1. Add in front of login_do.jsp login success
session.setAttribute("user",admin);
I added it in my verification Action:
Admin admin=dbu.selectAdmin(login.getAdmin_user());
HttpSession session=request.getSession();
admin is your administrator POJO;
The username and password are placed in admin.
User is for later use, it can also be said to be a pointer or key, and admin is the value.
2. Write a separate sessionCheck.jsp file to verify the session
< %@page pageEncoding="UTF-8" contentType="text/html; charset=UTF-8" %>
< %@include file="/admin/sessionCheck.jsp"%>
< %@page import="com.fypl.Admin" %>
<%
Object obj = session.getAttribute("user");
if(obj==null){
out.print("You are not logged in");
response.sendRedirect("admin_login.jsp");
}else{
Admin admin=(Admin)obj;
}
%>
The first line is to set a key, which exists in pairs with its value.
In fact, it is through this key to operate its value.
If the key is empty, the value is empty.
Then you are not logged in, because after logging in, there must be an account and password. Otherwise. . . . Please leave. If it is not empty, force the key to be converted to value
3. After completing the above two steps, the most important step is next.
In the head of each jsp file contains the following statement
< %@include file="/admin/sessionCheck.jsp"%>
This way if you want to access this page without logging in. It will first execute sessionCheck.jsp to verify whether the account password is empty.
Of course it will be empty if you are not logged in.