您的位置：首页 > 其它

6Filter应用5实现用户自动登陆的过滤器

2012-10-18 11:40 323 查看

1.步骤：

（1）在用户登陆成功后，发送一个名称为user的cookie给客户端，cookie的值为用户名和md5加密后的密码。

（2）编写一个AutoLoginFilter，这个filter检查用户是否带有名称为user的cookie来，如果有，则调用dao查询cookie的用户名和密码是否和数据库匹配，匹配则向session中存入user对象（即用户登陆标记），以实现程序完成自动登陆。

2.User对象

public class User {

private String username;
private String password;

public User() {
super();
// TODO Auto-generated constructor stub
}
public User(String username, String password) {
super();
this.username = username;
this.password = password;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}

}

3.BusinessService

public class BusinessService {

private static List<User> list = new ArrayList();
static{
list.add(new User("aaa","123"));
list.add(new User("bbb","123"));
list.add(new User("ccc","123"));
list.add(new User("ddd","123"));
}

public User loginUser(String username,String password){
for(User user : list){
if(user.getUsername().equals(username) && user.getPassword().equals(password)){
return user;
}
}
return null;
}

public String findPassword(String username) {
for(User user : list){
if(user.getUsername().equals(username)){
return user.getPassword();
}
}
return null;
}

public User findUser(String username) {
for(User user : list){
if(user.getUsername().equals(username)){
return user;
}
}
return null;
}

}

4.login.jsp

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My JSP 'login.jsp' starting page</title>
</head>

<body>

<form action="${pageContext.request.contextPath }/servlet/LoginServlet" method="post">

用户名：<input type="text" name="username"><br/>
密码：<input type="password" name="password"><br/>
有效期：<input type="radio" name="loginExpiresTime" value="60">1分钟
<input type="radio" name="loginExpiresTime" value="${3*60}">3分钟
<input type="radio" name="loginExpiresTime" value="${5*60 }">5分钟
<br/>
<input type="submit" value="登陆">

</form>
</body>
</html>

5.LoginServlet

public class LoginServlet extends HttpServlet {

public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {

String username = request.getParameter("username");
String password = request.getParameter("password");

BusinessService service = new BusinessService();
User user = service.loginUser(username, password);
if(user==null){
request.setAttribute("message", "用户名或密码错误！！");
request.getRequestDispatcher("/message.jsp").forward(request, response);
return;
}

request.getSession().setAttribute("user", user);

//用户登陆后，就要给用户发送自动登陆的cookie
sendAutoLoginCookie(request,response,user);

request.setAttribute("message", "登陆成功！！");
request.getRequestDispatcher("/message.jsp").forward(request, response);
}

//给用户发送自动登陆的cookie
private void sendAutoLoginCookie(HttpServletRequest request,
HttpServletResponse response, User user) {

int loginExpiresTime = Integer.parseInt(request.getParameter("loginExpiresTime"));  //3

//构建给用户发送的cookie:
//autologinCookie=aaa:123
//autologinCookie=aaa:md5(password)
//autologinCookie=aaa:expirestime:md5(password)  //autologinCookie=aaa:20:9837hfhdsudfu
//autologinCookie=aaa:expirestime:md5(aaa:expirestime:password)  //autologinCookie=aaa:20:9837hfhdsudfu

long expiresTime = System.currentTimeMillis() + loginExpiresTime*1000;   //2011-09-09
String value = user.getUsername() + ":" + expiresTime + ":" + WebUtils.md5(user.getUsername(),expiresTime,user.getPassword());
Cookie cookie = new Cookie("autologinCookie",value);
cookie.setMaxAge(loginExpiresTime);
cookie.setPath(request.getContextPath());  // /day19
response.addCookie(cookie);
}

public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}

}

内容来自用户分享和网络整理，不保证内容的准确性，如有侵权内容，可联系管理员处理

标签： filter user string input constructor list

相关文章推荐

新的分享

章节导航