?? 0059.htm
字號:
<html>
<head>
<title>新時代軟件教程:操作系統 主頁制作 服務器 設計軟件 網絡技術 編程語言 文字編輯</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<style>
<!--
body, table {font-size: 9pt; font-family: 宋體}
a {text-decoration:none}
a:hover {color: red;text-decoration:underline}
.1 {background-color: rgb(245,245,245)}
-->
</style>
</head>
<p align="center"><script src="../../1.js"></script></a>
<p align="center"><big><strong>JSP - FAQ (4)</strong></big></p>
<div align="right">摘自互聯網</div>
<p>
27) How are servlets and JSP pages related? TOC <br>
<br>
<br>
<br>
JSP pages are focused around HTML (or XML) with Java codes and JSP tags inside them. When a web server that has JSP support is asked for a JSP page, it checks to see if it has already compiled the page into a servlet. Thus, JSP pages become servlets and are transformed into pure Java and then compiled, loaded into the server and executed. Different JSP implementations do this in more or less efficient ways.<br>
<br>
28) Any good web sites for up to date activities in the Java/JSP/Servlet world? TOC <br>
<br>
<br>
<br>
The following web sites contain information about JSP:<br>
<br>
An IBM Tutorial on JSP: http://www.software.ibm.com/developer/education/java/online-courses.html <br>
An IBM Red Book : http://www.redbooks.ibm.com/abstracts/sg245423.html <br>
Other IBM Information: http://www.software.ibm.com/webservers/appserv/doc/v20dcadv/doc/index.html <br>
JSP-Resource Information - http://www.jspin.com/ is quite comprehensive on sites and articles. <br>
JSP Tags is a site for Taglibs - http://jsptags.com/ <br>
The following web sites focus on JSP solutions<br>
<br>
Servlets Taverne - http://www.interpasnet.com/JSS/<br>
Oi Servlet World - http://i.am/servletforme<br>
Web Development with JSP - http://www.burridge.net/jsp/<br>
<br>
29) How do I force a user to log in? TOC <br>
<br>
<br>
<br>
From: Andre Richards <AndreRic@MWEB.CO.ZA><br>
<br>
I did as follows:<br>
<br>
<br>
On every page which must be authenticated, I check for a user ID in the session object - if it doesn't exit, I do a redirect to a login page, passing the url the user was trying to access as a parameter.<br>
<br>
On the login page, if the user successfully logs in, I create a session for him/her, and add the user ID to the session. I then redirect back to the original page the user tried to access. This way, even if the user bookmarks a page, he/she will be asked to login once the session has become invalid.<br>
<br>
Some code:<br>
On every page I add the following:<br>
<br>
HttpSession session = request.getSession(true);<br>
if (session.getValue("CustomerID") == null) {<br>
response.sendRedirect (response.encodeRedirectUrl<br>
("Login.jsp?Origin=SharePortfolio.jsp"));<br>
}<br>
else {<br>
// the rest of the page ...<br>
In Login.jsp once the user has provided the correct logon credentials:<br>
<br>
session.putValue("CustomerID", CustomerID);<br>
response.sendRedirect(response.encodeRedirectUrl(request.getParameter("Origin")));<br>
<br>
<br>
--------------------------------------------------------------------------------<br>
<br>
<br>
Another developer has a different approach:<br>
<br>
From: Christopher Cobb <ccobb@usgs.gov><br>
<br>
<br>
After researching several approaches, I have finally settled on the following approach. I would like to hear how others<br>
are solving this problem. (FAQ maintainers note: This syntax won't work with JSP 1.0)<br>
<br>
1. User accesses GuardedPage.jsp via<br>
<br>
http://localhost/path/to/GuardedPage.jsp<br>
2. GuardedPage.jsp includes a login checking page:<br>
<br>
<!--#include file="/admin/" file="LoginChecker.jsp" --><br>
Every page that needs to be login-protected should include this file (which, depending on how your site is set up, may be<br>
every page.)<br>
<br>
3. LoginChecker.jsp accesses a bean that does the login checking:<br>
<br>
<USEBEAN lifespan="session" name ="loginChecker" type="package.LoginChecker"><br>
<setfromrequest beanproperty = "*"><br>
</USEBEAN><br>
4. The LoginChecker bean has a property 'loggedIn'. (It also has properies for Username and Password, and a<br>
processRequest() method, which are used later).<br>
<br>
LoginChecker.jsp checks the value of the loggedIn property. If it is not true (i.e., the user is not logged in), a login<br>
page is displayed:<br>
<br>
<excludeif property ="loginChecker:loggedIn" value = "true"><br>
<br>
<FORM action="/servlet/DBAccess/path/to/GuardedPage.jsp" method="post"><br>
Username: <input name="userName" size="15" maxlength="15" ><br>
Password: <input type="password" name="password" size="15" maxlength="15"><br>
<input type="submit" name="loginUser" value="Submit"><br>
</FORM><br>
<br>
</excludeif><br>
The first time through, this bean will be 'empty' and the loggedIn property will not be set. The login form will therefore<br>
be displayed.<br>
<br>
5. There is a little trick in the action clause above. When the user types in his login info and presses submit, the<br>
invoked URL is<br>
<br>
/servlet/DBAccess/path/to/GuardedPage.jsp<br>
The action passes through the servlet DBAccess, then continues on to our original page. This servlet does nothing more<br>
than attach an open database connection to the current session:<br>
<br>
session.putValue("open.connection", connection);<br>
The servlet then picks up the trailing part of the URL with:<br>
<br>
String trailingURL = request.getPathInfo();<br>
It then calls forward() to pass control back to the requested page. In this example, the new page happens to be the same<br>
as the page we came from.<br>
<br>
getServletConfig(<br>
).getServletContext(<br>
).getRequestDispatcher(response.encodeURL(trailingURL)<br>
).forward(request,response);<br>
6. Now we are back to our original page and the logginChecker bean gets invoked again. Because of the:<br>
<br>
<setfromrequest beanproperty = "*"><br>
in the loginChecker USEBEAN tag, and because our username and password field names in the LoginChecker.jsp page match our<br>
bean's property names, the username and password that the user typed in get 'magically' populated in the corresponding<br>
properties of the bean.<br>
<br>
7. The LoginChecker bean has a processRequest() method which checks to see if a username and password has been supplied.<br>
If so (and if we are not logged in), it performs a database lookup to log the user in. If the lookup is successful, the<br>
loggedIn property is set to true.<br>
<br>
8. We are finally back to our GuardedPage.jsp page. It will probably not want to display itself unless the user is logged<br>
in. The page should therefore only be included if loggedIn is true:<br>
<br>
<includeif property="loginChecker:loggedIn" value="true" ><br>
The contents of GuardePage.jsp are displayed only if loggedIn is true.<br>
<br>
</includeif><br>
We're done! GuardedPage.jsp is only displayed if the user is logged in. If the user is not logged in, a login page is<br>
displayed, which if successful, returns the user to the original page.<br>
<br>
9. There is one small cleanup which is needed in Step 4. As coded above, a passthrough servlet is used to attach a<br>
database connection to the session. If the user repeatedly fails to login, the servlet prefix will get repeatedly<br>
pre-pended to the URL. Furthermore, the 'current page' is hardcoded into the LoginChecker.jsp page which restricts it's<br>
reusability. A little JavaScript fixes both of these problems. The following JavaScript should be used in place of the<br>
<FORM> tag in Step 4. above.<br>
<br>
<script language="JavaScript"><br>
<!--<br>
if (document.location.pathname.indexOf("/servlet/package.DBAccess") == 0)<br>
document.write(<br>
'<FORM action="' +<br>
document.location.pathname +<br>
'"method="post">');<br>
else<br>
document.write(<br>
'<FORM action="/servlet/package.DBAccess' +<br>
document.location.pathname +<br>
'" method="post">');<br>
//--><br>
</script><br>
30) So how can a newbie get started with JSP? TOC <br>
<br>
<br>
<br>
See the QuickStart section of the JSP Book at http://www.esperanto.org.nz/jspbook<br>
<br>
31) How can I ensure that session objects stay in existence when the web server restarts? TOC <br>
<br>
<br>
<br>
There is no requirement that a session object will stay around as far as I can tell, but some web servers will serialize objects if they support the serialization interface.<br>
<br>
32) How can I include one JSP inside another JSP? TOC <br>
<br>
<br>
<br>
JRUN, ServletExec and GNUJSP allow you to specify (it was in the 0.91 spec):<br>
<br>
<%@ include="./header.jsp" %> - where header.jsp is the file you want to include.<br>
The spec does say that it supports NCSA style includes as in<br>
<br>
<!--#include virtual="/pathfromdocdir/" file="copyright.html" --><br>
<!--#include file="data/table.html" --><br>
But there is no requirement that they support JSP.<br>
<br>
</p>
</table>
<p align="center"><script src="../../2.js"></script></a>
</body>
</html>
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -