java使用Filter实现自动登录的方法
程序员文章站
2024-03-02 20:02:58
本文实例为大家分享了java实现自动登录的具体代码,供大家参考,具体内容如下
当你勾选(记住登录状态),用cookie保存用户名和密码。不勾选,cookie失效。...
本文实例为大家分享了java实现自动登录的具体代码,供大家参考,具体内容如下
- 当你勾选(记住登录状态),用cookie保存用户名和密码。不勾选,cookie失效。
- 所有的页面都要经过autologinfilter.java 的过滤器,在这类中,必须要判断cookies不为null,获得所有的cookie,得到name为user的cookie,进行用户名和密码的验证,如果不为null,则将user存入session。
- 在loginservlet.java中,获得username和password参数,进行dao验证,如果不为空,放入seesion中,进行页面跳转。
- 创建cookie对象。setpath("/"),表示本应用下的所有路径都能访问此cookie。
- 对于已经正确登录的用户,再次访问其他页面必定会再次经过autologinfilter,这时,判断当前session中的user是否为null,不为null,直接通过。
- 对于**login.jsp的有关页面,不需要经过autologinfilter。
package com.learning.web.servlet;
import java.io.ioexception;
import javax.servlet.servletexception;
import javax.servlet.annotation.webservlet;
import javax.servlet.http.cookie;
import javax.servlet.http.httpservlet;
import javax.servlet.http.httpservletrequest;
import javax.servlet.http.httpservletresponse;
import com.learning.domain.user;
import com.learning.service.userservice;
@webservlet("/servlet/loginservlet")
public class loginservlet extends httpservlet {
private static final long serialversionuid = 1l;
protected void doget(httpservletrequest request, httpservletresponse response) throws servletexception, ioexception {
string username = request.getparameter("username");
string password = request.getparameter("password");
string autologin = request.getparameter("autologin");
userservice userservice=new userservice();
user user = userservice.finduser(username, password);
//user不为null,则登录成功
if (user!=null) {
//创建cookie来保存用户信息
cookie cookie=new cookie("user", user.getusername()+"&"+user.getpassword());
cookie.setpath("/");
//autologin不为null,则记住了登录状态
if (autologin!=null) {
cookie.setmaxage(1*60*60*24);//一天的有效时间
}
else {
cookie.setmaxage(0);
}
response.addcookie(cookie);
request.getsession().setattribute("user", user);
request.getrequestdispatcher("/home.jsp").forward(request, response);
}else {
response.sendredirect(request.getcontextpath()+"/homelogin.jsp");
}
}
protected void dopost(httpservletrequest request, httpservletresponse response) throws servletexception, ioexception {
doget(request, response);
}
}
package com.learning.web.filter;
import java.io.ioexception;
import javax.servlet.filter;
import javax.servlet.filterchain;
import javax.servlet.filterconfig;
import javax.servlet.servletexception;
import javax.servlet.servletrequest;
import javax.servlet.servletresponse;
import javax.servlet.annotation.webfilter;
import javax.servlet.annotation.webinitparam;
import javax.servlet.http.cookie;
import javax.servlet.http.httpservletrequest;
import javax.servlet.http.httpservletresponse;
import javax.servlet.http.httpsession;
import javax.servlet.jsp.jstl.core.config;
import com.learning.domain.user;
import com.learning.service.userservice;
@webfilter(urlpatterns="/*",initparams={@webinitparam(name="autologin",value="login"),@webinitparam(name="",value="")})
public class autofilter implements filter{
private filterconfig filterconfig;
@override
public void destroy() {
}
@override
public void dofilter(servletrequest request, servletresponse response, filterchain chain)
throws ioexception, servletexception {
// 转换对象
httpservletrequest httpservletrequest = (httpservletrequest) request;
httpservletresponse httpservletresponse = (httpservletresponse) response;
// 获得访问的路径
string uri = httpservletrequest.getrequesturi();
string contextpath = httpservletrequest.getcontextpath();
uri = uri.substring(contextpath.length() + 1);
// 获得初始化参数
string login = filterconfig.getinitparameter("autologin");
system.out.println("直接通行的路径:"+login);
// 不包含"login"的路径就要进行过滤 (xxxlogin.jsp 不需要自动登录)
if (!uri.contains(login)) {
httpsession session = httpservletrequest.getsession();
user u = (user) session.getattribute("user");
if (u != null) {
system.out.println("session不为null");
chain.dofilter(request, response);
} else {
// 处理业务逻辑
// 1.获得cookie 得到user的信息
string username = "";
string password = "";
userservice userservice = new userservice();
cookie[] cookies = httpservletrequest.getcookies();
for (int i = 0;cookies!=null&& i < cookies.length; i++) {
if ("user".equals(cookies[i].getname())) {
string string = cookies[i].getvalue();
string[] values = string.split("&");
username = values[0];
password = values[1];
user user = userservice.finduser(username, password);
// 不为空则放入session
if (user != null) {
system.out.println("自动登录了");
httpservletrequest.getsession().setattribute("user", user);
}
}
}
}
}
// 2.放行
chain.dofilter(request, response);
}
@override
public void init(filterconfig filterconfig) throws servletexception {
this.filterconfig=filterconfig;
}
}
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持。