Java/Servlets/Authentication
Содержание
Authentication Filter
Gather a username and password, validates the user, then allows the user to access other pages.
<source lang="java">
import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class FormLogin extends HttpServlet {
public static String USER_KEY = "ServletLogin.user"; public static String FIELD_USER = "username"; public static String FIELD_PASSWORD = "password"; public void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, java.io.IOException { resp.setContentType("text/html"); java.io.PrintWriter out = resp.getWriter(); resp.setHeader("Expires", "Tues, 01 Jan 1980 00:00:00 GMT"); String uri = req.getRequestURI(); HttpSession session = req.getSession(); String user = (String) session.getAttribute(USER_KEY); if (user == null) { login(out, uri); return; } out.println("<html>"); out.println("<head>"); out.println("<title>Welcome</title>"); out.println("</head>"); out.println("<body>");out.println("
Welcome to our site!
"); out.println("");
out.println("</body>"); out.println("</html>"); out.flush(); } public void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, java.io.IOException { resp.setContentType("text/html"); java.io.PrintWriter out = resp.getWriter(); HttpSession session = req.getSession(true); String user = (String) session.getAttribute(USER_KEY); if (user == null) { String username = req.getParameter(FIELD_USER); String password = req.getParameter(FIELD_PASSWORD); if (!validUser(username, password)) { out.println("<html>"); out.println("<title>Invalid User</title>");out.println("<body>
" + "Invalid User!
");
out.println("Press the "Back" button to try again");out.println("
out.flush(); return; } session.setAttribute(USER_KEY, username); } resp.sendRedirect(req.getRequestURI()); } protected void login(java.io.PrintWriter out, String uri) throws java.io.IOException { out.println("<html>"); out.println("<head>"); out.println("<title>Login</title>");out.println("
Welcome! Please login
");out.println("out.println("
<form method=POST action=\"" + uri + "\">");
User ID: | "); out.println("<input type=text name=" + FIELD_USER + " size=30> |
Password: | "); out.println("<input type=password name=" + FIELD_PASSWORD + " size=10> |
");
out.println("<input type=submit value=\"Login\">");out.println("</form>
} protected boolean validUser(String username, String password) { boolean valid = false; if ((username != null) && (username.length() > 0)) { valid = username.equals(password); } return valid; }
}
</source>