java cookie 实现用户账号信息本地保存
2010-11-22 09:20
483 查看
package cn.itcast.util;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import cn.itcast.bean.User;
import cn.itcast.dao.UserDAO;
import cn.itcast.factory.DaoImplFactory;
import com.sun.org.apache.xerces.internal.impl.dv.util.Base64;
/*
* 2007.09.21 by lyhapple
* */
public class CookieUtil {
//保存cookie时的cookieName
private final static String cookieDomainName = “cn.itcast”;
//加密cookie时的网站自定码
private final static String webKey = “itcast”;
//设置cookie有效期是两个星期,根据需要自定义
private final static long cookieMaxAge = 60 * 60 * 24 * 7 * 2;
//保存Cookie到客户端--------------------------------------------------------------------------------------------------------
//在CheckLogonServlet.java中被调用
//传递进来的user对象中封装了在登陆时填写的用户名与密码
public static void saveCookie(User user, HttpServletResponse response) {
//cookie的有效期
long validTime = System.currentTimeMillis() + (cookieMaxAge * 1000);
//MD5加密用户详细信息
String cookieValueWithMd5 =getMD5(user.getUserName() + ":" + user.getPassword()
+ ":" + validTime + ":" + webKey);
//将要被保存的完整的Cookie值
String cookieValue = user.getUserName() + ":" + validTime + ":" + cookieValueWithMd5;
//再一次对Cookie的值进行BASE64编码
String cookieValueBase64 = new String(Base64.encode(cookieValue.getBytes()));
//开始保存Cookie
Cookie cookie = new Cookie(cookieDomainName, cookieValueBase64);
//存两年(这个值应该大于或等于validTime)
cookie.setMaxAge(60 * 60 * 24 * 365 * 2);
//cookie有效路径是网站根目录
cookie.setPath("/");
//向客户端写入
response.addCookie(cookie);
}
//读取Cookie,自动完成登陆操作--------------------------------------------------------------------------------------------
//在Filter程序中调用该方法,见AutoLogonFilter.java
public static void readCookieAndLogon(HttpServletRequest request, HttpServletResponse response,
FilterChain chain) throws IOException, ServletException,UnsupportedEncodingException{
//根据cookieName取cookieValue
Cookie cookies[] = request.getCookies();
String cookieValue = null;
if(cookies!=null){
for(int i=0;i
if (cookieDomainName.equals(cookies[i].getName())) {
cookieValue = cookies[i].getValue();
break;
}
}
}
//如果cookieValue为空,返回,
if(cookieValue==null){
return;
}
//如果cookieValue不为空,才执行下面的代码
//先得到的CookieValue进行Base64解码
String cookieValueAfterDecode = new String (Base64.decode(cookieValue),"utf-8");
//对解码后的值进行分拆,得到一个数组,如果数组长度不为3,就是非法登陆
String cookieValues[] = cookieValueAfterDecode.split(":");
if(cookieValues.length!=3){
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
out.println("你正在用非正常方式进入本站...");
out.close();
return;
}
//判断是否在有效期内,过期就删除Cookie
long validTimeInCookie = new Long(cookieValues[1]);
if(validTimeInCookie < System.currentTimeMillis()){
//删除Cookie
clearCookie(response);
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
out.println("");你的Cookie已经失效,请重新登陆
out.close();
return;
}
//取出cookie中的用户名,并到数据库中检查这个用户名,
String username = cookieValues[0];
//根据用户名到数据库中检查用户是否存在
UserDAO ud = DaoImplFactory.getInstance();
User user = ud.selectUserByUsername(username);
//如果user返回不为空,就取出密码,使用用户名+密码+有效时间+ webSiteKey进行MD5加密
if(user!=null){
String md5ValueInCookie = cookieValues[2];
String md5ValueFromUser =getMD5(user.getUserName() + ":" + user.getPassword()
+ ":" + validTimeInCookie + ":" + webKey);
//将结果与Cookie中的MD5码相比较,如果相同,写入Session,自动登陆成功,并继续用户请求
if(md5ValueFromUser.equals(md5ValueInCookie)){
HttpSession session = request.getSession(true);
session.setAttribute("user", user);
chain.doFilter(request, response);
}
}else{
//返回为空执行
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
out.println("cookie验证错误!");
out.close();
return;
}
}
//用户注销时,清除Cookie,在需要时可随时调用------------------------------------------------------------
public static void clearCookie( HttpServletResponse response){
Cookie cookie = new Cookie(cookieDomainName, null);
cookie.setMaxAge(0);
cookie.setPath("/");
response.addCookie(cookie);
}
//获取Cookie组合字符串的MD5码的字符串----------------------------------------------------------------------------
public static String getMD5(String value) {
String result = null;
try{
byte[] valueByte = value.getBytes();
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(valueByte);
result = toHex(md.digest());
} catch (NoSuchAlgorithmException e2){
e1.printStackTrace();
}
return result;
}
//将传递进来的字节数组转换成十六进制的字符串形式并返回
private static String toHex(byte[] buffer){
StringBuffer sb = new StringBuffer(buffer.length * 2);
for (int i = 0; i < buffer.length; i++){
sb.append(Character.forDigit((buffer[i] & 0xf0) >> 4, 16));
sb.append(Character.forDigit(buffer[i] & 0x0f, 16));
}
return sb.toString();
}
}
转自http://aaagu1234.blog.163.com/blog/static/4009371520109221265426/
import java.io.IOException;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import cn.itcast.bean.User;
import cn.itcast.dao.UserDAO;
import cn.itcast.factory.DaoImplFactory;
import com.sun.org.apache.xerces.internal.impl.dv.util.Base64;
/*
* 2007.09.21 by lyhapple
* */
public class CookieUtil {
//保存cookie时的cookieName
private final static String cookieDomainName = “cn.itcast”;
//加密cookie时的网站自定码
private final static String webKey = “itcast”;
//设置cookie有效期是两个星期,根据需要自定义
private final static long cookieMaxAge = 60 * 60 * 24 * 7 * 2;
//保存Cookie到客户端--------------------------------------------------------------------------------------------------------
//在CheckLogonServlet.java中被调用
//传递进来的user对象中封装了在登陆时填写的用户名与密码
public static void saveCookie(User user, HttpServletResponse response) {
//cookie的有效期
long validTime = System.currentTimeMillis() + (cookieMaxAge * 1000);
//MD5加密用户详细信息
String cookieValueWithMd5 =getMD5(user.getUserName() + ":" + user.getPassword()
+ ":" + validTime + ":" + webKey);
//将要被保存的完整的Cookie值
String cookieValue = user.getUserName() + ":" + validTime + ":" + cookieValueWithMd5;
//再一次对Cookie的值进行BASE64编码
String cookieValueBase64 = new String(Base64.encode(cookieValue.getBytes()));
//开始保存Cookie
Cookie cookie = new Cookie(cookieDomainName, cookieValueBase64);
//存两年(这个值应该大于或等于validTime)
cookie.setMaxAge(60 * 60 * 24 * 365 * 2);
//cookie有效路径是网站根目录
cookie.setPath("/");
//向客户端写入
response.addCookie(cookie);
}
//读取Cookie,自动完成登陆操作--------------------------------------------------------------------------------------------
//在Filter程序中调用该方法,见AutoLogonFilter.java
public static void readCookieAndLogon(HttpServletRequest request, HttpServletResponse response,
FilterChain chain) throws IOException, ServletException,UnsupportedEncodingException{
//根据cookieName取cookieValue
Cookie cookies[] = request.getCookies();
String cookieValue = null;
if(cookies!=null){
for(int i=0;i
if (cookieDomainName.equals(cookies[i].getName())) {
cookieValue = cookies[i].getValue();
break;
}
}
}
//如果cookieValue为空,返回,
if(cookieValue==null){
return;
}
//如果cookieValue不为空,才执行下面的代码
//先得到的CookieValue进行Base64解码
String cookieValueAfterDecode = new String (Base64.decode(cookieValue),"utf-8");
//对解码后的值进行分拆,得到一个数组,如果数组长度不为3,就是非法登陆
String cookieValues[] = cookieValueAfterDecode.split(":");
if(cookieValues.length!=3){
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
out.println("你正在用非正常方式进入本站...");
out.close();
return;
}
//判断是否在有效期内,过期就删除Cookie
long validTimeInCookie = new Long(cookieValues[1]);
if(validTimeInCookie < System.currentTimeMillis()){
//删除Cookie
clearCookie(response);
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
out.println("");你的Cookie已经失效,请重新登陆
out.close();
return;
}
//取出cookie中的用户名,并到数据库中检查这个用户名,
String username = cookieValues[0];
//根据用户名到数据库中检查用户是否存在
UserDAO ud = DaoImplFactory.getInstance();
User user = ud.selectUserByUsername(username);
//如果user返回不为空,就取出密码,使用用户名+密码+有效时间+ webSiteKey进行MD5加密
if(user!=null){
String md5ValueInCookie = cookieValues[2];
String md5ValueFromUser =getMD5(user.getUserName() + ":" + user.getPassword()
+ ":" + validTimeInCookie + ":" + webKey);
//将结果与Cookie中的MD5码相比较,如果相同,写入Session,自动登陆成功,并继续用户请求
if(md5ValueFromUser.equals(md5ValueInCookie)){
HttpSession session = request.getSession(true);
session.setAttribute("user", user);
chain.doFilter(request, response);
}
}else{
//返回为空执行
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
out.println("cookie验证错误!");
out.close();
return;
}
}
//用户注销时,清除Cookie,在需要时可随时调用------------------------------------------------------------
public static void clearCookie( HttpServletResponse response){
Cookie cookie = new Cookie(cookieDomainName, null);
cookie.setMaxAge(0);
cookie.setPath("/");
response.addCookie(cookie);
}
//获取Cookie组合字符串的MD5码的字符串----------------------------------------------------------------------------
public static String getMD5(String value) {
String result = null;
try{
byte[] valueByte = value.getBytes();
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(valueByte);
result = toHex(md.digest());
} catch (NoSuchAlgorithmException e2){
e1.printStackTrace();
}
return result;
}
//将传递进来的字节数组转换成十六进制的字符串形式并返回
private static String toHex(byte[] buffer){
StringBuffer sb = new StringBuffer(buffer.length * 2);
for (int i = 0; i < buffer.length; i++){
sb.append(Character.forDigit((buffer[i] & 0xf0) >> 4, 16));
sb.append(Character.forDigit(buffer[i] & 0x0f, 16));
}
return sb.toString();
}
}
转自http://aaagu1234.blog.163.com/blog/static/4009371520109221265426/
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- java cookie 实现用户账号信息本地保存
- java cookie 实现用户账号信息本地保存
- 初学JavaWeb-利用Cookie保存用户基本信息
- jQuery的cookie插件实现保存用户登陆信息
- java的web项目中使用cookie保存用户登陆信息
- jquery.cookie.js && java后台代码 操作cookie实现记住当前用户输入信息代码
- php同时使用session和cookie来保存用户登录信息的实现代码
- HTML5本地储存追加利用html5的本地存储功能实现登录用户信息保存
- java的web项目中使用cookie保存用户登陆信息
- jQuery的cookie插件实现保存用户登陆信息
- Java的web项目中使用cookie保存用户登陆信息
- 利用html5的本地存储功能实现登录用户信息保存
- 使用COOKIE对像实现保存用户基本信息(结合Session),ASP.Net实现用户登录全过程
- java的web项目中使用cookie保存用户登陆信息
- 利用html5的本地存储功能实现登录用户信息保存
- php中使用cookie来保存用户登录信息的实现代码
- 使用cookie保存用户的登录状态——初步实现
- 如何获取网页验证码图片并保存到本地(Java实现) [问题点数:40分,结帖人lanxuezaipiao]
- php中如何同时使用session和cookie来保存用户登录信息