为什么我在按下提交按钮时将URL设置为/ login / login?

时间:2018-03-28 06:34:46

标签: java jsp servlets servlet-filters

以下是我基于角色的身份验证的servlet程序

以下是Filter 

@WebFilter("/loginFilter")
public class LoginCheckFilter implements Filter {
  public void init(FilterConfig arg0) throws ServletException {}

  public void doFilter(ServletRequest req, ServletResponse resp,
                     FilterChain chain) throws IOException, ServletException { 
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) resp;
    HttpSession session = request.getSession();
    Boolean adminURI = request.getRequestURI().endsWith("login/admin/adminAccount");
    Boolean userURI = request.getRequestURI().endsWith("login/user/userAccount");
    System.out.println(session.getAttribute("userName"));
    if(request.getRequestURI().endsWith("/login")){
        chain.doFilter(req,resp);
    } else if(session.getAttribute("userName") != null && session.getAttribute("userRole").equals("user") && adminURI){
        request.getRequestDispatcher("index.jsp").forward(req,resp);
    } else if(session.getAttribute("userName") == null){
        request.getRequestDispatcher("index.jsp").forward(req,resp);
    } else
        chain.doFilter(req,resp);
  }

  public void destroy() {}
}

我已将此过滤器映射到/*模式,登录servlet为

   @WebServlet("/login")
public class LoginServlet extends HttpServlet {
    protected void doPost(HttpServletRequest request, HttpServletResponse response) 
         throws ServletException, IOException {
       String userName, password;
        userName = request.getParameter("userName");
        password = request.getParameter("password");

        LoginService loginService = new LoginService();

        DataAccessObject dataAccessObject = new DataAccessObject();
        dataAccessObject.setUserName(userName);
        dataAccessObject.setPassword(password);
        String result = loginService.authenticate(dataAccessObject);
        if(result.equals("admin")){
            HttpSession session = request.getSession();
            session.setAttribute("userName", userName);
            session.setAttribute("userRole", result);
            response.sendRedirect("admin/adminAccount");
            return;
        }
        else if(result.equals("user")){
            HttpSession session = request.getSession();
            session.setAttribute("userName", userName);
            session.setAttribute("userRole", result);
            response.sendRedirect("user/userAccount");
            return;
        }
    }
}

当我输入网址localhost:8080/login时,我会看到一个登录界面,但是当我输入id and password并按提交时,请求会发送到localhost:8080/login/login,我是servlet的新用户不明白为什么会这样。 我的index.jsp已登录其操作。当我将我的servlet映射到@WebServlet("/login/login")时,只有它似乎运行。我做错了什么? 我的理解是,在浏览器转到servlet之后,应该向localhost:8080/login/发出请求,然后根据条件将页面转移到localhost:8080/login/admin/adminAccount/user/userAccount ,我的index.jsp位于网络目录中的登录文件夹中。

以下是我的jsp代码

<form action="login" method="post">
  <table align="center">
    <tr>
      <td>Username</td>
      <td><input type="text" name="userName" /></td>
    </tr>
    <tr>
      <td>Password</td>
      <td><input type="password" name="password"/></td>
    </tr>
    <tr>
      <td></td>
      <td><input type="submit" value="Login"/></td>
    </tr>
  </table>
</form>

1 个答案:

答案 0 :(得分:0)

如果有人输入/login,您的jsp会被呈现,但是action="login"会将您(因为它相对)发送给[current location="/login"]/login

尝试将操作更改为action="/login"。这应该可以解决问题。

相关问题
最新问题