Servlet实战——利用Session管理员权限验证
Session管理员实战权限验证Session管理员实战权限验证一、创建管理员表二、 登录页面三、Dao层Dao层接口Dao层Impl实现类四、entity实体类五、service业务方法实现类service接口serviceImpl实现类六、servletControllerJSPSession管理员实战权限验证一、创建管理员表create table manager(username varc
·
Session管理员实战权限验证
Session管理员实战权限验证
一、创建管理员表
create table manager(
username varchar(20) primary key,
password varchar(20) not null
)charset = utf8;
insert into manager(username,password) values('tom','123');
二、 登录页面
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>管理员登录</title>
</head>
<body>
<form action="/Servlet_code_demo1_war_exploded/loginMgr" method="post">
用户名:<input type="text" name="username"/></br>
密码:<input type="password" name="password"/></br>
<input type="submit" value="登录">
</form>
</body>
</html>
三、Dao层
Dao层接口
AdminDao:
package com.hyqwsq.servletSessionProject.Dao;
import com.hyqwsq.servletSessionProject.entity.Admin;
import java.util.List;
public interface AdminDao {
public List<Admin> selectAll();
}
ManagerDao:
package com.hyqwsq.servletSessionProject.Dao;
import com.hyqwsq.servletSessionProject.entity.Manager;
public interface ManagerDao {
// 权限登录验证,返回一个Manager
public Manager select(String username);
}
Dao层Impl实现类
AdminDaoImpl:
package com.hyqwsq.servletSessionProject.Dao.impl;
import com.hyqwsq.servletSessionProject.Dao.AdminDao;
import com.hyqwsq.servletSessionProject.entity.Admin;
import com.hyqwsq.servletSessionProject.utils.DbUtils;
import org.apache.commons.dbutils.QueryRunner;
import org.apache.commons.dbutils.handlers.BeanListHandler;
import java.sql.SQLException;
import java.util.List;
public class AdminDaoImpl implements AdminDao {
private QueryRunner queryRunner = new QueryRunner();
@Override
public List<Admin> selectAll() {
List<Admin> admins = null;
try {
admins = queryRunner.query(
DbUtils.getConnection(),
"select * from admin",
new BeanListHandler<Admin>(Admin.class)
);
return admins;
} catch (SQLException throwables) {
throwables.printStackTrace();
}
return null;
}
}
ManagerDaoImpl:
package com.hyqwsq.servletSessionProject.Dao.impl;
import com.hyqwsq.servletSessionProject.Dao.ManagerDao;
import com.hyqwsq.servletSessionProject.entity.Manager;
import com.hyqwsq.servletSessionProject.utils.DbUtils;
import org.apache.commons.dbutils.QueryRunner;
import org.apache.commons.dbutils.handlers.BeanHandler;
import java.sql.SQLException;
public class ManagerDaoImpl implements ManagerDao {
private QueryRunner queryRunner = new QueryRunner();
@Override
public Manager select(String username) {
try {
Manager manager = queryRunner.query(
DbUtils.getConnection(),
"select * from manager where username = ?",
new BeanHandler<Manager>(Manager.class),//封装成实体类对象
username);//参数
return manager;
} catch (SQLException throwables) {
throwables.printStackTrace();
}
return null;
}
}
四、Entity实体类
Admin:
package com.hyqwsq.servletSessionProject.entity;
public class Admin {
private String username;
private String password;
private String phone;
private String address;
public Admin(String username, String password, String phone, String address) {
this.username = username;
this.password = password;
this.phone = phone;
this.address = address;
}
public Admin() {
}
@Override
public String toString() {
return "Admin{" +
"username='" + username + '\'' +
", password='" + password + '\'' +
", phone='" + phone + '\'' +
", address='" + address + '\'' +
'}';
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getPhone() {
return phone;
}
public void setPhone(String phone) {
this.phone = phone;
}
public String getAddress() {
return address;
}
public void setAddress(String address) {
this.address = address;
}
}
Manager:
package com.hyqwsq.servletSessionProject.entity;
public class Manager {
private String username;
private String password;
public Manager() {
}
@Override
public String toString() {
return "manager{" +
"username='" + username + '\'' +
", password='" + password + '\'' +
'}';
}
public Manager(String username, String password) {
this.username = username;
this.password = password;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
五、Service业务方法实现类
Service接口
AdminService:
package com.hyqwsq.servletSessionProject.service;
import com.hyqwsq.servletSessionProject.entity.Admin;
import java.util.List;
public interface AdminService {
public List<Admin> showAllAdmin();
}
ManagerService:
package com.hyqwsq.servletSessionProject.service;
import com.hyqwsq.servletSessionProject.entity.Manager;
public interface ManagerService {
public Manager login(String username, String password);
}
ServiceImpl实现类
AdminServiceImpl:
package com.hyqwsq.servletSessionProject.service.impl;
import com.hyqwsq.servletSessionProject.Dao.AdminDao;
import com.hyqwsq.servletSessionProject.Dao.impl.AdminDaoImpl;
import com.hyqwsq.servletSessionProject.entity.Admin;
import com.hyqwsq.servletSessionProject.service.AdminService;
import com.hyqwsq.servletSessionProject.utils.DbUtils;
import java.util.List;
public class AdminServiceImpl implements AdminService {
private AdminDao adminDao = new AdminDaoImpl();
@Override
public List<Admin> showAllAdmin() {
List<Admin> admins = null;
try {
DbUtils.begin();
admins =adminDao.selectAll();
DbUtils.commit();
} catch (Exception e) {
DbUtils.rollback();
e.printStackTrace();
}
return admins;
}
}
ManagerServiceImpl:
package com.hyqwsq.servletSessionProject.service.impl;
import com.hyqwsq.servletSessionProject.Dao.ManagerDao;
import com.hyqwsq.servletSessionProject.Dao.impl.ManagerDaoImpl;
import com.hyqwsq.servletSessionProject.entity.Manager;
import com.hyqwsq.servletSessionProject.service.ManagerService;
import com.hyqwsq.servletSessionProject.utils.DbUtils;
public class ManagerServiceImpl implements ManagerService {
private ManagerDao managerDao = new ManagerDaoImpl();
@Override
public Manager login(String username, String password) {
Manager manager = new Manager();
try {
manager = null;
DbUtils.begin();
Manager temp = managerDao.select(username);
if(temp != null){
if(temp.getPassword().equals(password)){
manager = temp;
}
}
DbUtils.commit();
} catch (Exception e) {
DbUtils.rollback();
e.printStackTrace();
}
return manager;
}
}
六、Servlet
Controller
LoginMgrController:
package com.hyqwsq.servletSessionProject.servlet.controller;
import com.hyqwsq.servletSessionProject.entity.Manager;
import com.hyqwsq.servletSessionProject.service.ManagerService;
import com.hyqwsq.servletSessionProject.service.impl.ManagerServiceImpl;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* 业务内容:
* 访问查询所用用户信息的servlet需要验证是否登录
*/
@WebServlet("/loginMgr")
public class LoginMgrController extends HttpServlet {
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// 1. 处理乱码
req.setCharacterEncoding("UTF-8");
resp.setContentType("text/html;charset=utf-8");
// 2. 收参
String username = req.getParameter("username");
String password = req.getParameter("password");
// 3. 调用业务逻辑方法
ManagerService managerService = new ManagerServiceImpl();
Manager mgr = managerService.login(username,password);
// 4. 处理结果,流程跳转
if(mgr!=null){
//登录成功
//将管理员信息存储在Session里
HttpSession session = req.getSession();
session.setAttribute("mgr",mgr);
session.setMaxInactiveInterval(60*60);
//跳转 目标,方式
resp.sendRedirect("/Servlet_code_demo1_war_exploded/showallcontroller");
}else{
// mgr = null,表示登录失败,跳转会登录界面
resp.sendRedirect("/Servlet_code_demo1_war_exploded/loginMgr.html");
}
}
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
}
ShowAllAdminController:
package com.hyqwsq.servletSessionProject.servlet.controller;
import com.hyqwsq.servletSessionProject.entity.Admin;
import com.hyqwsq.servletSessionProject.entity.Manager;
import com.hyqwsq.servletSessionProject.service.AdminService;
import com.hyqwsq.servletSessionProject.service.impl.AdminServiceImpl;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.List;
@WebServlet("/showallcontroller")
public class ShowAllAdminController extends HttpServlet {
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
Manager manager = (Manager) session.getAttribute("mgr");
if(manager!=null){
AdminService adminService = new AdminServiceImpl();
List<Admin> adminList = adminService.showAllAdmin();
req.setAttribute("admins",adminList);
req.getRequestDispatcher("/showalljsp").forward(req,resp);
}else{
resp.sendRedirect("/Servlet_code_demo1_war_exploded/loginMgr.html");
}
}
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doPost(req, resp);
}
}
JSP
ShowAllAdminJSP:
package com.hyqwsq.servletSessionProject.servlet.jsp;
import com.hyqwsq.servletSessionProject.entity.Admin;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
@WebServlet("/showalljsp")
public class ShowAllAdminJSP extends HttpServlet {
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
req.setCharacterEncoding("UTF-8");
resp.setContentType("text/html;charset=utf-8");
List<Admin> adminList = (List)req.getAttribute("admins");
// 2.通过流打印结果显示
PrintWriter printWriter = resp.getWriter();
if(adminList != null){
printWriter.println("<html>");
printWriter.println( "<head>");
printWriter.println( "<meta charset = 'UTF-8'>");
printWriter.println( "<title>显示所有</title>");
printWriter.println( "</head>");
printWriter.println( "<body>");
printWriter.println( "<table border = '1'>");
printWriter.println( "<tr>");
printWriter.println( "<td>username</td>");
printWriter.println( "<td>password</td>");
printWriter.println( "<td>phone</td>");
printWriter.println( "<td>address</td>");
printWriter.println( "</tr>");
for(Admin admin : adminList){
printWriter.println( "<tr>");
printWriter.println( "<td>"+admin.getUsername()+"</td>");
printWriter.println( "<td>"+admin.getPassword()+"</td>");
printWriter.println( "<td>"+admin.getPhone()+"</td>");
printWriter.println( "<td>"+admin.getAddress()+"</td>");
printWriter.println( "</tr>");
}
printWriter.println( "</table>");
printWriter.println( "</body>");
printWriter.println("</html>");
}else{
printWriter.println("<html>");
printWriter.println( "<head>");
printWriter.println( "<meta charset = 'UTF-8'>");
printWriter.println( "<title>显示所有</title>");
printWriter.println( "</head>");
printWriter.println( "<body>");
printWriter.println( "<h3>当前没有数据</h3>");
printWriter.println( "</body>");
printWriter.println("</html>");
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
CSDN联合极客时间,共同打造面向开发者的精品内容学习社区,助力成长!
更多推荐
0
0- 0
已为社区贡献2条内容
所有评论(0)