【Servlet】连接MySQL实现验证密码登录(附带详细解析及lib附件)
这几天一直在反复学习的内容,Servlet,Filter,Session,MySQL,jsp。
今天以一个完整的小项目作为BS入门基础的总结。
用户在jsp页面上输入用户名和密码,经过filter进入servlet,与数据库中的数据进行匹配,密码和用户名输入正确则跳转欢迎界面,否则返回登录页面重新输入。
项目ProjectOne_FirstTryBS 有:
src底下有:四个package(servlet,filter,model,util)和一个数据库配置文件jdbc.properties。
WebContent底下有:jsp,META-INF,WEB-INF和web.xml。
具体索引如图:
lib里面有很多类库,我压缩成.rar放在资源上了。
我这里用的是tomcat3.0,所以web.xml是不用自己配置的。
首先,我写了三个jsp页面:login.jsp ,error.jsp,welcome.jsp。login负责用户输入用户名和密码,是个登录页面;error是用户输入错误时跳转的一个中转页面;welcome是登陆成功的欢迎页面。images文件夹里面有一张背景图片bg.jpg。
login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <%@ page import="javax.servlet.http.*" %> <%@ page import="com.yan.model.User"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>JSP登陆界面</title> </head> <body style="background:url('images/bg.jpg') no-repeat;"> <div style="text-align:center; position:absolute; top:30%; left:45%" > <div style="width:100px; margin:0 auto;" > <form name="form" action="../../ProjectOne_FirstTryBS/checkservlet" method="post" > <h4>用户名:</h4><input type="text" name="username" ><br> <h4>密 码:</h4><input type="password" name="passwd" ><br><br> <input type="submit" name="submit" value="登录"> <input type="reset" name="reset" value="重置"> </form> </div> </div> </body> </html>form标签下action指向你项目下的servlet文件,因为servlet里面有验证数据库中的用户名和密码,而filter是默认每一个请求之后都会进入的。在正常情况下,应该是通过filter进入servlet的。
error.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>中转站界面</title> </head> <body style="background:url('images/bg.jpg') no-repeat;"> <div style="text-align:center; position:absolute; top:30%; left:45%" > <div style="width:100px; margin:0 auto;" > <input type="submit" value="返回" onclick="window.location.href='login.jsp'" /> </div> </div> </body> </html>我的error.jsp上只有一个返回login.jsp的按钮,目的就是能让地址从servlet回到login.jsp
welcome.jsp
<%@page import="com.yan.model.User"%> <%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>jsp欢迎界面</title> </head> <body style="background:url('images/bg.jpg') no-repeat;"> <div style="text-align:center; position:absolute; top:30%; left:45%" > <div style="width:100px; margin:0 auto;" > <% User user = (User)session.getAttribute("user"); %> <div> <h4>用户的ID是:</h4><%=user.getId() %><br/> <h4>你的Name是:</h4><%=user.getName() %><br/> <h4>你的Password是:</h4><%=user.getPasswd() %><br/> </div> </div> </div> </body> </html>在脚本中,将user类放在session里面,获取用户输入的用户名和密码,以及数据库中对应的ID。
web.xml也放上来吧,至此,WebContent的内容就结束了。
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0"> <display-name>ProjectOne_FirstTryBS</display-name> <welcome-file-list> <welcome-file>index.html</welcome-file> <welcome-file>index.htm</welcome-file> <welcome-file>index.jsp</welcome-file> <welcome-file>default.html</welcome-file> <welcome-file>default.htm</welcome-file> <welcome-file>default.jsp</welcome-file> </welcome-file-list> </web-app>
jbdc.porpertise
#mysql DB properties #MYSQL_DB_DRIVER_CLASS=com.mysql.jdbc.Driver #MYSQL_DB_URL=jdbc:mysql://localhost:3306/UserDB //3306是我连接MySQL的端口号,你写你的 #MYSQL_DB_USERNAME=pankaj #MYSQL_DB_PASSWORD=pankaj123 #Oracle DB Properties ORACLE_DB_DRIVER_CLASS=oracle.jdbc.driver.OracleDriver #ORACLE_DB_URL=jdbc:oracle:thin:@192.168.100.36:1521:TFS ORACLE_DB_URL=jdbc:oracle:thin:@10.50.9.63:1521:orcl ORACLE_DB_USERNAME=PBYL1030 ORACLE_DB_PASSWORD=pbtestforhr2014 #Oracle DB Properties 2 ORACLE_DB_DRIVER_CLASS2=oracle.jdbc.driver.OracleDriver ORACLE_DB_URL2=jdbc:oracle:thin:@192.168.100.36:1521:easdbtest ORACLE_DB_USERNAME2=PBYL1030 ORACLE_DB_PASSWORD2=pbyl20140418fortest mysqldriverclass=com.mysql.jdbc.Driver mysqljdbcurl=jdbc:mysql://主机IP地址:端口号/库名 mysqluser=root mysqlpassword=你的登录MySQL的密码
OracleConnection.java
package com.yan.util; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; import java.sql.Connection; import java.sql.SQLException; import java.util.Properties; import javax.sql.DataSource; import org.apache.commons.dbcp.BasicDataSource; import org.apache.commons.dbutils.QueryRunner; public class OracleConnection { private static DataSource dataSource; private static void initOracle() { Properties props = new Properties(); InputStream in = null; //props.load(ToSaveErrlog.class.getClassLoader().getResourceAsStream("save2logdb.properties")); try { in = OracleConnection.class.getClassLoader() .getResourceAsStream("jdbc.properties"); props.load(in); } catch (FileNotFoundException e) { System.out.println("jdbc.properties not found"); e.printStackTrace(); } catch (IOException e) { System.out.println("read error in jdbc.properties "); e.printStackTrace(); } BasicDataSource dbcpDataSource = new BasicDataSource(); dbcpDataSource.setUrl(props.getProperty("mysqljdbcurl")); dbcpDataSource.setDriverClassName(props.getProperty("mysqldriverclass")); dbcpDataSource.setUsername(props.getProperty("mysqluser")); dbcpDataSource.setPassword(props.getProperty("mysqlpassword")); dbcpDataSource.setDefaultAutoCommit(true); dbcpDataSource.setMaxActive(10); dbcpDataSource.setMaxIdle(5); dbcpDataSource.setMaxWait(500); OracleConnection.dataSource = (DataSource)dbcpDataSource; System.out.println("Initialize dbcp..."); } public static Connection getConnection() { try { if(OracleConnection.dataSource==null){ initOracle(); return OracleConnection.dataSource.getConnection(); }else { return OracleConnection.dataSource.getConnection(); } } catch (SQLException e) { e.printStackTrace(); } return null; } public static QueryRunner getQueryRunner(){ if(OracleConnection.dataSource==null){ initOracle(); return new QueryRunner(OracleConnection.dataSource); }else { return new QueryRunner(OracleConnection.dataSource); } } }
User.java,里面放的变量对应你数据库里面的字段,比如说我数据库中有三个字段id,name,passwd;那么User.java里面的三个String也应该是id,name,passwd。
其中,name和passwd是用户自定义的,而id是用户不知道的,我在数据库中对id的定义是(写的不是正规语法,你们看得懂就行):
'id' (int(8), NOT NULL, AUTO INCREMENT, PRIMARY KEY)
下面是User.java
package com.yan.model; import java.io.Serializable; public class User implements Serializable { private static final long serialVersionUID = -1734127774270588940L; private String id; private String name; private String passwd; public String getId() { return id; } public void setId(String id) { this.id = id; } public String getName() { return name; } public void setName(String name) { this.name = name; } public String getPasswd() { return passwd; } public void setPasswd(String passwd) { this.passwd = passwd; } }
LogFilter.java
package com.yan.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; //日志过滤器,记录登录过滤信息,可以显示在console,也可以录入数据库 @WebFilter(filterName = "logfilter",urlPatterns = {"/*"}) public class LogFilter implements Filter { private FilterConfig fConfig; public void init(FilterConfig fConfig) throws ServletException { this.fConfig = fConfig; } public void destroy() { this.fConfig = null; } //核心过滤部分 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { /*---------下面代码用于对用户请求执行预处理---------*/ //获取ServletContext对象,用于记录日志 ServletContext context = this.fConfig.getServletContext(); long before = System.currentTimeMillis(); System.out.println("开始过滤..."); //将请求转换成HttpServletRequest请求 HttpServletRequest hrequest = (HttpServletRequest)request; //记录日志 context.log("Filter已经截获到用户的请求地址: " + hrequest.getServletPath()); //Filter只是链式处理,请求依然放行到目的地址 chain.doFilter(request, response); /*---------下面代码用于对服务器响应执行后处理---------*/ long after = System.currentTimeMillis(); //记录日志 context.log("过滤结束"); //再次记录日志 context.log("请求被定位到" + hrequest.getRequestURI() + "所花的时间为: " + (after - before)); } public LogFilter() {} }
AuthorityFilter.java
package com.yan.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.annotation.WebFilter; import javax.servlet.annotation.WebInitParam; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; //登录过滤器,记录用户是否登录 @WebFilter(filterName = "authorityfilter", urlPatterns = {"/*"}, initParams = { @WebInitParam(name = "encoding", value = "GBK"), @WebInitParam(name = "loginPage", value = "/jsp/login.jsp"), @WebInitParam(name = "checkservlet", value = "/checkservlet"), @WebInitParam(name = "proLogin", value = "/jsp/welcome.jsp") }) public class AuthorityFilter implements Filter { private FilterConfig fConfig; public AuthorityFilter() {} public void destroy() { this.fConfig = null; } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { //获取该filter的配置参数 String encoding = fConfig.getInitParameter("encoding"); String loginPage = fConfig.getInitParameter("loginPage"); String proLogin = fConfig.getInitParameter("proLogin"); String checkservlet = fConfig.getInitParameter("checkservlet"); //设置request编码用的字符集 request.setCharacterEncoding(encoding); HttpServletRequest requ = (HttpServletRequest)request; HttpSession session = requ.getSession(true); //获取客户请求页面 String requestPath = requ.getServletPath(); //如果session范围的user为null,即没有登录 //并且用户请求的既不是登陆页面,也不是处理登录的页面 /* 1.如果user为null,即从未登陆过,应该跳转login页面 * 2.如果用户访问的不是login页面,应该跳转login页面 * 3.如果用户没有访问过checkservlet,应该跳转login页面 * */ if(session.getAttribute("user") == null && !requestPath.endsWith(loginPage) && !requestPath.endsWith(checkservlet)) { //forward到登录页面 request.setAttribute("tip", "您还没有登录"); request.getRequestDispatcher(loginPage).forward(request, response); } else { //“放行”请求 chain.doFilter(request, response); } } public void init(FilterConfig fConfig) throws ServletException { this.fConfig = fConfig; } }
CheckServlet.java 的流程主要是:从login.jsp提取参数,连接数据库,判断,跳转
package com.yan.servlet; import java.io.IOException; import java.sql.ResultSet; import java.sql.SQLException; import java.util.ArrayList; import java.util.List; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import javax.swing.JOptionPane; import org.apache.commons.dbutils.handlers.BeanListHandler; import com.mysql.jdbc.Connection; import com.mysql.jdbc.PreparedStatement; import com.yan.model.User; import com.yan.util.OracleConnection; import java.awt.*; import javax.swing.*; import java.util.regex.*; @WebServlet("/checkservlet") public class CheckServlet<AttenAudit> extends HttpServlet { private static final long serialVersionUID = 1L; public CheckServlet() { super(); } public void process (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { System.out.println("现在开始执行CheckServlet.java"); String u = request.getParameter("username"); String p = request.getParameter("passwd"); String sql = "select * from User where name = ? and passwd = ? " ; //u和p放在Object里面传给userList List<User> userList = new ArrayList<User>(); try { userList = OracleConnection.getQueryRunner().query(sql, new BeanListHandler<User>(User.class),new Object[]{u,p}); } catch (SQLException e) { e.printStackTrace(); } //userList的内容不为空代表输入的用户名和密码的组合在数据库中存在;为空则表示用户名或者密码错误 if(userList.size()>0) { HttpSession session = request.getSession(true); session.setAttribute("user", userList.get(0)); //取userList里面的第一组值Object[u,p] request.getRequestDispatcher("/jsp/welcome.jsp").forward(request, response); } else { JOptionPane.showMessageDialog(null, "用户名或密码错误,请重新输入!", "哎呀呀", JOptionPane.WARNING_MESSAGE); //response.sendRedirect("../jsp/error.jsp"); request.getRequestDispatcher("/jsp/error.jsp").forward(request, response); } } protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { process(request, response); } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { process(request, response); } }
首先你要启动tomcat,然后在浏览器中输入http://localhost:8080/ProjectOne_FirstTryBS/login.jsp,进入login.jsp
输入错误的话,会有弹窗,然后console上也会有所反映。
跳转到error.jsp,再回到login.jsp。输入正确的话,
可以从通过以下语句传参,再从welcome.jsp提取。
request.getRequestDispatcher("/jsp/welcome.jsp").forward(request, response);
以上,就是全过程。
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。