java - 使用 Java servlet 超过限制尝试登录

问题描述

我正在使用 tomcat，并且正在尝试构建一个登录系统，该系统会在尝试登录3 次后阻止用户。一切似乎都运行良好。

唯一的问题是，当用户在所有 3 次尝试中都失败并被阻止时，即使我尝试使用具有正确凭据的另一个帐户登录，它也不会登录并不断向我显示消息“您超出了最大尝试次数。这账号被封了。” .

它仅在我重新启动 tomcat 服务器时才有效。有什么问题？

这是我的登录 servlet：

public class LoginCheck extends HttpServlet {
    int totalAttempts = 3; 

    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        String username = request.getParameter("username");
        String password = request.getParameter("password");

        /**
         *  verifies all the values inserted in database
         *  creates session and redirects accordingly to answer
         *  blocks access after 3 failed attempts
         */
         if(totalAttempts != 0){
             if(CheckUser.Validation(username, password) && !CheckUser.SelectState(username)){
                 HttpSession session = request.getSession();
                session.setAttribute("username", username);

                RequestDispatcher rs = request.getRequestDispatcher("profile.jsp");
                rs.forward(request, response);

            }
            else if(CheckUser.Validation(username, password) && CheckUser.SelectState(username)) {
                String blocked = "This user is blocked";
                request.setAttribute("blocked", blocked);
                request.getRequestDispatcher("index.jsp").forward(request, response);   
                return;
            } 
            else if (!CheckUser.Validation(username, password) && !CheckUser.SelectState(username)){  
                String error = "Wrong username or password. Try again.";
                request.setAttribute("error", error);
                request.getRequestDispatcher("index.jsp").forward(request, response);   
                totalAttempts--;

            }   
        } 
        else {  
            String state = "Inactive";
            CheckUser.BlockUser(state, username);
            String blocked = "You exceeded the max attempts. This account is blocked.";
            request.setAttribute("blocked", blocked);
            request.getRequestDispatcher("index.jsp").forward(request, response);   
        }
    }
}

标签： javatomcatservlets