsp");
  }
    }  
@Override
    public void destroy() {}  
}  

Loginpage:

<form action="LoginServlet" method="post">  
    <fieldset style="width: 300px">  
        <legend> Login to App </legend>   
        <table>  
            <tr>  
                <td>User ID</td>  
                <td><input type="text" name="Emp_id" required="required" /></td>  
            </tr>  
            <tr>  
                <td>Password</td>  
                <td><input type="password" name="Pwd" required="required" /></td>  
            </tr> 
           <tr>  
                <td>User Type</td>  
                <td> <select name="usertype">
                <option>Employee</option>
                <option>Manager</option>
                <option>Admin</option>
            </select></td>   
            </tr>
            <tr>  
                <td><input type="submit" value="Login" /></td>  
            </tr>  
        </table>  
    </fieldset>  
</form>  
</body>  
<%@include file="/footer.jsp" %>
</html>  

und alle meine jsp-Seiten werden im web-pages Ordner außerhalb des Web-inf-Ordner. Web-inf-Ordner, habe Sie nur web.xml init

Header.jsp

 <c:choose>
             <c:when test="${usertype eq 'Employee'}">
        <div class="nav">      
            <ul><li class="container"><img src="${pageContext.request.contextPath}/images/enabling.jpg" /></li>
            <li class="current"><a href="WEB-INF/daywise.jsp">DayWise TimeSheet</a></li>
            <li><a href="WEB-INF/timesheet.jsp">Weekly TimeSheet</a></li>
            </ul>
        </div>
     </c:when>
     <c:when test="${usertype eq 'Manager'}">
        <div class="nav">      
            <ul><li class="container"><img src="${pageContext.request.contextPath}/images/enabling.jpg" /></li>
            <li class="current"><a href="/WEB-INF/daywise.jsp">DayWise TimeSheet</a></li>
            <li><a href="WEB-INF/timesheet.jsp">Weekly TimeSheet</a></li>
            <li><a href="WEB-INF/newemployee.jsp">Add New Employeer</a></li>
            <li><a href="WEB-INF/retrieve.jsp">Retrieve TimeSheet</a></li>
            </ul>
        </div>
     </c:when>
Können Sie diesem Tutorium Folgen über servlet-Filter für die Authentifizierung. brendangraetz.wordpress.com/2010/06/17/...

InformationsquelleAutor dpk | 2015-11-03

Schreibe einen Kommentar