JSP page access control and JSP page Access Control

JSP page access control and JSP page Access Control

Access control is implemented based on sessions. What is a session?

Session is a built-in object in JSP. It corresponds to the browser one by one and allows users to store and extract session status information.

Session objects are used to store all information about user sessions.

1. What is session?

(1) A session is a call between the browser and the server,

It contains multiple requests and responses between the browser and the server.

(2) Use the session tracking mechanism provided by Web containers to maintain
User session information, that is, to save different data for different users

2. How is session used?

Common Methods for session objects:

(1) void setAttribute (String key, Object value ):

Store the value of an object in session as a key/value.

Session. setAttribute ("gxs", "admin ");

(2) Object getAttribute (String key ):

Obtain the value of the object stored in the session according to the name.

String name = (String) session. getAttribute ("gxs ");

Code:

<%
If (rs. next () {// if it is a registered user

// Encapsulate the User name and password in the User object

User loginedUser = new User (name, pass );

Session. setAttribute ("gxs", loginedUser );

Response. sendRedirect ("welcome. jsp ");

} Else {

Response. sendRedirect ("login.html ");

}
%>

Here, the user establishes a key-value relationship between gxs and loginedUser for future use.