java使用Filter实现自动登录的方法
本文实例为大家分享了java实现自动登录的具体代码,供大家参考,具体内容如下
- 当你勾选(记住登录状态),用cookie保存用户名和密码。不勾选,cookie失效。
- 所有的页面都要经过autoLoginFilter.java的过滤器,在这类中,必须要判断cookies不为null,获得所有的cookie,得到name为user的cookie,进行用户名和密码的验证,如果不为null,则将user存入session。
- 在LoginServlet.java中,获得username和password参数,进行dao验证,如果不为空,放入seesion中,进行页面跳转。
- 创建cookie对象。setpath("/"),表示本应用下的所有路径都能访问此cookie。
- 对于已经正确登录的用户,再次访问其他页面必定会再次经过autoLoginFilter,这时,判断当前session中的user是否为null,不为null,直接通过。
- 对于**login.jsp的有关页面,不需要经过autoLoginFilter。
packagecom.learning.web.servlet; importjava.io.IOException; importjavax.servlet.ServletException; importjavax.servlet.annotation.WebServlet; importjavax.servlet.http.Cookie; importjavax.servlet.http.HttpServlet; importjavax.servlet.http.HttpServletRequest; importjavax.servlet.http.HttpServletResponse; importcom.learning.domain.User; importcom.learning.service.UserService; @WebServlet("/servlet/loginServlet") publicclassLoginServletextendsHttpServlet{ privatestaticfinallongserialVersionUID=1L; protectedvoiddoGet(HttpServletRequestrequest,HttpServletResponseresponse)throwsServletException,IOException{ Stringusername=request.getParameter("username"); Stringpassword=request.getParameter("password"); Stringautologin=request.getParameter("autologin"); UserServiceuserService=newUserService(); Useruser=userService.findUser(username,password); //user不为null,则登录成功 if(user!=null){ //创建cookie来保存用户信息 Cookiecookie=newCookie("user",user.getUsername()+"&"+user.getPassword()); cookie.setPath("/"); //autologin不为null,则记住了登录状态 if(autologin!=null){ cookie.setMaxAge(1*60*60*24);//一天的有效时间 } else{ cookie.setMaxAge(0); } response.addCookie(cookie); request.getSession().setAttribute("user",user); request.getRequestDispatcher("/home.jsp").forward(request,response); }else{ response.sendRedirect(request.getContextPath()+"/homeLogin.jsp"); } } protectedvoiddoPost(HttpServletRequestrequest,HttpServletResponseresponse)throwsServletException,IOException{ doGet(request,response); } }
packagecom.learning.web.filter; importjava.io.IOException; importjavax.servlet.Filter; importjavax.servlet.FilterChain; importjavax.servlet.FilterConfig; importjavax.servlet.ServletException; importjavax.servlet.ServletRequest; importjavax.servlet.ServletResponse; importjavax.servlet.annotation.WebFilter; importjavax.servlet.annotation.WebInitParam; importjavax.servlet.http.Cookie; importjavax.servlet.http.HttpServletRequest; importjavax.servlet.http.HttpServletResponse; importjavax.servlet.http.HttpSession; importjavax.servlet.jsp.jstl.core.Config; importcom.learning.domain.User; importcom.learning.service.UserService; @WebFilter(urlPatterns="/*",initParams={@WebInitParam(name="autologin",value="login"),@WebInitParam(name="",value="")}) publicclassAutoFilterimplementsFilter{ privateFilterConfigfilterConfig; @Override publicvoiddestroy(){ } @Override publicvoiddoFilter(ServletRequestrequest,ServletResponseresponse,FilterChainchain) throwsIOException,ServletException{ //转换对象 HttpServletRequesthttpServletRequest=(HttpServletRequest)request; HttpServletResponsehttpServletResponse=(HttpServletResponse)response; //获得访问的路径 Stringuri=httpServletRequest.getRequestURI(); StringcontextPath=httpServletRequest.getContextPath(); uri=uri.substring(contextPath.length()+1); //获得初始化参数 Stringlogin=filterConfig.getInitParameter("autologin"); System.out.println("直接通行的路径:"+login); //不包含"login"的路径就要进行过滤(xxxlogin.jsp不需要自动登录) if(!uri.contains(login)){ HttpSessionsession=httpServletRequest.getSession(); Useru=(User)session.getAttribute("user"); if(u!=null){ System.out.println("session不为null"); chain.doFilter(request,response); }else{ //处理业务逻辑 //1.获得cookie得到User的信息 Stringusername=""; Stringpassword=""; UserServiceuserService=newUserService(); Cookie[]cookies=httpServletRequest.getCookies(); for(inti=0;cookies!=null&&i以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持毛票票。