User basic data browsing process
=====================================================================================================================================================
Let us enter the theme now -
PetStore
Business logic, the author takes the user's basic data browsing process as an example, please activate
Cloudscape
database:
Cloudscape -start
Figure
1
Activate the database
Connect
RI Application Server
application server
)
:
J2EE -VERBOSE
Figure
2
activation
RipetStore
After the system is activated, please turn on the browser, enter
Http: // localhost: 8080 / petstore / index.jsp
Figure
3
enter
PetStore
system
Enter the system to see the big parrot head, please click on the right corner
Account "
link,
Enter the user login process:
Figure
4 PetStore
Homepage
We will see the login screen and use the preset user directly.
(J2EE)
Password
(J2EE)
,
Select
"SIGN IN"
button:
Figure
5
Login picture
Seeing the following shows that the personal information screen means that we have successfully logged in!
Figure
6
Personal information screen
If we press the browser at this time
"
Previous page
"
Net button Back to Home:
Figure
Seduce
Return to the home page
Press the upper right corner
Account "
Connect, it will find the picture directly to the personal information screen:
Figure
8
Personal information screen
Please note the picture
4 PetStore
Home screen appears in the lower left corner of the page
URL: http: // localhost: 8080 / petstore / Customer.do
It is actually a picture
6
Personal information screen, but the system does not directly from the map
4
Jump to the picture
6
And change first
5
Log in to the screen, ask us to do login action, enter account number and password, and jump after the verification is successful.
6
If you enter your personal information from the homepage again, the system will not ask for login again, there are two key points here:
Signonfilter
: If the user enters the page is protected, the system will first turn the screen to the login screen, requiring logins.
2.customer.do
: It represents a combination of action plus a picture, in this case, read personal information from the database, constitute complete
HTML
Screen display.
Signonfilter
The author divides the user into the process of entering the user's basic data browsing screen:
1.
Users want to enter the user basic data browsing screen
(Customer.do)
, Due to not logged in, was
Signonfilter
Intercept, go to the login screen
(signon.screen)
.
2.
User input account and password
"SUMIT"
Afterwards, again
Signonfilter
Intercept,
Signonfilter
It is also responsible for account, password queues, and after confirming, turn web page
(Forward)
To the first stage, users want to enter the user basic data browsing screen
(Customer.do)
.
3.
Repeat the first phase of action,
Signonfilter
Check that users have logged in, release transduction to user basic information browsing screens
(Customer.do)
.
The first stage
Want to observe
Servlet Filter
, First understand its impact, please open
Deploytool
Note
2)
Mouse point
PetStorewar
Select the right side
Filter mapping
The page will find this
Filter
The impact range is all pages.
Figure
9 Filter
Sphere of influence
Can also
Web.xml
See the settings, please refer to the previous narrative, please open it next
Signonfilter.java
, Its source location
PetStore_Home / SRC / Components / Signon / SRC / COM / SUN / J2EE / BluePrints / Signon / Web / Signonfilter.java
.
First look
Signonfilter
Initial action, about
87
Column:
Public void init (filterconfig config) throws servletexception {this.config = config; url protectedresourcesurl = null; try {//
Take
Signon-config.xml protected (). getresource ("/ web-inf / signon-config.xml); Signondao Dao = New Signondao (ProtectedResourcesURL); //
Read login failed screen
(signon_error.screen) signonerrorpage = DAO.GETSIGNONERRORPAGE (); //
Read login screen
(signon.screen) signonpage = DAO.GETSIGNPAGE (); //
Read all the desire to protect the screen, make up
Hashmap protectedresources = DAO.GETPROTECTEDRESOURES ();} catch (java.net.malformedurlexception ex) {system.err.println ("Signonfilter: Malformed URL Exception: EX);}}
It will read when it is initialized.
PetStore_Home / src / Apps / PetStore / SRC / DOCROOT / Web-INF / Signon-Config.xml
And make up
Data Access Object (DAO)
To facilitate subsequent program access
(
Note
3)
,this
xml
Profile
To log in the login screen, log in to the failed screen and all the pictures that you need to log in.
URL
, The following is
Signon-config.xml
Fragment:
Login picture ) -> Login failure screen ) -> ) -> Then please see Signonfilter The main function of actual operation DOFILTER () About 107 Column: public void doFilter (ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {HttpServletRequest hreq = (HttpServletRequest) request; String currentURI = hreq.getRequestURL () toString ();. String currentURL = hreq.getRequestURI (); // Get everything after the context root innter = currenturl.indexof ("/", 1); // jump paste the starting slash string targeturl = null; // Take the user wants to go URL In this example, Customer.do if (firstslash! = -1) targeturl = currenturl.substring (firstslash 1, currenturn.length ()); //// Judgment user from login screen (signon.screen) Verify IF ((targetURL! = null) && targeturl.equals (form_signon_ur)) {Validatesignon (Request, Response, Chain); // Jump Out of this method Return;} // check if the user is sign on // Check if the user is logged in, from Session Take out the login mark, as a judgment boolean signedOn = false; if (hreq.getSession () getAttribute (SIGNED_ON_USER) = null.!) {signedOn = ((Boolean) hreq.getSession () getAttribute (SIGNED_ON_USER).) booleanValue ();.} else {hreq.getSession () .SetaTAttribute (Signed_on_user, new boolean (false));} // jump to the resource if sign ON // End this Filter Work, enter Filter chain In this example, it is Filter chain Last one Filter So don't do anything, let the user enter his purpose picture IF (Signed) {chain.dofilter (Request, Response); Return;} // Find Out if the patterns match the target url // Want to go URL With all protection pictures URL Align, if you meet, import the login screen (Signon.screen) Iterator it = protectedResources.keySet () iterator ();. While (it.hasNext ()) {String protectedName = (String) it.next (); ProtectedResource resource = (ProtectedResource) protectedResources.get (protectedName ); String urlpattern = resource.geturlpattern (); // Now check agains the targeturl // If it is in line with the purpose URL Deposit Session And transfer to the login screen, end Filter the work if (urlPattern.equals (targetURL)) {// put the orginal url in the session so others can access hreq.getSession () setAttribute (ORIGINAL_URL, targetURL);.. config.getServletContext () getRequestDispatcher ( "/" signOnPage) .forward (request, response); // jump out of the filter and go to the next page return;}} // no matches if we worth it to here chain.dofilter (request, response);} Signonfilter First obtain the purpose of the user URL (Customer.do) , Judging that the user did not log in, starting alignment URL Whether in the protection screen, discovery Customer.do To protect the screen Customer.do This purpose URL Deposit Session ,will REQUEST Transfer to login screen (signon.screen) , Ask the user to log in to the action. The first phase of the verification port said that we can join the reconnaissance program code to verify whether the program is running like the author, please join the two lines in Signonfilter.init (): public void init (filterconfig config "this servletexception {this. config = config; URL protectedResourcesURL = null; try {// Ze taken signon-config.xml protectedResourcesURL = config.getServletContext () getResource ( "/ WEB-INF / signon-config.xml");. SignOnDAO dao = new SignOnDAO ( ProtectedResourceSurl; // Read login failed screen (signon_error.screen) signonerrorpage = DAO.GETSIGNERRRORPAGE (); // Read login screen (Signon.Screen) SignonPage = DAO.GETSIGNPAGE (); // Please join the reconnaissance program code system .out.println ( "signOnPage =" signOnPage); System.out.println ( "signErrorPage =" signOnErrorPage); // read all the pictures to be protected, the composition HashMap protectedResources = dao.getProtectedResources ();} catch (java .net.MalformedURLException ex) {System.err.println ( "SignonFilter: malformed URL exception:" ex);}} doFilter () reconnaissance program code also added: public void doFilter (ServletRequest request, ServletResponse response, FilterChain chain) t hrows IOException, ServletException {HttpServletRequest hreq = (HttpServletRequest) request; String currentURI = hreq.getRequestURL () toString ();. String currentURL = hreq.getRequestURI (); // get everything after the context root int firstSlash = currentURL.indexOf ( "/", 1); // Jump Past the starting slash string targeturl = null; // Get the user wants to go to the URL, in this example, it is Customer.do if (firstslash! = -1) targetURL = CurrentURL.SUBSTRING (Firstslash 1, currenturn.length ()); // Please join the reconnaissance program code system.out.println ("targeturl =" targeturl; // Judgment the user verifies the work from the login screen ((targetURL! = Null) && targeturl.equals (form_signon_url) {Validatesignon (Request, Response, Chain); // Jump Out of this Method Return } // check if the user is sign on // Checks the user to log in, remove the login mark from the session, as the judgment Boolean Signedon = false; if (hReq.getSession (). GetAttribute (Signed_On_user)! = Null ) {Signedon = ((boolean) hreq.getations (). GetaTtribute (Signed_on_user)). BooleanValue ();} else {hreq.getations (). Setttribute (signed_on_user, new boolean);} // jump to the the the Resource if Signed ON // If you have already logged in, you will end this Filter work. Enter Filter Chain, in this case, it is the last Filter in Filter Chain, so it is not to do anything, let the user enters his purpose. Screen IF (Signed) {chain.dofilter (Request, Response); Return;} // Find Out if the pattern match The Target URL // Align the user to the URL of the user and all the protection screen URLs, if conformity Import login screen (Signon.Screen) iterator it = protectedresources.keyset (). Iterator (); while (it.hasnext ()) {STRIN g protectedName = (String) it.next (); ProtectedResource resource = (ProtectedResource) protectedResources.get (protectedName); String urlPattern = resource.getURLPattern (); // now check agains the targetURL // if they meet the destination URL will be saved Enter session, and transduce to the login screen, end the Filter work IF (URLPATTERN.EQUALS) {// please join the reconnaissance program code system.out.println ("URL matched! Urlpattern =" urlpattern); // Put The Orginal Url in The session so.............................. ..
