我有2个java web项目,一个是IdentityService,另一个是Client。客户端有 login.jsp ,它将表单中的数据发布到IdentityService中的 LoginServlet.java 。 LoginServlet.java 将对用户登录进行身份验证,并通过url将令牌,ID和用户名发送回 login.jsp 。之后, login.jsp 会将其添加到会话中以供进一步使用。
但是,从 LoginServlet 重定向的网址不包含任何参数,当我尝试打印时,所有参数都为null。这是我的代码:
的Login.jsp
<%
String user = request.getParameter("username");
String pass = request.getParameter("password");
String error = "";
if(user != null && pass != null && !user.equals("") && !pass.equals("")){
String url = "http://localhost:8082/IdentityServices/LoginServlet";
URL iurl = new URL(url);
HttpURLConnection connection = (HttpURLConnection)iurl.openConnection();
connection.setDoOutput(true);
connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
// Send POST output.
connection.setRequestMethod("POST");
java.io.DataOutputStream printout = new java.io.DataOutputStream(connection.getOutputStream ());
String content = "username=" + user + "&password=" + pass;
printout.writeBytes (content);
printout.flush ();
printout.close ();
//retrieve response from IS
java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(
(java.io.InputStream) connection.getContent()));
out.println("<h2>Successful Authentication using REST</h2>");
String line;
while ((line = reader.readLine()) != null) {
out.println(line + "<br>");
}
//session.setAttribute("token", request.getParameter("token"));
//session.setAttribute("uname", request.getParameter("username"));
//session.setAttribute("userid", request.getParameter("userid"));
//response.sendRedirect("http://localhost:8080/StackExchangeClient/catalog.jsp");
} else if(user != null && pass != null && (user.equals("") || pass.equals(""))){
// handle empty form or incomplete form
error = "Please enter username and password !";
}
%>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Login</title>
<link rel="stylesheet" type ="text/css" href="css/style.css">
</head>
<body class="body-center helvetica">
<div class = "text-align-center arial">
<h1><span class="color-red">Sale</span><span class="color-blue">Project</span></h1>
</div>
<div class = "border-bottom ">
<h2>Please login</h2>
</div>
<div>
<form method="POST" action="login.jsp">
<span class="font-small">Email or Username</span><br><input type="text" name="username" class="input-text">
<span class="font-small">Password</span><br><input type="password" name="password" class="input-text"><br><br>
<strong style="color:red;"><%out.println(error);%></strong><br>
<input type="submit" value="LOGIN" name="login" class="float-right button">
</form>
</div>
<br><br><br>
<p class="font-small"><strong>Don't have an account yet? Register <a href = "register.jsp" class="link"> here </a></strong></p>
<!-- for debugging -->
Hello <b><%= request.getParameter("uname") %></b>!
Hello <b><%= request.getParameter("token") %></b>!
Hello <b><%= request.getParameter("userid") %></b>!
</body>
LoginServlet.java
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
String user = request.getParameter("username");
String pass = request.getParameter("password");
if(user != null && pass != null && !user.equals("") && !pass.equals("")){
try {
//creating connection with the database
Connection con = DB.connect();
PreparedStatement ps =con.prepareStatement
("SELECT * FROM user WHERE username = ? AND password = ?;");
ps.setString(1, user);
ps.setString(2, pass);
ResultSet rs = ps.executeQuery();
if(rs.next()){
// user exist, generate token
String token = getToken();
String username = rs.getString("username");
int uid = rs.getInt("id");
response.sendRedirect("http://localhost:8080/StackExchangeClient/login.jsp?"+"token="+token+"&"+"uname="+username+"&"+"userid="+uid);
} else {
// user doesn't exist
out.println("tidak ada");
}
} catch( SQLException e) {
System.out.println(e);
}
}
}
public String getToken(){
Random random = new SecureRandom();
String token = new BigInteger(130, random).toString(32);
return token;
}
public void insertTokenDB(String token, String username) throws SQLException{
try {
Connection con = DB.connect();
Timestamp now = new Timestamp(new Date().getTime());
Statement newPS = con.createStatement();
newPS.executeUpdate("UPDATE user SET Token='"+token+"' ,createAt='"+now+"' WHERE username ='"+username+"'");
con.close();
} catch(Exception e) {
System.err.println("Got an login exception!");
System.err.println(e.getMessage());
}
}
我不明白,为什么它不会用我给出的参数重定向我....