Java 登录Servlet需要两次尝试
前言:总java nube 我有一个带有/index.jsp的新web应用程序,它正在通过一个登录servlet,然后如果在登录servlet期间一切正常,就转发到/web-INF/index.jsp Servlet:Java 登录Servlet需要两次尝试,java,jsp,servlets,login,forward,Java,Jsp,Servlets,Login,Forward,前言:总java nube 我有一个带有/index.jsp的新web应用程序,它正在通过一个登录servlet,然后如果在登录servlet期间一切正常,就转发到/web-INF/index.jsp Servlet: import java.io.*; import com.<co>.<app>.User; import java.sql.SQLException; import javax.servlet.http.Cookie; import javax.servl
import java.io.*;
import com.<co>.<app>.User;
import java.sql.SQLException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.ServletException;
import javax.naming.NamingException;
import javax.servlet.RequestDispatcher;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@WebServlet(name = "Login", urlPatterns = { "/Login" })
public class Login extends HttpServlet {
public Login() { super(); }
private static String userid = null;
private static String passwd = null;
private static final long serialVersionUID = 1L;
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
userid = request.getParameter("userid");
passwd = request.getParameter("passwd");
if (passwd.length()==0){ passwd = null; }
else { passwd.trim(); }
if (userid != null && passwd != null && passwd.length() != 0)
{
System.out.print("Going to see if "+userid+" can authenticate"+"\n");
int added = 0;
boolean existinguser = User.ExistingUser(userid);
boolean authenticated = false;
try {
authenticated = User.AuthenticateUser(userid, passwd);
} catch (NamingException e) {
response.sendRedirect("/<app>/?error");
}
System.out.print("Is "+userid+" an existing user? "+existinguser+"\n");
System.out.print(userid+" authenticated equals "+authenticated+"\n");
if (existinguser == true)
{
System.out.print("passed the existing IF \n");
if (authenticated == true)
{
System.out.print("passed the authenticated IF \n");
String user = User.GetUserID(userid);
String role = User.GetUserRole(userid);
Cookie userCookie = new Cookie("user",user);
Cookie roleCookie = new Cookie("role", role);
userCookie.setMaxAge(30*60);
roleCookie.setMaxAge(30*60);
response.addCookie(userCookie);
response.addCookie(roleCookie);
System.out.print("just added the cookies \n");
RequestDispatcher dispatcher = request.getRequestDispatcher("/WEB-INF/index.jsp");
System.out.print("setup the forward \n");
dispatcher.forward(request, response);
System.out.print("WHY THE !@#$ AM I LOGGING THIS??? \n");
}
else
{
response.sendRedirect("/<app>/?error");
}
}
else
{
try {
added = User.AddToApplication(userid);
} catch (SQLException e) {
response.sendRedirect("/<app>/?contactsupport");
}
if (added == 1)
{
response.sendRedirect("/<app>/?error");
}
else
{
response.sendRedirect("/<app>/?error");
}
}
}
else
{
response.sendRedirect("/<app>/?error");
}
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doGet(request, response);
}
}
但是,我已经移动了仪表板中的所有内容,以便由一个控制器进行预处理,该控制器正在验证用户是否仍然是用户并且他们仍然登录。将登录servlet设置为转发到仪表板的主控制器后。。一切都按计划进行。2注释:您应该始终尝试提供原始的servlet代码;您应该尝试使用JavaEE安全性,而不是自己执行安全性,然后重定向将由容器完成。很难说你到底在做什么。我将研究如何使用JavaEE安全性。非常感谢。
Going to see if <user> can authenticate
Is <user> an existing user? true
<user> authenticated equals true
passed the existing IF
passed the authenticated IF
just added the cookies
setup the forward.. goodbye!
WHY THE HELL AM I LOGGING THIS???
<c:choose>
<c:when test="${cookie.role.value==null}">
<c:redirect url="${baseURL}/?what" />
</c:when>
<c:otherwise></c:otherwise>
</c:choose>