堆栈内存溢出
  简体   繁体   English

验证过滤器,以防止用户已经登录的情况下进入登录页面

[英]Authentication filter to prevent user from going to login page if he is already logged in

 原文  2011-08-19 13:18:11       java/ jsp/ authentication/ servlets/ servlet-filters

问题描述

I want to prevent user from going back to Login page if he already logged in 如果用户已经登录,我想防止其返回“登录”页面 

 if (req.getRequestURI().indexOf("Login.jsp") != -1 || req.getRequestURI().indexOf("LoginE.jsp") != -1) {

                   System.out.println("trtying to go to login");

                 //what should I write here to redirect the user to the page he was already in ??
             }

2 个解决方案

解决方案1
 1 已采纳  2011-08-19 14:48:00

Just check if the user is already logged in and then redirect to the desired target page. 只需检查用户是否已经登录,然后重定向到所需的目标页面即可。 Assuming that user represents the logged-in user which you've grabbed from the session, here's an example: 假设该user代表您已从会话中获取的登录用户,下面是一个示例: 

if (req.getRequestURI().indexOf("Login.jsp") != -1 || req.getRequestURI().indexOf("LoginE.jsp") != -1) {
    if (user != null) {
        response.sendRedirect("already-logged-in.jsp");
        return;
    }
}

where that page look something like 该页面看起来像什么 

<p>You appears to be already logged in. If you want to login as someone else, 
   please use the <a href="logout">logout</a> link to logout, or navigate to a
   different page by menu on the left hand side.</p>

I would also hide the link to the login page altogether when the user is already logged in, just to prevent that the user clicks that accidently or something. 当用户已经登录时,我也将全部隐藏到登录页面的链接,只是为了防止用户意外单击或单击某些东西。 

<c:if test="${empty user}">
    <a href="Login.jsp">Login</a>
</c:if>

Unrelated to the concrete problem, what's that with Login.jsp and LoginE.jsp ? 具体问题无关Login.jspLoginE.jsp什么? Is the one in native language and the other in English? 一个是母语的,另一个是英语的吗? You may want to invest some time in JSTL localization facilities. 您可能要花一些时间在JSTL本地化设施上。 How to internationalize a Java web application? 如何使Java Web应用程序国际化?

解决方案2
 0  2011-08-19 13:31:40

Depending on how your user got to the Login.jsp request, you may have lost the info about the previous request. 根据您的用户到达Login.jsp请求的方式,您可能会丢失有关上一个请求的信息。 Have you tried looking at the "Referer" header to see if the previous page is in there? 您是否尝试过查看“ Referer”标头以查看上一页是否在其中? You could use req.getHeaders("Referer"); 您可以使用req.getHeaders("Referer");

If there is no referrer information, you will have to manage a Session attribute for the user, called something like "lastRequestURL". 如果没有引荐来源信息,则必须为用户管理一个Session属性,称为“ lastRequestURL”。 That way you can retrieve it in your code above using: req.getSession().getAttribute("lastRequestURL") and redirect the user to that value. 这样,您可以使用req.getSession().getAttribute("lastRequestURL")在上面的代码中检索它,并将用户重定向到该值。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 当他尝试进入登录页面时,使用Java spring-security重定向已经登录的用户 - Redirect already logged in user with java spring-security when he tries to enter login page 用户已登录时从CAS登录页面重定向 - redirect from CAS login page when user is already logged in 如何确定登录页面上是否已经有用户登录? - How to determine on login page, if there is some user already logged? 用户登录jsp servlet后防止返回登录页面 - prevent back to login page after user is logged in jsp servlet 如果用户在注销后单击页面中的任何链接,则应将其重定向到登录页面。 我正在使用Spring MVC - If the user clicks on any link in the page after he has logged out, he should be redirected to login page. I am using Spring MVC Spring Security 4 Concurrency Control,想对错误登录或用户已经登录都使用 authentication-error-url - Spring Security 4 Concurrency Control, want to use authentication-error-url both for wrong login or user already logged 如果用户尚未登录Java servlet,如何重定向到jsp登录页面? - How to redirect to jsp login page, if user does not logged in already, Java servlet? 如何在没有过滤器身份验证的情况下允许访问登录页面 - how to allow access to login page without authentication from filter 从过滤器访问登录的用户 - Accessing logged user from a filter OpenId + JSF将用户重定向到他登录的页面? - OpenId+JSF redirect user to the page he login?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM