java使用Filter实现自动登录的方法
本文实例为大家分享了java实现自动登录的具体代码,供大家参考,具体内容如下
- 当你勾选(记住登录状态),用cookie保存用户名和密码。不勾选,cookie失效。
- 所有的页面都要经过autoLoginFilter.java的过滤器,在这类中,必须要判断cookies不为null,获得所有的cookie,得到name为user的cookie,进行用户名和密码的验证,如果不为null,则将user存入session。
- 在LoginServlet.java中,获得username和password参数,进行dao验证,如果不为空,放入seesion中,进行页面跳转。
- 创建cookie对象。setpath("/"),表示本应用下的所有路径都能访问此cookie。
- 对于已经正确登录的用户,再次访问其他页面必定会再次经过autoLoginFilter,这时,判断当前session中的user是否为null,不为null,直接通过。
- 对于**login.jsp的有关页面,不需要经过autoLoginFilter。
packagecom.learning.web.servlet;
importjava.io.IOException;
importjavax.servlet.ServletException;
importjavax.servlet.annotation.WebServlet;
importjavax.servlet.http.Cookie;
importjavax.servlet.http.HttpServlet;
importjavax.servlet.http.HttpServletRequest;
importjavax.servlet.http.HttpServletResponse;
importcom.learning.domain.User;
importcom.learning.service.UserService;
@WebServlet("/servlet/loginServlet")
publicclassLoginServletextendsHttpServlet{
privatestaticfinallongserialVersionUID=1L;
protectedvoiddoGet(HttpServletRequestrequest,HttpServletResponseresponse)throwsServletException,IOException{
Stringusername=request.getParameter("username");
Stringpassword=request.getParameter("password");
Stringautologin=request.getParameter("autologin");
UserServiceuserService=newUserService();
Useruser=userService.findUser(username,password);
//user不为null,则登录成功
if(user!=null){
//创建cookie来保存用户信息
Cookiecookie=newCookie("user",user.getUsername()+"&"+user.getPassword());
cookie.setPath("/");
//autologin不为null,则记住了登录状态
if(autologin!=null){
cookie.setMaxAge(1*60*60*24);//一天的有效时间
}
else{
cookie.setMaxAge(0);
}
response.addCookie(cookie);
request.getSession().setAttribute("user",user);
request.getRequestDispatcher("/home.jsp").forward(request,response);
}else{
response.sendRedirect(request.getContextPath()+"/homeLogin.jsp");
}
}
protectedvoiddoPost(HttpServletRequestrequest,HttpServletResponseresponse)throwsServletException,IOException{
doGet(request,response);
}
}
packagecom.learning.web.filter;
importjava.io.IOException;
importjavax.servlet.Filter;
importjavax.servlet.FilterChain;
importjavax.servlet.FilterConfig;
importjavax.servlet.ServletException;
importjavax.servlet.ServletRequest;
importjavax.servlet.ServletResponse;
importjavax.servlet.annotation.WebFilter;
importjavax.servlet.annotation.WebInitParam;
importjavax.servlet.http.Cookie;
importjavax.servlet.http.HttpServletRequest;
importjavax.servlet.http.HttpServletResponse;
importjavax.servlet.http.HttpSession;
importjavax.servlet.jsp.jstl.core.Config;
importcom.learning.domain.User;
importcom.learning.service.UserService;
@WebFilter(urlPatterns="/*",initParams={@WebInitParam(name="autologin",value="login"),@WebInitParam(name="",value="")})
publicclassAutoFilterimplementsFilter{
privateFilterConfigfilterConfig;
@Override
publicvoiddestroy(){
}
@Override
publicvoiddoFilter(ServletRequestrequest,ServletResponseresponse,FilterChainchain)
throwsIOException,ServletException{
//转换对象
HttpServletRequesthttpServletRequest=(HttpServletRequest)request;
HttpServletResponsehttpServletResponse=(HttpServletResponse)response;
//获得访问的路径
Stringuri=httpServletRequest.getRequestURI();
StringcontextPath=httpServletRequest.getContextPath();
uri=uri.substring(contextPath.length()+1);
//获得初始化参数
Stringlogin=filterConfig.getInitParameter("autologin");
System.out.println("直接通行的路径:"+login);
//不包含"login"的路径就要进行过滤(xxxlogin.jsp不需要自动登录)
if(!uri.contains(login)){
HttpSessionsession=httpServletRequest.getSession();
Useru=(User)session.getAttribute("user");
if(u!=null){
System.out.println("session不为null");
chain.doFilter(request,response);
}else{
//处理业务逻辑
//1.获得cookie得到User的信息
Stringusername="";
Stringpassword="";
UserServiceuserService=newUserService();
Cookie[]cookies=httpServletRequest.getCookies();
for(inti=0;cookies!=null&&i
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持毛票票。