package filter;
 
import java.io.IOException;
import java.io.PrintWriter;
 
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
 
@WebFilter(filterName = "loginFilter", urlPatterns = { "/*" })
public class LoginFilter implements Filter {
 
 public void destroy() {
 }
 
 public void doFilter(ServletRequest request, ServletResponse response,
 FilterChain chain) throws IOException, ServletException {
 HttpServletRequest req = (HttpServletRequest) request;
 HttpServletResponse resp = (HttpServletResponse) response;
 HttpSession session = req.getSession(true);
 resp.setContentType("text/html;");
 resp.setCharacterEncoding("utf-8");
 PrintWriter out = resp.getWriter();
 String request_uri = req.getRequestURI();
 String ctxPath = req.getContextPath();
 String uri = request_uri.substring(ctxPath.length());
 if (uri.contains("login.jsp") || uri.contains("loginServlet")) {
 chain.doFilter(request, response);
 } else {
 if (session.getAttribute("user") != null) {
 chain.doFilter(request, response);
 } else {
 out.println("您沒有登錄，請先登錄！3秒后回到登錄頁面。");
 resp.setHeader("refresh", "3;url=" + ctxPath + "/login.jsp");
 return;
 }
 }
 }
 
 public void init(FilterConfig fConfig) throws ServletException {
 }
 
}

package servlet;
 
import java.io.IOException;
 
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
 
@WebServlet(name = "loginServlet", urlPatterns = { "/loginServlet" })
public class LoginServlet extends HttpServlet {
 private static final long serialVersionUID = 1L;
 
 protected void doGet(HttpServletRequest request,
 HttpServletResponse response) throws ServletException, IOException {
 doPost(request, response);
 }
 
 protected void doPost(HttpServletRequest request,
 HttpServletResponse response) throws ServletException, IOException {
 String username = request.getParameter("name");
 String password = request.getParameter("pwd");
 if ("filter".equals(username) && "filter".equals(password)) {
 HttpSession session = request.getSession(true);
 session.setAttribute("user", username);
 response.sendRedirect("loginSuccess.jsp");
 } else {
 response.sendRedirect("login.jsp");
 }
 }
 
}

<%@page import="java.util.Date"%>
<%@ page language="java" contentType="text/html; charset=UTF-8"
 pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>example</title>
</head>
<body bgcolor="lightPink">
 <form action="loginServlet" method="post">
 <table>
 <tr>
 <td>用戶名：</td>
 <td><input type="text" name="name" /></td>
 </tr>
 <tr>
 <td>密碼：</td>
 <td><input type="password" name="pwd" />
 </tr>
 <tr>
 <td><input type="submit" value="提交" /></td>
 <td><input type="reset" value="重置" /></td>
 </tr>
 </table>
 </form>
</body>
</html>

<%@page import="java.util.Date"%>
<%@ page language="java" contentType="text/html; charset=UTF-8"
 pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>example</title>
</head>
<body>
 <%
 String username = (String) session.getAttribute("user");
 %>
 恭喜<%=username%>登錄成功！
</body>
</html>