java - JSP登录跳转问题

Question

Web前端初级问题，有点想不通，所以注册了号来问问，如能释疑，万分感谢。

一.servlet登录跳转验证

1.登录页面通过AJAX向后端发送用户名密码，然后servlet直接判断正确与否，再直接进行转发或者重定向到新页面或者登录页面。

2.通过AJAX将用户名和密码传到servlet，判断结果用json传回JS里，返回一个登陆判定的数字0或者1。。0则阻止submit，1则submit到servlet再转发到登陆后页面。

有点蒙蔽，不知道哪种更加合适，总觉得第2个特别不安全，但是第一种重定向会刷新，看得我很难过……

二。表格增删查改
Orz 学得都是页面跳来跳去，但是我好喜欢AJAX无刷新绘制表格，不知道这样后续有没有什么不方便的地方？

暂时就这些，希望各位指教一二。谢谢、

Answer 1

1 is wrong: ajax cannot receive 302 redirect --> So ajax should not be used in redirect scenarios; if you want to use redirect login, use Form post or something like this.

2 Whether it is safe or not depends on the processing on your server side. Because even if the account authentication is successful, each request to the server still has to use cookies and sessions to determine whether it is a request from a logged-in user. Of course, some libraries can help you take care of this, such as Shiro and so on.

Most of the tables on the market now use ajax, and there are many such libraries, such as jqGrid

Answer 2

Ajax login. After success, the page will be rendered directly or redirected to other URLs. If failed, JSON will be returned to prompt the user.

Answer 3

Ajax can redirect? ? Could it be that ajax initiates a request to the servlet, and then the servlet processes the login logic, and then responds to the ajax success return function, and then processes the logic based on its own response data (successful things are done, and failure prompts are given)?

Answer 4

Thank you for the invitation;

This choice depends on your needs. Generally speaking, the user experience of ajax is good. It won't be unsafe.