java Filter自动登录 java使用Filter实现自动登录的方法
第九种格调的人生 人气:0想了解java使用Filter实现自动登录的方法的相关内容吗,第九种格调的人生在本文为您仔细讲解java Filter自动登录的相关知识和一些Code实例,欢迎阅读和指正,我们先划重点:java,Filter,自动登录,下面大家一起来学习吧。
- 当你勾选(记住登录状态),用cookie保存用户名和密码。不勾选,cookie失效。
- 所有的页面都要经过autoLoginFilter.java 的过滤器,在这类中,必须要判断cookies不为null,获得所有的cookie,得到name为user的cookie,进行用户名和密码的验证,如果不为null,则将user存入session。
- 在LoginServlet.java中,获得username和password参数,进行dao验证,如果不为空,放入seesion中,进行页面跳转。
- 创建cookie对象。setpath("/"),表示本应用下的所有路径都能访问此cookie。
- 对于已经正确登录的用户,再次访问其他页面必定会再次经过autoLoginFilter,这时,判断当前session中的user是否为null,不为null,直接通过。
- 对于**login.jsp的有关页面,不需要经过autoLoginFilter。
package com.learning.web.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.learning.domain.User;
import com.learning.service.UserService;
@WebServlet("/servlet/loginServlet")
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String username = request.getParameter("username");
String password = request.getParameter("password");
String autologin = request.getParameter("autologin");
UserService userService=new UserService();
User user = userService.findUser(username, password);
//user不为null,则登录成功
if (user!=null) {
//创建cookie来保存用户信息
Cookie cookie=new Cookie("user", user.getUsername()+"&"+user.getPassword());
cookie.setPath("/");
//autologin不为null,则记住了登录状态
if (autologin!=null) {
cookie.setMaxAge(1*60*60*24);//一天的有效时间
}
else {
cookie.setMaxAge(0);
}
response.addCookie(cookie);
request.getSession().setAttribute("user", user);
request.getRequestDispatcher("/home.jsp").forward(request, response);
}else {
response.sendRedirect(request.getContextPath()+"/homeLogin.jsp");
}
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doGet(request, response);
}
}
package com.learning.web.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.annotation.WebInitParam;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.servlet.jsp.jstl.core.Config;
import com.learning.domain.User;
import com.learning.service.UserService;
@WebFilter(urlPatterns="/*",initParams={@WebInitParam(name="autologin",value="login"),@WebInitParam(name="",value="")})
public class AutoFilter implements Filter{
private FilterConfig filterConfig;
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
// 转换对象
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
// 获得访问的路径
String uri = httpServletRequest.getRequestURI();
String contextPath = httpServletRequest.getContextPath();
uri = uri.substring(contextPath.length() + 1);
// 获得初始化参数
String login = filterConfig.getInitParameter("autologin");
System.out.println("直接通行的路径:"+login);
// 不包含"login"的路径就要进行过滤 (xxxlogin.jsp 不需要自动登录)
if (!uri.contains(login)) {
HttpSession session = httpServletRequest.getSession();
User u = (User) session.getAttribute("user");
if (u != null) {
System.out.println("session不为null");
chain.doFilter(request, response);
} else {
// 处理业务逻辑
// 1.获得cookie 得到User的信息
String username = "";
String password = "";
UserService userService = new UserService();
Cookie[] cookies = httpServletRequest.getCookies();
for (int i = 0;cookies!=null&& i < cookies.length; i++) {
if ("user".equals(cookies[i].getName())) {
String string = cookies[i].getValue();
String[] values = string.split("&");
username = values[0];
password = values[1];
User user = userService.findUser(username, password);
// 不为空则放入session
if (user != null) {
System.out.println("自动登录了");
httpServletRequest.getSession().setAttribute("user", user);
}
}
}
}
}
// 2.放行
chain.doFilter(request, response);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig=filterConfig;
}
}
加载全部内容