java使用Filter实现自动登录的方法
程序员文章站
2024-03-02 20:02:58
本文实例为大家分享了java实现自动登录的具体代码,供大家参考,具体内容如下
当你勾选(记住登录状态),用cookie保存用户名和密码。不勾选,cookie失效。...
本文实例为大家分享了java实现自动登录的具体代码,供大家参考,具体内容如下
- 当你勾选(记住登录状态),用cookie保存用户名和密码。不勾选,cookie失效。
- 所有的页面都要经过autologinfilter.java 的过滤器,在这类中,必须要判断cookies不为null,获得所有的cookie,得到name为user的cookie,进行用户名和密码的验证,如果不为null,则将user存入session。
- 在loginservlet.java中,获得username和password参数,进行dao验证,如果不为空,放入seesion中,进行页面跳转。
- 创建cookie对象。setpath("/"),表示本应用下的所有路径都能访问此cookie。
- 对于已经正确登录的用户,再次访问其他页面必定会再次经过autologinfilter,这时,判断当前session中的user是否为null,不为null,直接通过。
- 对于**login.jsp的有关页面,不需要经过autologinfilter。
package com.learning.web.servlet; import java.io.ioexception; import javax.servlet.servletexception; import javax.servlet.annotation.webservlet; import javax.servlet.http.cookie; import javax.servlet.http.httpservlet; import javax.servlet.http.httpservletrequest; import javax.servlet.http.httpservletresponse; import com.learning.domain.user; import com.learning.service.userservice; @webservlet("/servlet/loginservlet") public class loginservlet extends httpservlet { private static final long serialversionuid = 1l; protected void doget(httpservletrequest request, httpservletresponse response) throws servletexception, ioexception { string username = request.getparameter("username"); string password = request.getparameter("password"); string autologin = request.getparameter("autologin"); userservice userservice=new userservice(); user user = userservice.finduser(username, password); //user不为null,则登录成功 if (user!=null) { //创建cookie来保存用户信息 cookie cookie=new cookie("user", user.getusername()+"&"+user.getpassword()); cookie.setpath("/"); //autologin不为null,则记住了登录状态 if (autologin!=null) { cookie.setmaxage(1*60*60*24);//一天的有效时间 } else { cookie.setmaxage(0); } response.addcookie(cookie); request.getsession().setattribute("user", user); request.getrequestdispatcher("/home.jsp").forward(request, response); }else { response.sendredirect(request.getcontextpath()+"/homelogin.jsp"); } } protected void dopost(httpservletrequest request, httpservletresponse response) throws servletexception, ioexception { doget(request, response); } }
package com.learning.web.filter; import java.io.ioexception; import javax.servlet.filter; import javax.servlet.filterchain; import javax.servlet.filterconfig; import javax.servlet.servletexception; import javax.servlet.servletrequest; import javax.servlet.servletresponse; import javax.servlet.annotation.webfilter; import javax.servlet.annotation.webinitparam; import javax.servlet.http.cookie; import javax.servlet.http.httpservletrequest; import javax.servlet.http.httpservletresponse; import javax.servlet.http.httpsession; import javax.servlet.jsp.jstl.core.config; import com.learning.domain.user; import com.learning.service.userservice; @webfilter(urlpatterns="/*",initparams={@webinitparam(name="autologin",value="login"),@webinitparam(name="",value="")}) public class autofilter implements filter{ private filterconfig filterconfig; @override public void destroy() { } @override public void dofilter(servletrequest request, servletresponse response, filterchain chain) throws ioexception, servletexception { // 转换对象 httpservletrequest httpservletrequest = (httpservletrequest) request; httpservletresponse httpservletresponse = (httpservletresponse) response; // 获得访问的路径 string uri = httpservletrequest.getrequesturi(); string contextpath = httpservletrequest.getcontextpath(); uri = uri.substring(contextpath.length() + 1); // 获得初始化参数 string login = filterconfig.getinitparameter("autologin"); system.out.println("直接通行的路径:"+login); // 不包含"login"的路径就要进行过滤 (xxxlogin.jsp 不需要自动登录) if (!uri.contains(login)) { httpsession session = httpservletrequest.getsession(); user u = (user) session.getattribute("user"); if (u != null) { system.out.println("session不为null"); chain.dofilter(request, response); } else { // 处理业务逻辑 // 1.获得cookie 得到user的信息 string username = ""; string password = ""; userservice userservice = new userservice(); cookie[] cookies = httpservletrequest.getcookies(); for (int i = 0;cookies!=null&& i < cookies.length; i++) { if ("user".equals(cookies[i].getname())) { string string = cookies[i].getvalue(); string[] values = string.split("&"); username = values[0]; password = values[1]; user user = userservice.finduser(username, password); // 不为空则放入session if (user != null) { system.out.println("自动登录了"); httpservletrequest.getsession().setattribute("user", user); } } } } } // 2.放行 chain.dofilter(request, response); } @override public void init(filterconfig filterconfig) throws servletexception { this.filterconfig=filterconfig; } }
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持。