Login system in .jsp
I have a login.jsp
page which contains a login form. Once logged in the user will be taken to index.jsp
and this index.jsp
should know which user is logged i开发者_运维知识库n. If the user refreshes the page he will stay logged in and not taken back to the login.jsp
. So there need to be some sort of session.
UPDATE Session Management
Once the user has logged in you should add something to the session, such as the user name, to indicate the user is logged in.
You might then like to add a servlet filter that detects whether a request is coming from someone who is logged on by checking for a user name on the session. If the person is not logged on your filter can send the request to your login.jsp instead of the actual page they requested. Using a filter like this means you don't have to write any logon detection and redirecting in your JSP pages.
Finally you might want to provide a logout option which kills the session with session.invalidate();
This can be done by using the session object:
<%
String name = "testme";
session.setAttribute( "theName", name ); //write as an attribute in the session object
%>
and some time later you can do:
<% String name= session.getAttribute("theName")%> // retireve the attribute from the session
check here for a simple introduction: http://www.jsptut.com/Sessions.jsp
Use request.getSession()
to begin a new session. There you can save(using setAttribute
method) your own Java objects which will be there during the whole session.
精彩评论