核心提示:(一)Filter实现自动用户自动登录的原理1.登录界面将表单数据提交给LoginServlet处理,并把获取的数据保存到Cookie对象中去。2.AutoLoginFilter拦截用户登录请求,并判...
(一)Filter实现自动用户自动登录的原理
1.登录界面将表单数据提交给LoginServlet处理,并把获取的数据保存到Cookie对象中去。
2.AutoLoginFilter拦截用户登录请求,并判断请求是否包含用户自动登录的Cookie,如果有获取用户的账号和密码进行判断。如果为true,将用户信息封装到User对象存入Session域中,从而实现自动登录功能。
实例演示
package com.Entity;
public class User {
//封装用户的属性
private String username;
private String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
package com.Servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.Entity.User;
public class LoginServlet extends HttpServlet {
public void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
//1.获得用户名和密码
request.setCharacterEncoding("utf-8");
String username = request.getParameter("username");
String password = request.getParameter("password");
//2.验证输入用户名和密码是否正确
if ("Kaina".equals(username) && "123".equals(password)) {
//3.将用户状态 user 对象存入 session域
User user = new User();
user.setUsername(username);
user.setPassword(password);
request.getSession().setAttribute("user", user);
//4.发送自动登录的cookie
String autoLogin = request.getParameter("autologin");
if (autoLogin != null) {
//5.注意 cookie 中的密码要加密
Cookie cookie = new Cookie("autologin", username + "-"
+ password);
cookie.setMaxAge(Integer.parseInt(autoLogin));
cookie.setPath(request.getContextPath());
response.addCookie(cookie);
}
//6.跳转至首页
response.sendRedirect(request.getContextPath()+"/index.jsp");
} else {
request.setAttribute("errerMsg", "用户名或密码错");
request.getRequestDispatcher("/login.jsp")
.forward(request,response);
}
}
public void doPost(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}
package com.Servlet;
import java.io.IOException;
import javax.servlet.*;
import javax.servlet.http.*;
public class LogoutServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
public void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
//1.用户注销
request.getSession().removeAttribute("user");
//2.从客户端删除自动登录的cookie
Cookie cookie = new Cookie("autologin", "msg");
cookie.setPath(request.getContextPath());
cookie.setMaxAge(0);
response.addCookie(cookie);
response.sendRedirect(request.getContextPath()+"/index.jsp");
}
public void doPost(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}
package com.Filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import com.Entity.User;
public class AutoLoginFilter implements Filter {
public void init(FilterConfig filterConfig) throws ServletException {
}
public void doFilter(ServletRequest req, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
//1.下次用户请求被拦截后,执行以下代码实现自动登录功能!!!
//1.获得一个名为 autologin 的cookie
Cookie[] cookies = request.getCookies();
String autologin = null;
for (int i = 0; cookies != null && i < cookies.length; i++) {
if ("autologin".equals(cookies[i].getName())) {
//2.找到了指定的cookie
autologin = cookies[i].getValue();
break;
}
}
if (autologin != null) {
//3.做自动登录
String[] parts = autologin.split("-");
String username = parts[0];
String password = parts[1];
//4.检查用户名和密码
if ("itcast".equals(username)&& ("123456").equals(password)) {
// 登录成功,将用户状态 user 对象存入 session域
User user = new User();
user.setUsername(username);
user.setPassword(password);
request.getSession().setAttribute("user", user);
}
}
// 放行
chain.doFilter(request, response);
}
public void destroy() {
}
}
package com.Filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import com.Entity.User;
public class AutoLoginFilter implements Filter {
public void init(FilterConfig filterConfig) throws ServletException {
}
public void doFilter(ServletRequest req, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
//1.下次用户请求被拦截后,执行以下代码实现自动登录功能!!!
//1.获得一个名为 autologin 的cookie
Cookie[] cookies = request.getCookies();
String autologin = null;
for (int i = 0; cookies != null && i < cookies.length; i++) {
if ("autologin".equals(cookies[i].getName())) {
//2.找到了指定的cookie
autologin = cookies[i].getValue();
break;
}
}
if (autologin != null) {
//3.做自动登录
String[] parts = autologin.split("-");
String username = parts[0];
String password = parts[1];
//4.检查用户名和密码
if ("itcast".equals(username)&& ("123456").equals(password)) {
// 登录成功,将用户状态 user 对象存入 session域
User user = new User();
user.setUsername(username);
user.setPassword(password);
request.getSession().setAttribute("user", user);
}
}
// 放行
chain.doFilter(request, response);
}
public void destroy() {
}
}
<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8" import="java.util.*" %> <%@ taglib prefix="c" uri="https://java.sun.com/jsp/jstl/core"%>
Project01 index.jsp LogoutServlet LogoutServlet com.Servlet.LogoutServlet LogoutServlet /LogoutServlet LoginServlet LoginServlet com.Servlet.LoginServlet LoginServlet /LoginServlet AutoLoginFilter AutoLoginFilter com.Filter.AutoLoginFilter AutoLoginFilter /*
输出https://localhost/Project01/login.jsp:
关闭浏览器后,再次打开浏览器输入https://localhost/Project01/index.jsp:
