堆栈内存溢出
  简体   繁体   English

如何在Java / JSP中隔离身份验证和用户注册

[英]How to isolate authentication and user registration in Java/JSP

 原文  2013-04-16 06:05:04       authentication/ servlets/ login

问题描述

In RegServlet class, I have a doGet() method that overrides the doStuff() method. 在RegServlet类中,我有一个doGet()方法重写了doStuff()方法。 doStuff() method takes the user input from an HTML registration form, then connects to the DB, then stores the user input into the DB. doStuff()方法从HTML注册表单获取用户输入,然后连接到DB,然后将用户输入存储到DB中。

Here is the doStuff() method in my RegServlet class: 这是我的RegServlet类中的doStuff()方法: 

public void doStuff(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, InstantiationException, IllegalAccessException, SQLException {
    String userName = request.getParameter("userName");
    ...
    String email = request.getParameter("email");

    if(!userName.isEmpty()&&!passWord.isEmpty()) {
        request.setAttribute("userName", userName);
        ...
        request.setAttribute("email", email);

        //connect to DB
        toDB.createConnection();

        //insert information to DB
        toDB.insertNewUser(userName, passWord, lastName, firstName, age, sex, email);
        RequestDispatcher view = request.getRequestDispatcher("login.jsp");
        view.forward(request, response);            
    } else {
        RequestDispatcher view = request.getRequestDispatcher("index.jsp");
        view.forward(request, response);
    }

If the register button is clicked after everything has been entered correctly, it leads me to a login.jsp page. 如果在正确输入所有内容后单击了注册按钮,则会将我带到login.jsp页面。 I am now trying to code the log-in mechanism in order for a user (who possesses username & password stored in the DB) to log in and search and add/drop courses. 我现在正在尝试对登录机制进行编码,以使用户(拥有存储在数据库中的用户名和密码)登录并搜索和添加/删除课程。

I am having a hard time because I am not sure how I should go about this. 我很难过,因为我不确定该怎么做。

How can I isolate user registration and authentication? 如何隔离用户注册和身份验证? Should I make another class for session management or just another method in this RegServlet class? 我应该为该会话管理创建另一个类还是该RegServlet类中的另一个方法?

1 个解决方案

解决方案1
 1 已采纳  2013-04-16 07:25:04

Implement your own HTTPServletFilter that check if a user is authenticated: 实现您自己的HTTPServletFilter,以检查用户是否已通过身份验证: 

public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException {
    if ("a user is authenticated") {
        filterChain.doFilter(req, res);
    } else {
        // authenticate a user
    }
}

The link show the basic of HTTPServletFilter: http://www.oracle.com/technetwork/java/filters-137243.html#70176 该链接显示了HTTPServletFilter的基本知识: http : //www.oracle.com/technetwork/java/filters-137243.html#70176

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 flutter中的用户注册和认证 - User registration and authentication in flutter 用户注册和认证 - User registration and authentication 如何在Java的课程注册系统中以用户身份登录 - How to login as a user in a course registration system in Java ASP.NET中的用户注册和身份验证 - User registration and authentication in asp .net 用户注册时使用Symfony 3 JWT身份验证 - Symfony 3 JWT authentication on user registration Django用户注册认证问题 - Django User Registration Authentication Problem JWT身份验证捆绑包,注册后如何授权用户 - Jwt authentication bundle, how to authorization user after registration Spring MVC默认身份验证如何添加用户/注册 - Spring MVC default Authentication How to add a user / registration R /闪亮的用户注册/认证 - R/shiny user registration/authentication 使用数据库用户进行jsp登录身份验证 - jsp login authentication with database user
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM