自动登录练习

2012/04/26 1980点热度 0人点赞 0条评论

使用过滤器和session,cookies写的自动登录

autoLogin.jsp页面

<%@ page language="java"  contentType="text/html;charset=utf-8"%>
<%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <title>自动登录</title>
  </head>
  <%
      String username="";
      String userpwd="";
      Integer maxTime=0;
                                                
      Cookie[] cookies=request.getCookies();
      if(cookies!=null&&cookies.length>0){
          for(Cookie c:cookies){
              if("username".equals(c.getName())){
                  username=c.getValue();
              }
              if("userpwd".equals(c.getName())){
                  userpwd=c.getValue();
              }
              if("maxTime".equals(c.getName())){
                  String smaxTime=c.getValue();
                  if(smaxTime!=null&&!"".equals(smaxTime)){
                      maxTime=Integer.parseInt(smaxTime);
                      pageContext.setAttribute("maxTime",maxTime);
                  }
              }
          }
      }
                                                
  %>
  <body>
    <form action="${pageContext.request.contextPath }/autoLoginServlet" method="post">
       用户名:<input type="text" name="username"  value="<%=username %>"><br/>
       密 码:<input type="password" name="userpwd" value="<%=userpwd %>"><br>
       记住密码:<input type="checkbox" name="flag" checked=false> 保存时间
       <input type="radio" name="maxTime" value="${60*60*24 }" ${(maxTime==60*60*24)?"checked":"" } >一天
       <input type="radio" name="maxTime" value="${60*60*24*7 }" ${(maxTime==60*60*24*7)?"checked":"" }  >一周
       <input type="radio" name="maxTime" value="${60*60*24*30 }" ${(maxTime==60*60*24*30)?"checked":"" } >一月
       <input type="radio" name="maxTime" value="${60*60*24*180 }" ${(maxTime==60*60*24*180)?"checked":"" } >半年<br>
       ${maxTime }
     <input type="submit" name="btn" value="提交"/>
     </form>  
    </body>
</html>

web.xml内容

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5"
    xmlns="http://java.sun.com/xml/ns/javaee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
    http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
                
 <context-param>
    <description>不登录就可以访问的连接</description>
    <param-name>noCheckUrl</param-name>
    <param-value>/autoLogin.jsp,/autoLoginServlet</param-value>
 </context-param>
                
  <!-- 配置粗粒度权限过滤器 -->
 <filter>
    <filter-name>AtuoLoginFilter</filter-name>
    <filter-class>com.yxkong.filter.AtuoLoginFilter</filter-class>
 </filter>
 <filter-mapping>
    <filter-name>AtuoLoginFilter</filter-name>
    <url-pattern>/*</url-pattern>
 </filter-mapping>
                
  <servlet>
    <servlet-name>AutoLoginServlet</servlet-name>
    <servlet-class>com.yxkong.web.AutoLoginServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>AutoLoginServlet</servlet-name>
    <url-pattern>/autoLoginServlet</url-pattern>
  </servlet-mapping>
                 
</web-app>

自动登录拦截器

public class AtuoLoginFilter implements Filter {
              
    // 不登录允许访问的连接
    private List<String> list = null;
              
    public void init(FilterConfig filterConfig) throws ServletException {
        list = new ArrayList<String>();
        ServletContext sc = filterConfig.getServletContext();
              
        String noCheckUrl = sc.getInitParameter("noCheckUrl");
        String[] noCheckUrlArr = noCheckUrl.split(",");
              
        list = Arrays.asList(noCheckUrlArr);
              
    }
              
    public void doFilter(ServletRequest request, ServletResponse response,
            FilterChain chain) throws IOException, ServletException {
              
        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse resp = (HttpServletResponse) response;
              
        String path = req.getRequestURI();
                      
        path = path.substring(path.indexOf("/", 1));
        // 只要是list集合中的,不管登录没有登录都可以访问
        if (list != null && list.size() > 0 && list.contains(path)) {
            chain.doFilter(request, response);
            return;
        }
        // 如果session存在获取,不存在不新建session
        HttpSession session = req.getSession(false);
        User user = null;
        if (session != null) {
            user = (User) session.getAttribute("user");
        }
              
        // 已经存在用户的session
        if (user != null) {
            chain.doFilter(request, response);
            return;
        } else {
            // 获取客户端cookie
            user = new User();
            String username = "";
            String userpwd = "";
            String smaxTime = "";
            Cookie[] cookies = req.getCookies();
            // 遍历cookies,如果存在对应的cookie则取出
            if (cookies!=null&&cookies.length > 0) {
                for (Cookie cookie : cookies) {
                    if ("username".equals(cookie.getName())) {
                        username = cookie.getValue();
                    }
                    if ("userpwd".equals(cookie.getName())) {
                        userpwd = cookie.getValue();
                    }
                    if ("maxTime".equals(cookie.getName())) {
                        smaxTime = cookie.getValue();
                    }
                }
            }
            // 客户端存在对应的cookie
            if (!"".equals(username) && !"".equals(userpwd)
                    && !"".equals(smaxTime)) {
                // 这里可以判断得到的用户名和密码是否和数据库中的相同,如果相同则存入session,如果不同则跳转到登录页面并提示
                user.setUsername(username);
                user.setUserpwd(userpwd);
                // 将从cookie中获得到得值存到session中
                              
                session=req.getSession();
                session.setAttribute("user", user);
              
                chain.doFilter(request, response);
                return;
            } else {
                resp.sendRedirect(req.getContextPath() + "/autoLogin.jsp");
            }
        }
    }
    public void destroy() {
    }
}

自动登录servlet

public class AutoLoginServlet extends HttpServlet {
            
    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doPost(request, response);
    }
    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        String username = request.getParameter("username");
        String userpwd = request.getParameter("userpwd");
        String sflag = request.getParameter("flag");
        String smaxTime = request.getParameter("maxTime");
            
        // 是否保存用户名和密码的标记
        Boolean flag = false;
        if (sflag != null && !"".equals(sflag)) {
            flag = true;
        }
        // 保存密码的时间
        int maxTime = 0;
        if (smaxTime != null && !"".equals(smaxTime)) {
            maxTime = Integer.parseInt(smaxTime);
            // 如果没有选上记住密码,但是选上了记住时间,则默认记住密码
            flag = true;
        }
        User user = null;
        // 输入用户名和密码则执行下面的
        if (username != null && !"".equals(username) && userpwd != null
                && !"".equals(userpwd)) {
            
            // 在此处可以添加用户名和密码的验证,如果用户名和密码正确则保存用户到bean并保存用户名和密码到session中
            user = new User();
            user.setUsername(username);
            user.setUserpwd(userpwd);
            
            HttpSession session = request.getSession();
            session.setAttribute("user", user);
            
            // 如果选中了记住密码,且记住时间不为空 执行记住cookie
            if (flag && maxTime > 0) {
                Cookie usernameCookie = new Cookie("username", username);
                // 设置cookie保存路径
                usernameCookie.setPath(request.getContextPath());
                usernameCookie.setMaxAge(maxTime);
            
                Cookie userpwdCookie = new Cookie("userpwd", userpwd);
                userpwdCookie.setPath(request.getContextPath());
                userpwdCookie.setMaxAge(maxTime);
            
                Cookie maxTimeCookie = new Cookie("maxTime", smaxTime);
                maxTimeCookie.setPath(request.getContextPath());
                maxTimeCookie.setMaxAge(maxTime);
                response.addCookie(maxTimeCookie);
            
                // 将cookie添加到响应头
                response.addCookie(usernameCookie);
                response.addCookie(userpwdCookie);
            }
            request.getRequestDispatcher("main.jsp").forward(request, response);
        } else {
            // 提示用户输入用户名和密码
        }
    }
}

yxkong

这个人很懒,什么都没留下

文章评论