cookie自动登陆
通常我们登录某网站,会有选择保存几天,或者是几个星期不用登录,之后输入该网站地址无需登录直接进入主页面,那么这就叫做自动登录,怎么实现呢,下面我以一个小例子来演示一下
登录页面:login.jsp
- <span style="font-size: medium;"><%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
- <html>
- <head>
- </head>
- <body>
- <form action="login.do">
- 用户名:<input type="text" name="username" ><br/>
- 密 码:<input type="text" name="password" ><br/>
- <input type="submit" value="登录" /><select name="saveTime">
- <option value="366">一年</option>
- <option value="183">半年</option>
- <option value="30">一个月</option>
- <option value="7">一周</option>
- </select>
- </form>
- </body>
- </html>
- </span>
那么从上面可看到可选择保存自动登录的期限,可以是一年,半年,一个月,一周,当然这都是以天为单位的
服务类:LoginService
- <span style="font-size: medium;">package com.login.servlet;
- public class LoginService {
- public static boolean login(String username, String password) {
- if ("admin".equals(username) && "123456".equals(password)) {
- return true;
- } else {
- return false;
- }
- }
- }
- </span>
业务处理servlet:LoginServlet
- <span style="font-size: medium;">package com.login.servlet;
- import java.io.IOException;
- import javax.servlet.ServletException;
- import javax.servlet.http.Cookie;
- import javax.servlet.http.HttpServlet;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- public class LoginServlet extends HttpServlet {
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- this.doPost(request, response);
- }
- public void doPost(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- String username=request.getParameter("username");
- String password=request.getParameter("password");
- String savetime=request.getParameter("saveTime");
- if(LoginService.login(username, password)){
- if(null!=savetime&&!savetime.isEmpty()){
- int saveTime=Integer.parseInt(savetime);//这里接受的表单值为天来计算的
- int seconds=saveTime*24*60*60;
- Cookie cookie = new Cookie("user", username+"=="+password);
- cookie.setMaxAge(seconds);
- response.addCookie(cookie);
- }
- request.setAttribute("username",username);
- request.getRequestDispatcher("/main.jsp").forward(request,response);
- }else{
- request.getRequestDispatcher("/index.jsp").forward(request,response);
- }
- }
- }
- </span>
看清上面处理Cookie的方式步骤:其实这是为第一次登录该网站时【前提是选择了保存自动登录期限时间】处理Cookie,只要这一步处理成功,以后都无需经过这个Servlet因为我们接下来要在请求到达前,从Cookie中取出我们的用户名和密码,这样的话就需要一个过滤器了
- <span style="font-size: medium;">package com.login.servlet;
- import java.io.IOException;
- import javax.servlet.Filter;
- import javax.servlet.FilterChain;
- import javax.servlet.FilterConfig;
- import javax.servlet.ServletException;
- import javax.servlet.ServletRequest;
- import javax.servlet.ServletResponse;
- import javax.servlet.http.Cookie;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- public class IndexFilter implements Filter {
- public void destroy() {
- // TODO Auto-generated method stub
- }
- public void doFilter(ServletRequest arg0, ServletResponse arg1,
- FilterChain arg2) throws IOException, ServletException {
- HttpServletRequest request = (HttpServletRequest) arg0;
- HttpServletResponse response = (HttpServletResponse) arg1;
- Cookie[] cookies = request.getCookies();
- String[] cooks = null;
- String username = null;
- String password = null;
- if (cookies != null) {
- for (Cookie coo : cookies) {
- String aa = coo.getValue();
- cooks = aa.split("==");
- if (cooks.length == 2) {
- username = cooks[0];
- password = cooks[1];
- }
- }
- }
- if (LoginService.login(username, password)) {
- request.getSession().setAttribute("username",username);
- response.sendRedirect("main.jsp");
- //request.getRequestDispatcher("/main.jsp").forward(request, response);
- }else{
- arg2.doFilter(request,response );
- }
- }
- public void init(FilterConfig arg0) throws ServletException {
- // TODO Auto-generated method stub
- }
- }
- </span>
我这里所说的请求到达之前,不是指的某个路径匹配的servlet而是指的就是在输入网址到达登录页面前就要进行自动登录的处理,那么web.xml中应该怎么配置呢
- <span style="font-size: medium;"><?xml version="1.0" encoding="UTF-8"?>
- <web-app version="2.5"
- xmlns="http://java.sun.com/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
- http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
- <filter>
- <filter-name>loginFilter</filter-name>
- <filter-class>com.login.servlet.IndexFilter</filter-class>
- </filter>
- <filter-mapping>
- <filter-name>loginFilter</filter-name>
- <url-pattern>/index.jsp</url-pattern>
- </filter-mapping>
- <servlet>
- <servlet-name>LoginServlet</servlet-name>
- <servlet-class>com.login.servlet.LoginServlet</servlet-class>
- </servlet>
- <servlet-mapping>
- <servlet-name>LoginServlet</servlet-name>
- <url-pattern>/login.do</url-pattern>
- </servlet-mapping>
- <welcome-file-list>
- <welcome-file>login.jsp</welcome-file>
- </welcome-file-list>
- </web-app>
- </span>
看见了没有,上面的filter匹配路径只是针对一个页面,与通常写/*匹配所有请求到达之前是不一样的写法哦
主页面:main.jsp
- <span style="font-size: medium;"><%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
- <html>
- <head>
- <title>My JSP 'maiin.jsp' starting page</title>
- </head>
- <body>
- 登录成功,欢迎${username}的到来
- </body>
- </html>
- </span>
输入地址:http://localhost:8080/WebApp/login.jsp,出现登录页面
然后输入:admin,123456 ,选择一个保存日期
这样第一次登录成功之后,是经由LoginServlet处理了,由于选择了日期,所以Cookie中保存了用户信息,所以之后再输入同样地址后,不会出现登录页面,就不再经过LoginServlet处理【因为LoginServlet处理的是登陆页面上登录按钮请求的】,而直接提前交由IndexFilter处理,直接进入主页面,明白了么?
欢迎点评,共同学习,共同进步