《Web系统开发》课程教学资源（教案讲义）实验四 基于MVC的Web系统开发

实验四基于MVC模式的Web系统开发（第4次实验，4学时，综合性）一、实验目的和要求1理解MVC设计模式。2.掌握基于MVC（Servlet+JSP+JavaBean相结合）开发JavaWeb系统。二、实验内容基于MVC（Servlet+JSP+JavaBean相结合）实现用户的登录注册功能。要求：用户信息至少包含：用户名和密码，用户名不能重复，注册时要求用户输入两次密码确认。三、实验原理MVC(JavaBean+JSP+Servlet相结合）适合开发复杂的Web应用，在这种模式下，Servlet负责处理用户请求并响应，JSP负责数据显示和与用户交互，JavaBean负责具体业务逻辑的处理。现在往往还引入DAO层（数据访问层），负责数据库的基本CRUD访问操作。分层架构的代码基本是按照【域模型层(domain)】→【数据访问层(dao、dao.impl)】→【业务处理层(service、service.impl)】一→【表现层(web.controller、web.UI、web.filter、web.listener)】→【工具类(util)】一→【测试类(junit.test)】的顺序进行编写的。四、实验步骤1.创建数据库testdb和tbuser数据表。2.创建工程DynamicWebProject。3.导入相关jar包（MySQL驱动，istl，DBCP，DBUtils）。4.建包(ycu.jsj.test4.entity，dao，service，servlet和util)。5.创建实体类User，IUserdao接口，Userdaolmpl实现类，UserService业务类，UserSerlvet，过滤器类EncodingFilter和LoginFilter，工具类JdbcUtils。6.页面的编写（login.jsp，regist.jsp）。7.创建公共页面（index.jsp和404.jsp）。五、参考程序1.ycu.jsj.test4.entity层实体类User.java（省略）：其成员变量的名称和类型与tb_user表的字段一一对应。2. ycu.jsj.test4.utils层（1）db.properties配置文件driverclassName=com.mysql.cj.jdbc.Driverurl=jdbc:mysql://localhost:33o6/testdb?usessL=false&serverTimezone=Asia/Shanghai8allowPublicKeyRetrieval=trueusername=rootpassword=123456initialsize=10maxActive=50

1 实验四 基于 MVC 模式的 Web 系统开发 （第 4 次实验，4 学时，综合性） 一、实验目的和要求 1. 理解 MVC 设计模式。 2. 掌握基于 MVC（Servlet+JSP+JavaBean 相结合）开发 Java Web 系统。 二、实验内容 基于 MVC（Servlet+JSP+JavaBean 相结合）实现用户的登录注册功能。 要求：用户信息至少包含：用户名和密码，用户名不能重复，注册时要求用户输入两次密码确认。 三、实验原理 MVC（JavaBean+JSP+Servlet 相结合）适合开发复杂的 Web 应用，在这种模式下，Servlet 负责处理用户请求并响应，JSP 负责数据显示和与用户交互，JavaBean 负责具体业务逻辑 的处理。现在往往还引入 DAO 层（数据访问层），负责数据库的基本 CRUD 访问操作。 分层架构的代码基本是按照【域模型层(domain)】→【数据访问层(dao、dao.impl)】→ 【业务处理层(service、service.impl)】→【表现层(web.controller、web.UI、web.filter、 web.listener)】→【工具类(util)】→【测试类(junit.test)】的顺序进行编写的。 四、实验步骤 1. 创建数据库 testdb 和 tb_user 数据表。 2. 创建工程 Dynamic Web Project。 3. 导入相关 jar 包（MySQL 驱动，jstl，DBCP，DBUtils）。 4. 建包（ycu.jsj.test4.entity，dao，service，servlet 和 util）。 5. 创建实体类 User，IUserdao 接口，UserdaoImpl 实现类，UserService 业务类，UserSerlvet，过滤器类 EncodingFilter 和 LoginFilter，工具类 JdbcUtils。 6. 页面的编写（login.jsp，regist.jsp）。 7. 创建公共页面（index.jsp 和 404.jsp）。 五、参考程序 1. ycu.jsj.test4.entity 层 实体类 User.java（省略）：其成员变量的名称和类型与 tb_user 表的字段一一对应。 2. ycu.jsj.test4.utils 层 （1）db.properties 配置文件 driverClassName=com.mysql.cj.jdbc.Driver url=jdbc:mysql://localhost:3306/testdb?useSSL=false&serverTimezone=Asia/Shanghai& allowPublicKeyRetrieval=true username=root password=123456 initialSize=10 maxActive=50

maxIdle=20minIdle=5maxWait=60000connectionProperties=useUnicode=true;characterEncoding=utf8defaultAutoCommit=truedefaultReadOnly=defaultTransactionIsolation=READ COMMITTED（2）本次实现使用DBCP连接池实现数据库连接。所以在该包中创建了JdbcUtils.java类，实现数据库的连接和释放连接：package ycu.jsj.mvcdemo.util,import java.io.InputStream,importjava.sql.Connection.import java.sql.ResultSet,importjava.sql.SQLException,import java.sql.Statement:import java.util.Properties,import javax.sql.DataSource,importorg.apache.commons.dbcp2.BasicDataSourceFactory,publicclass JdbcUtilsprivatestaticDataSourcedataSourcestaticftry InputStreamis=JdbcUtils.class.getResourceAsStream("/dbcpconfig.properties"),Propertiesprops=newProperties();props.load(is);dataSource=BasicDataSourceFactory.createDataSource(props),catch(Exceptione)thrownewRuntimeException(e);31/获取数据源1public staticDataSourcegetDataSourceOreturn dataSource,Ⅱ获取连接publicstaticConnectiongetConnection()throwsSQLExceptionreturndataSource.getConnection(),1/释放连接publicstaticvoidrelease(Connectionconn,Statementst,ResultSetrs)if(rs!=null)try (rs.closeO;catch(Exceptione)e.printStackTraceO;！rs = null,if(st I= null):try (st.close(),catch(Exceptione)e.printStackTraceO;st = null;

2 maxIdle=20 minIdle=5 maxWait=60000 connectionProperties=useUnicode=true;characterEncoding=utf8 defaultAutoCommit=true defaultReadOnly= defaultTransactionIsolation=READ_COMMITTED （2）本次实现使用 DBCP 连接池实现数据库连接。所以在该包中创建了 JdbcUtils.java 类，实现数据库 的连接和释放连接： package ycu.jsj.mvcdemo.util; import java.io.InputStream; import java.sql.Connection; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; import java.util.Properties; import javax.sql.DataSource; import org.apache.commons.dbcp2.BasicDataSourceFactory; public class JdbcUtils { private static DataSource dataSource; static{ try { InputStream is = JdbcUtils.class.getResourceAsStream("/dbcpconfig.properties"); Properties props = new Properties(); props.load(is); dataSource = BasicDataSourceFactory.createDataSource(props); } catch (Exception e) { throw new RuntimeException(e); } } //获取数据源 public static DataSource getDataSource(){ return dataSource; } //获取连接 public static Connection getConnection() throws SQLException{ return dataSource.getConnection(); } //释放连接 public static void release(Connection conn, Statement st, ResultSet rs){ if(rs != null){ try { rs.close(); } catch (Exception e) { e.printStackTrace(); } rs = null; } if(st != null){ try { st.close(); } catch (Exception e) { e.printStackTrace(); } st = null; }

if(conn /= null)(try conn.closeO),catch(Exceptione)e.printStackTrace0);conn=null;3.ycu.jsj.test4.dao层（1）IUserDao接口：其中的方法实现用户表的基本CRUD操作。package ycu.jsj.test4.dao,import java. util.List,importycu.jsj.test4.entity.User,public interface IUserDaof1获取所有用户信息public ListgetAllUser();1根据条件获取用户信息publicListgetUserByField(Stringusername, String sex),1获取指定ID的用户信息public User getUserById(int id);1获得总记录数，可用于分页处理等public int rowCount();冰**用户名是否可用，用于注册等业务*@paramusername*@return如果返回true表示该用户名已被使用）。如果返回false则尚未被使用）。*/public boolean isExistence(Stringusername)/#+净用于登录等业务*@param username*@return如果返回true表示该登录成功。如果返回false则表示登录失败。*/public boolean isExistence(Stringusername, String userpwd),用于注册等业务public boolean addUser(User user);1用于个人信息的修改public boolean updateUserlnfo(User user);1修改密码public boolean updateByPassword(int id, String password);1/删除一个用户记录public boolean deleteUserByld(int id);（2）Dao泛型类，实现对任意数据表的基本的CRUD操作。package ycu.jsj.test4.dao,import java.sql.Connection,import java.sql.SQLException;import java.util.List,importorg.apache.commons.dbutils.QueryRunner;import org.apache.commons.dbutils.handlers.BeanHandler;importorg.apache.commons.dbutils.handlers.BeanListHandler;importorg.apache.commons.dbutils.handlers.ScalarHandler;

3 if(conn != null){ try { conn.close(); } catch (Exception e) { e.printStackTrace(); } conn = null; } } } 3. ycu.jsj.test4.dao 层 （1）IUserDao 接口：其中的方法实现用户表的基本 CRUD 操作。 package ycu.jsj.test4.dao; import java.util.List; import ycu.jsj.test4.entity.User; public interface IUserDao { //获取所有用户信息 public List getAllUser(); //根据条件获取用户信息 public List getUserByField(String username, String sex); //获取指定 ID 的用户信息 public User getUserById(int id); //获得总记录数，可用于分页处理等 public int rowCount(); /** * 用户名是否可用，用于注册等业务 * @param username * @return 如果返回 true 表示该用户名已被使用）。如果返回 false 则尚未被使用）。 */ public boolean isExistence(String username); /** * 用于登录等业务 * @param username * @return 如果返回 true 表示该登录成功。如果返回 false 则表示登录失败。 */ public boolean isExistence(String username, String userpwd); //用于注册等业务 public boolean addUser(User user); //用于个人信息的修改 public boolean updateUserInfo(User user); //修改密码 public boolean updateByPassword(int id, String password); //删除一个用户记录 public boolean deleteUserById(int id); } （2）Dao 泛型类，实现对任意数据表的基本的 CRUD 操作。 package ycu.jsj.test4.dao; import java.sql.Connection; import java.sql.SQLException; import java.util.List; import org.apache.commons.dbutils.QueryRunner; import org.apache.commons.dbutils.handlers.BeanHandler; import org.apache.commons.dbutils.handlers.BeanListHandler; import org.apache.commons.dbutils.handlers.ScalarHandler;

importcom.sun.org.apache.bcel.internal.generic.NEW;import ycu.jsj.test4.util.JdbcUtilsimportycu.jsj.test4.util.ReflectionUtils;**封装了基本的CRUD方法，以供子类继承使用*使用DBUtils的QueryRunner提供其具体的实现*@authorHX*@param当前DAO处理的实体类*使用了DBUtils第三方工具实现对数据库的访问*publicclassDaoprivateQueryRunner queryRunner=null,private Class type,publicDaoOqueryRunner=newQueryRunner(JdbcUtils.getDataSource()type=ReflectionUtils.getSuperGenericType(getClass(O));1/返回T的一个集合publicListgetForList(Stringsql,Object..args)/可变参数：0~n任意类型Connection conn = null;tryconn=JdbcUtils.getConnectionO);return queryRunner.query(sql,newBeanListHandler(type),args);1catch(SQLExceptione)e.printStackTrace(),return null,1finallyJdbcUtils.release(conn),71/返回具体的一个值，例如总人数public E getFor Value(String sql, Object..args)!Connection conn=nulltry (conn=JdbcUtils.getConnection();return queryRunner.query(sql,newScalarHandler(),args)catch(SQLExceptione)e.printStackTraceO),return null;↓finally(JdbcUtils.release(conn);71返回一个T对象publicTget(Stringsql, Object...args)Connection conn=null;try (conn=JdbcUtils.getConnectionO;return queryRunner.query(sql,newBeanHandler(type),args);1catch(SQLExceptione)e.printStackTraceO);

4 import com.sun.org.apache.bcel.internal.generic.NEW; import ycu.jsj.test4.util.JdbcUtils; import ycu.jsj.test4.util.ReflectionUtils; /** * 封装了基本的 CRUD 方法，以供子类继承使用 * 使用 DBUtils 的 QueryRunner 提供其具体的实现 * @author HX * @param 当前 DAO 处理的实体类 * 使用了 DBUtils 第三方工具实现对数据库的访问 */ public class Dao { private QueryRunner queryRunner= null; private Class type; public Dao(){ queryRunner = new QueryRunner(JdbcUtils.getDataSource()); type = ReflectionUtils.getSuperGenericType(getClass()); } //返回 T 的一个集合 public List getForList(String sql, Object.args){ //可变参数：0~n 任意类型 Connection conn = null; try { conn = JdbcUtils.getConnection(); return queryRunner.query(sql, new BeanListHandler<>(type), args); } catch (SQLException e) { e.printStackTrace(); return null; } finally { JdbcUtils.release(conn); } } //返回具体的一个值，例如总人数 public E getForValue(String sql, Object.args){ Connection conn = null; try { conn = JdbcUtils.getConnection(); return queryRunner.query(sql, new ScalarHandler<>(), args); } catch (SQLException e) { e.printStackTrace(); return null; } finally { JdbcUtils.release(conn); } } //返回一个 T 对象 public T get(String sql, Object.args){ Connection conn = null; try { conn = JdbcUtils.getConnection(); return queryRunner.query(sql, new BeanHandler<>(type), args); } catch (SQLException e) { e.printStackTrace();

return null,1finallyJdbcUtils.release(conn);1***INSERTUPDATEDELETE*@paramconnection：数据库连接*@paramsql：SQL语句*@param.args：填充占位符的可变参数?public boolean update(String sql, Object..args)(Connection conn = null,;try (conn=JdbcUtils.getConnection();if(queryRunner.execute(sql, args)>0)return true,lelse!returnfalse,1 catch (SQLException e) e.printStackTraceO),returnfalse,finallyJdbcUtils.release(conn),（3）UserDaolmpl类package ycu.jsj.test4.dao,import java.util.List,importycu.jsj.test4.dao.Dao,importycu.jsj.test4.dao.IUserDaoimportycu.js.test4.entity.User:publicclassUserDaolmplextendsDaoimplementsIUserDao@Overridepublic List getAlIUserO !return getForList("select * from tb user");@Overridepublic ListgetUserByField(Stringusername, String sex)String sql-"select * from tb user where username like? and sex like?"returngetForList(sql,"%"+username+"%","%"+sex+"%");@Overridepublic User getUserByld(int id) return get("select * from tb user where id=?",id);@OverridepublicintrowCountOreturngetForValue("selectcount(*)fromtb_user");@Override

5 return null; } finally { JdbcUtils.release(conn); } } /** * INSERT UPDATE DELETE * @param connection:数据库连接 * @param sql ：SQL 语句 * @param args：填充占位符的可变参数 */ public boolean update(String sql, Object.args){ Connection conn = null; try { conn = JdbcUtils.getConnection(); if(queryRunner.execute(sql, args)>0){ return true; }else{ return false; } } catch (SQLException e) { e.printStackTrace(); return false; } finally { JdbcUtils.release(conn); } } } （ 3 ）UserDaoImpl 类 package ycu.jsj.test4.dao; import java.util.List; import ycu.jsj.test4.dao.Dao; import ycu.jsj.test4.dao.IUserDao; import ycu.jsj.test4.entity.User; public class UserDaoImpl extends Dao implements IUserDao { @Override public List getAllUser() { return getForList("select * from tb_user"); } @Override public List getUserByField(String username, String sex) { String sql="select * from tb_user where username like ? and sex like ?"; return getForList(sql, "%" + username + "%", "%" + sex + "%"); } @Override public User getUserById(int id) { return get("select * from tb_user where id=?", id); } @Override public int rowCount() { return getForValue("select count(*) from tb_user"); } @Override

publicboolean isExistence(String username)String sql ="select * from tb user where username=?"if(get(sql, username)!=null)return true,else!1return false;@OverridepublicbooleanisExistence(Stringusername,Stringuserpwd)String sql ="select * from tb_user where username-? and password=?";if(get(sql,username,userpwd)!=null)return true,lelsetreturnfalse,1@OverridepublicbooleanaddUser(User user)String sql ="insert into tb user(username,password,sex,question,answer,email) values(?,?,2,?,2,?)"returnupdate(sql,user.getUsername(),user.getPassword),user.getSex(),user.getQuestion()user.getAnswer(,user.getEmailO);@Overridepublic boolean updateUserlnfo(User user) !String username = user.getUsernameO);if(!isExistence(username))String sql = "update tb_user set username=?,password=?,sex=?,question=?,answer=?,email=?where id-?".return update(sql, user.getUsername(), user.getPassword(), user.getSex(), user.getQuestion(),user.getAnswerO,user.getEmailO,user.getldO),lelse!returnfalse,1@Overridepublic boolean updateByPassword(int id, String password) return update("update tb_user set password=? where id=?",password, id);@Overridepublic boolean deleteUserByld(int id) return update("delete from tb_user where id=?", id);4.ycu.jsj.test4.service层package ycu.jsj.test4.service,import ycu.jsj.test4.entity.User,import ycu.jsj.test4.dao.IUserDao,import ycu.jsj.test4.dao.UserDaolmplpublic class UserService IUserDao ud = new UserDaolmplO,1/登录publicboolean login(String username, String userpwd)returnud.isExistence(username,userpwd)6

6 public boolean isExistence(String username) { String sql = "select * from tb_user where username=?"; if(get(sql, username)!=null){ return true; }else{ return false; } } @Override public boolean isExistence(String username, String userpwd) { String sql = "select * from tb_user where username=? and password=?"; if(get(sql, username, userpwd)!=null){ return true; }else{ return false; } } @Override public boolean addUser(User user) { String sql = "insert into tb_user(username,password,sex,question,answer,email) values(?,?,?,?,?,?)"; return update(sql, user.getUsername(), user.getPassword(), user.getSex(), user.getQuestion(), user.getAnswer(), user.getEmail()); } @Override public boolean updateUserInfo(User user) { String username = user.getUsername(); if(!isExistence(username)){ String sql = "update tb_user set username=?,password=?,sex=?,question=?,answer=?,email=? where id=?"; return update(sql, user.getUsername(), user.getPassword(), user.getSex(), user.getQuestion(), user.getAnswer(), user.getEmail(), user.getId()); }else{ return false; } } @Override public boolean updateByPassword(int id, String password) { return update("update tb_user set password=? where id=?", password, id); } @Override public boolean deleteUserById(int id) { return update("delete from tb_user where id=?", id); } } 4. ycu.jsj.test4.service 层 package ycu.jsj.test4.service; import ycu.jsj.test4.entity.User; import ycu.jsj.test4.dao.IUserDao; import ycu.jsj.test4.dao.UserDaoImpl; public class UserService { IUserDao ud = new UserDaoImpl(); //登录 public boolean login(String username, String userpwd){ return ud.isExistence(username, userpwd);

71注册public int regist(User user)int flag,if(ud.isExistence(user.getUsernameO)flag=2：1/表示用户名已存在lelse:if(ud.addUser(user)flag=0;//注册成功felselflag=1；I/注册失败1return flag,15.ycu.jsj.test4.web层(1)UserServlet类package ycu.jsj.test4.web,import java.io.IOException;import java.lang.reflect.Method;import javax.servlet.ServletException,import javax.servlet.annotation.WebServlet,importjavax.servlet.http.HttpServlet,import javax.servlet.http.HttpServletRequest,importjavax.servlet.http.HttpServletResponse;import ycu.jsj.test4.entity.User,import ycu.jsj.test4.service.UserService;@WebServlet("*.do")//login.do,regist.do,logout.dopublic class UserServlet extends HttpServletprivate static final long serialVersionUID =IL;private UserService us = new UserServiceOprotected void doGet(HttpServletRequest request,HttpServletResponseresponse)throwsServletException, IOException doPost(request, response);7protected void doPost(HttpServletRequest request, HttpServletResponse response) throwsServletException, IOExceptionString servletPath = request.getServletPath(0);StringactionName=servletPath.substring(1,servletPath.lengthO-3)

7 } //注册 public int regist(User user){ int flag; if(ud.isExistence(user.getUsername())){ flag = 2; //表示用户名已存在 }else{ if(ud.addUser(user)){ flag = 0;//注册成功 }else{ flag = 1; //注册失败 } } return flag; } } 5. ycu.jsj.test4.web 层 （1）UserServlet 类 package ycu.jsj.test4.web; import java.io.IOException; import java.lang.reflect.Method; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import ycu.jsj.test4.entity.User; import ycu.jsj.test4.service.UserService; @WebServlet("*.do") //login.do,regist.do,logout.do public class UserServlet extends HttpServlet { private static final long serialVersionUID = 1L; private UserService us = new UserService(); protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doPost(request, response); } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String servletPath = request.getServletPath(); String actionName = servletPath.substring(1, servletPath.length()-3);

/利用反射机制获取actionName对应的方法try Methodmethod2this.getClassO.getDeclaredMethod(actionNameHttpServletRequest.class,HttpServletResponse.class),method.invoke(this, request, response);1catch (NoSuchMethodExceptione)e.printStackTraceO,catch(SecurityExceptione)e.printStackTraceO,↓ catch (Exception e)e.printStackTraceO,1Tprivate void login(HttpServletRequest request, HttpServletResponse response) throwsServletException,IOExceptionStringusername=request.getParameter("username");String userpwd=request.getParameter("userpwd"),if(us.login(username, userpwd)request.getSession(.setAttribute(request.getServletContext.getInitParameter("userSessonKey"),username),request.getSessionO.setMaxInactivelnterval(10*60);/注意：有效时间是以秒为单位String url=request.getParameter("returnUrl"),if(urll=null &&!("".equals(url)&&!("null".equals(url)response.sendRedirect(url),lelse!response.sendRedirect("index.jsp"),3lelse;request.setAttribute("Errorlnfo","loginFail")request.getRequestDispatcher("login.jsp").forward(request, response)77private void regist(HttpServletRequest request, HttpServletResponse response) throwsServletException,IOExceptionUser user = new UserO,user.setUsername(request.getParameter("username"),user.setPassword(request.getParameter("userpwd");user.setQuestion(request.getParameter("question")),user.setAnswer(request.getParameter("answer");user.setSex(request.getParameter("sex"),user.setEmail(request.getParameter("email"));注意：插入时需判断用户名是否重名。int flag = us.regist(user);

8 //利用反射机制获取 actionName 对应的方法 try { Method method = this.getClass().getDeclaredMethod(actionName, HttpServletRequest.class, HttpServletResponse.class); method.invoke(this, request, response); } catch (NoSuchMethodException e) { e.printStackTrace(); } catch (SecurityException e) { e.printStackTrace(); } catch (Exception e) { e.printStackTrace(); } } private void login(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException{ String username=request.getParameter("username"); String userpwd = request.getParameter("userpwd"); if(us.login(username, userpwd)){ request.getSession().setAttribute(request.getServletContext().getInitParameter("userSesson Key"), username); request.getSession().setMaxInactiveInterval(10*60); //注意：有效时间是以秒为单位 String url=request.getParameter("returnUrl"); if(url!=null && !("".equals(url)) && !("null".equals(url))){ response.sendRedirect(url); }else{ response.sendRedirect("index.jsp"); } }else{ request.setAttribute("ErrorInfo", "loginFail"); request.getRequestDispatcher("login.jsp").forward(request, response); } } private void regist(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException{ User user = new User(); user.setUsername(request.getParameter("username")); user.setPassword(request.getParameter("userpwd")); user.setQuestion(request.getParameter("question")); user.setAnswer(request.getParameter("answer")); user.setSex(request.getParameter("sex")); user.setEmail(request.getParameter("email")); //注意：插入时需判断用户名是否重名。 int flag = us.regist(user);

if(flag=0)/注册成功，将跳转到登录页面response.sendRedirect("login.jsp");felseif(flag==1)(//注册失败request.setAttribute("Errorlnfo", "registFail");request.getRequestDispatcher("regist.jsp").forward(request, response);lelse//flag--2request.setAttribute("Errorlnfo", "namelsUsed"),request.getRequestDispatcher("regist.jsp").forward(request, response),7private void logout(HttpServletRequest request, HttpServletResponse response) throwsServletException.IOExceptionString userSessonKey =request.getServletContextO.getlnitParameter("userSessonKey"),if(request.getSessionO.getAttribute(userSessonKey)!=null)request.getSession().invalidate0);response.sendRedirect("/test4/index.jsp");17（2）LoginFilter用户身份过滤器package ycu.jsj.test4.web,import java.io.IOException;import java.util.Arrays;import java.util.List,import javax.servlet.Filter:importjavax.servlet.FilterChainimportjavax.servlet.FilterConfigimportjavax.servlet.ServletExceptionimportjavax.servlet.ServletRequestimportjavax.servlet.ServletResponseimportjavax.servlet.annotation.WebFilterimportjavax.servlet.http.HttpServletRequest:importjavax.servlet.http.HttpServletResponse;@WebFilter("/*")public class LoginFilter implements Filter 1/从xml中取值String uncheckUrls =null;String userSessionKey=null;String rediretPage=null,public void destroyO

9 if(flag == 0){//注册成功，将跳转到登录页面 response.sendRedirect("login.jsp"); }else if(flag == 1){//注册失败 request.setAttribute("ErrorInfo", "registFail"); request.getRequestDispatcher("regist.jsp").forward(request, response); }else{//flag==2 request.setAttribute("ErrorInfo", "nameIsUsed"); request.getRequestDispatcher("regist.jsp").forward(request, response); } } private void logout(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException{ String userSessonKey = request.getServletContext().getInitParameter("userSessonKey"); if(request.getSession().getAttribute(userSessonKey) != null){ request.getSession().invalidate(); response.sendRedirect("/test4/index.jsp"); } } } （2）LoginFilter 用户身份过滤器 package ycu.jsj.test4.web; import java.io.IOException; import java.util.Arrays; import java.util.List; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @WebFilter("/*") public class LoginFilter implements Filter { //从 xml 中取值 String uncheckUrls =null; String userSessionKey=null; String rediretPage=null; public void destroy() { }

public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)throwsIOException,ServletException1/1.得到访问路径HttpServletRequest httpReq = (HttpServletRequest)request,HttpServletResponsehttpRes=(HttpServletResponse)response;String reqUrl = httpReq.getRequestURLO.toStringO,/String reqURI= httpReq.getRequestURI(),String servletPath = httpReq.getServletPathO,Stringl uncheckUrl =uncheckUrls.split(","),List urls =Arrays.asList(uncheckUrls.split(","),I/2.如果是属于不需要过滤的地址就直接放行方法结束if(urls.contains(servletPath)chain.doFilter(httpReq, httpRes);return,1//3.从session中获取sessionKey对应的值；若不存在则跳转到登陆页面Object user = httpReq.getSessionO.getAttribute(userSessionKey),if(user-=null))httpRes.sendRedirect(httpReq.getContextPathO+rediretPage+"?returnUrl="+reqUrl);/httpReq.getRequestDispatcher(rediretPage).forward(httpReq, httpRes),return,114若存在则放行：chain.doFilter(httpReq,httpRes);1publicvoidinit(FilterConfigfConfig)throwsServletExceptionrediretPage=fConfig.getServletContext().getlnitParameter("rediretUrl"),uncheckUrls=fConfig.getServletContext().getlnitParameter("uncheckUrls");userSessionKey=fConfig.getServletContextO.getlnitParameter("userSessonKey"),/（3）EncodingFilter编码过滤器package ycu.jsj.test4.web,importjava.io.IOExceptionimport javax.servlet.Filterimport javax.servlet.FilterChain,import javax.servlet.FilterConfig,import javax.servlet.ServletException,import javax.servlet.ServletRequest,importjavax.servlet.ServletResponseimportjavax.servlet.annotation.WebFilterimport javax.servlet.annotation.WebInitParam,10

10 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { //1.得到访问路径 HttpServletRequest httpReq = (HttpServletRequest)request; HttpServletResponse httpRes = (HttpServletResponse)response; String reqUrl = httpReq.getRequestURL().toString(); //String reqURI = httpReq.getRequestURI(); String servletPath = httpReq.getServletPath(); // String[] uncheckUrl = uncheckUrls.split(","); List urls = Arrays.asList(uncheckUrls.split(",")); //2.如果是属于不需要过滤的地址就直接 放行 方法结束 if(urls.contains(servletPath)){ chain.doFilter(httpReq, httpRes); return; } //3.从 session 中获取 sessionKey 对应的值；若不存在 则跳转到登陆页面 Object user = httpReq.getSession().getAttribute(userSessionKey); if(user==null){ httpRes.sendRedirect(httpReq.getContextPath()+rediretPage+"?returnUrl="+reqUrl); //httpReq.getRequestDispatcher(rediretPage).forward(httpReq, httpRes); return; } //4 若存在 则放行； chain.doFilter(httpReq, httpRes); } public void init(FilterConfig fConfig) throws ServletException { rediretPage=fConfig.getServletContext().getInitParameter("rediretUrl"); uncheckUrls=fConfig.getServletContext().getInitParameter("uncheckUrls"); userSessionKey=fConfig.getServletContext().getInitParameter("userSessonKey"); } } （3）EncodingFilter 编码过滤器 package ycu.jsj.test4.web; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.annotation.WebFilter; import javax.servlet.annotation.WebInitParam;