Servlet过滤器案例-自动登录
2012-12-05 19:38
155 查看
使用过滤器实现自动登录
登录的jsp页面<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My JSP 'login.jsp' starting page</title>
</head>
<body>
<form action="${pageContext.request.contextPath }/servlet/LoginServlet" method="post">
用户名:<input type="text" name="username"><br/>
密码:<input type="password" name="password"><br/>
有效期:<input type="radio" name="autoLoginTime" value="${60*60}">1小时
<input type="radio" name="autoLoginTime" value="${10*60}">10分钟
<input type="radio" name="autoLoginTime" value="${2*60}" checked="checked">2分钟<br/>
<input type="submit" value="登陆">
</form>
</body>
</html>处理登录请求的servlet
package com.hbsi.servlet;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import sun.misc.BASE64Encoder;
import com.hbsi.dao.UserDao;
import com.hbsi.domain.User;
public class LoginServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String username = request.getParameter("username");
String password = request.getParameter("password");
int autoLoginTime =Integer.parseInt(request.getParameter("autoLoginTime"));
UserDao dao = new UserDao();
User user = dao.find(username, password);
if(user!=null){
request.getSession().setAttribute("user",user);
//String password1 = user.getPassword();
//String md5password = md5(password1);
Cookie cookie1 = new Cookie("username",user.getUsername());
Cookie cookie2 = new Cookie("password",user.getPassword());
cookie1.setMaxAge(autoLoginTime);
cookie2.setMaxAge(autoLoginTime);
cookie1.setPath("/AutomaticLogin");
cookie2.setPath("/AutomaticLogin");
response.addCookie(cookie1);
response.addCookie(cookie2);
response.sendRedirect("/AutomaticLogin/welcome.jsp");
}else{
request.setAttribute("message","用户名密码错");
request.getRequestDispatcher("/message.jsp").forward(request, response);
}
}
private String md5(String input){
try {
MessageDigest md = MessageDigest.getInstance("md5");
byte[] result = md.digest(input.getBytes());
BASE64Encoder encoder = new BASE64Encoder();
return encoder.encode(result);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException();
}
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}登录信息的jsp页面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My JSP 'message.jsp' starting page</title>
</head>
<body>
${message}<br>
</body>
</html>登录后的首页jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My JSP 'welcome.jsp' starting page</title>
</head>
<body>
欢迎您:${user.username} <br>
</body>
</html>Servlet过滤器
package com.hbsi.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.hbsi.dao.UserDao;
import com.hbsi.domain.User;
public class AutoLoginFilter implements Filter {
@Override
public void destroy() {
// TODO Auto-generated method stub
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
//1.检查用户是否登录
User user = (User) req.getSession().getAttribute("user");
if(user!=null){
chain.doFilter(req,resp);
return;
}
//2.检查用户是否带cookie来
String username = null;
String password = null;
Cookie[] cookies = req.getCookies();
for(int i=0;cookies!=null && i<cookies.length;i++){
if(cookies[i].getName().equals("username")){
username = cookies[i].getValue();
}
if(cookies[i].getName().equals("password")){
password = cookies[i].getValue();
}
}
if(username==null && password==null){
chain.doFilter(req, resp);
return;
}
UserDao dao = new UserDao();
User user1 = dao.find(username);
String save_password = user1.getPassword();
if(!password.equals(save_password)){
chain.doFilter(req, resp);
return;
}
req.getSession().setAttribute("user",user1);
chain.doFilter(req, resp);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
// TODO Auto-generated method stub
}
}连接数据库的工具类
package com.hbsi.util;
import java.io.InputStream;
import java.util.Properties;
import javax.sql.DataSource;
import org.apache.commons.dbcp.BasicDataSourceFactory;
public class DBManger2 {
private static DataSource ds;
static {
try {
InputStream in = DBManger2.class.getClassLoader()
.getResourceAsStream("dbcpconfig.properties");
Properties prop = new Properties();
prop.load(in);
ds = BasicDataSourceFactory.createDataSource(prop);
} catch (Exception e) {
e.printStackTrace();
}
}
public static DataSource getDataSource(){
return ds;
}
}连接数据库所读的配置文件
#连接设置 driverClassName=com.mysql.jdbc.Driver url=jdbc:mysql://localhost:3306/java username=root password=root #<!-- 初始化连接 --> initialSize=10 #最大连接数量 maxActive=50 #<!-- 最大空闲连接 --> maxIdle=20 #<!-- 最小空闲连接 --> minIdle=5 #<!-- 超时等待时间以毫秒为单位 6000毫秒/1000等于60秒 --> maxWait=60000 #JDBC驱动建立连接时附带的连接属性属性的格式必须为这样:[属性名=property;] #注意:"user" 与 "password" 两个属性会被明确地传递,因此这里不需要包含他们。 connectionProperties=useUnicode=true;characterEncoding=gbk #指定由连接池所创建的连接的自动提交(auto-commit)状态。 defaultAutoCommit=true #driver default 指定由连接池所创建的连接的只读(read-only)状态。 #如果没有设置该值,则“setReadOnly”方法将不被调用。(某些驱动并不支持只读模式,如:Informix) defaultReadOnly= #driver default 指定由连接池所创建的连接的事务级别(TransactionIsolation)。 #可用值为下列之一:(详情可见javadoc。)NONE,READ_UNCOMMITTED, READ_COMMITTED, REPEATABLE_READ, SERIALIZABLE defaultTransactionIsolation=READ_UNCOMMITTED
实体类
package com.hbsi.domain;
public class User {
private String username;
private String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}处理实体类的实现类
package com.hbsi.dao;
import java.util.List;
import org.apache.commons.dbutils.QueryRunner;
import org.apache.commons.dbutils.handlers.BeanHandler;
import org.apache.commons.dbutils.handlers.BeanListHandler;
import com.hbsi.domain.User;
import com.hbsi.util.DBManger2;
public class UserDao {
public List<User> getAll(){
try{
QueryRunner runner = new QueryRunner(DBManger2.getDataSource());
String sql = "select * from user1";
return (List<User>) runner.query(sql,new BeanListHandler(User.class));
}catch(Exception e){
throw new RuntimeException();
}
}
public User find(String username,String password){
try{
QueryRunner runner = new QueryRunner(DBManger2.getDataSource());
String sql = "select * from user1 where username=? and password=?";
Object[] params = {username,password};
return (User) runner.query(sql, params, new BeanHandler(User.class));
}catch(Exception e){
throw new RuntimeException();
}
}
public User find(String username){
try{
QueryRunner runner = new QueryRunner(DBManger2.getDataSource());
String sql = "select * from user1 where username=?";
return (User) runner.query(sql, username, new BeanHandler(User.class));
}catch(Exception e){
throw new RuntimeException();
}
}
}web.xml文件
<?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <servlet> <servlet-name>LoginServlet</servlet-name> <servlet-class>com.hbsi.servlet.LoginServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>LoginServlet</servlet-name> <url-pattern>/servlet/LoginServlet</url-pattern> </servlet-mapping> <filter> <filter-name>AutoLoginFilter</filter-name> <filter-class>com.hbsi.filter.AutoLoginFilter</filter-class> </filter> <filter-mapping> <filter-name>AutoLoginFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> </web-app>
项目大概一览
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 过滤器案例-----自动登录
- 黑马day14 过滤器之自动登录小案例
- 黑马day14 过滤器之自动登录小案例
- 过滤器Filter的案例2——自动登录
- JAVAWEB开发之Servlet Filter(过滤器)详解包括post和get编码过滤器、URL访问权限控制、自动登录。以及装饰模式的使用
- 【过滤器】(3)过滤器的应用案例:网站自动登录技术(Cookie记忆)
- JavaWeb之过滤器实现自动登录案例
- 过滤器Filter--登录案例
- 2011级-csdn-java-张侃— 过滤器(自动登录)
- JavaWeb-过滤器Filter学习(三)实现用户的自动登录与IP黑名单过滤
- Struts2.0里的过滤器interceptor之用户只可以访问Login.action与Register.action,访问其它.action的链接时,自动切换到登录页面
- 利用过滤器(Filter)实现自动登录功能
- 基于Servlet、JSP、JDBC、MySQL的登录模块(含过滤器的使用和配置)
- 重新学javaweb---过滤器应用--30天自动登录
- Servlet中用Cookie实现自动登录
- 正确认识return的重要性,自动登录时servlet/jsp
- 开发安全应用程序(二)--开发用于进行表单登录处理的 servlet 过滤器
- 过滤器的应用之自动登录--filter(三)
- struts2结合过滤器和cookie实现自动登录
- ssh过滤器小案例(登录)Struts2-0