Servlet过滤器案例-自动登录
2012-12-05 19:38
155 查看
使用过滤器实现自动登录
登录的jsp页面<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>My JSP 'login.jsp' starting page</title> </head> <body> <form action="${pageContext.request.contextPath }/servlet/LoginServlet" method="post"> 用户名:<input type="text" name="username"><br/> 密码:<input type="password" name="password"><br/> 有效期:<input type="radio" name="autoLoginTime" value="${60*60}">1小时 <input type="radio" name="autoLoginTime" value="${10*60}">10分钟 <input type="radio" name="autoLoginTime" value="${2*60}" checked="checked">2分钟<br/> <input type="submit" value="登陆"> </form> </body> </html>
处理登录请求的servlet
package com.hbsi.servlet; import java.io.IOException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import sun.misc.BASE64Encoder; import com.hbsi.dao.UserDao; import com.hbsi.domain.User; public class LoginServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String username = request.getParameter("username"); String password = request.getParameter("password"); int autoLoginTime =Integer.parseInt(request.getParameter("autoLoginTime")); UserDao dao = new UserDao(); User user = dao.find(username, password); if(user!=null){ request.getSession().setAttribute("user",user); //String password1 = user.getPassword(); //String md5password = md5(password1); Cookie cookie1 = new Cookie("username",user.getUsername()); Cookie cookie2 = new Cookie("password",user.getPassword()); cookie1.setMaxAge(autoLoginTime); cookie2.setMaxAge(autoLoginTime); cookie1.setPath("/AutomaticLogin"); cookie2.setPath("/AutomaticLogin"); response.addCookie(cookie1); response.addCookie(cookie2); response.sendRedirect("/AutomaticLogin/welcome.jsp"); }else{ request.setAttribute("message","用户名密码错"); request.getRequestDispatcher("/message.jsp").forward(request, response); } } private String md5(String input){ try { MessageDigest md = MessageDigest.getInstance("md5"); byte[] result = md.digest(input.getBytes()); BASE64Encoder encoder = new BASE64Encoder(); return encoder.encode(result); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(); } } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
登录信息的jsp页面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>My JSP 'message.jsp' starting page</title> </head> <body> ${message}<br> </body> </html>
登录后的首页jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>My JSP 'welcome.jsp' starting page</title> </head> <body> 欢迎您:${user.username} <br> </body> </html>
Servlet过滤器
package com.hbsi.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import com.hbsi.dao.UserDao; import com.hbsi.domain.User; public class AutoLoginFilter implements Filter { @Override public void destroy() { // TODO Auto-generated method stub } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse resp = (HttpServletResponse) response; //1.检查用户是否登录 User user = (User) req.getSession().getAttribute("user"); if(user!=null){ chain.doFilter(req,resp); return; } //2.检查用户是否带cookie来 String username = null; String password = null; Cookie[] cookies = req.getCookies(); for(int i=0;cookies!=null && i<cookies.length;i++){ if(cookies[i].getName().equals("username")){ username = cookies[i].getValue(); } if(cookies[i].getName().equals("password")){ password = cookies[i].getValue(); } } if(username==null && password==null){ chain.doFilter(req, resp); return; } UserDao dao = new UserDao(); User user1 = dao.find(username); String save_password = user1.getPassword(); if(!password.equals(save_password)){ chain.doFilter(req, resp); return; } req.getSession().setAttribute("user",user1); chain.doFilter(req, resp); } @Override public void init(FilterConfig filterConfig) throws ServletException { // TODO Auto-generated method stub } }
连接数据库的工具类
package com.hbsi.util; import java.io.InputStream; import java.util.Properties; import javax.sql.DataSource; import org.apache.commons.dbcp.BasicDataSourceFactory; public class DBManger2 { private static DataSource ds; static { try { InputStream in = DBManger2.class.getClassLoader() .getResourceAsStream("dbcpconfig.properties"); Properties prop = new Properties(); prop.load(in); ds = BasicDataSourceFactory.createDataSource(prop); } catch (Exception e) { e.printStackTrace(); } } public static DataSource getDataSource(){ return ds; } }
连接数据库所读的配置文件
#连接设置 driverClassName=com.mysql.jdbc.Driver url=jdbc:mysql://localhost:3306/java username=root password=root #<!-- 初始化连接 --> initialSize=10 #最大连接数量 maxActive=50 #<!-- 最大空闲连接 --> maxIdle=20 #<!-- 最小空闲连接 --> minIdle=5 #<!-- 超时等待时间以毫秒为单位 6000毫秒/1000等于60秒 --> maxWait=60000 #JDBC驱动建立连接时附带的连接属性属性的格式必须为这样:[属性名=property;] #注意:"user" 与 "password" 两个属性会被明确地传递,因此这里不需要包含他们。 connectionProperties=useUnicode=true;characterEncoding=gbk #指定由连接池所创建的连接的自动提交(auto-commit)状态。 defaultAutoCommit=true #driver default 指定由连接池所创建的连接的只读(read-only)状态。 #如果没有设置该值,则“setReadOnly”方法将不被调用。(某些驱动并不支持只读模式,如:Informix) defaultReadOnly= #driver default 指定由连接池所创建的连接的事务级别(TransactionIsolation)。 #可用值为下列之一:(详情可见javadoc。)NONE,READ_UNCOMMITTED, READ_COMMITTED, REPEATABLE_READ, SERIALIZABLE defaultTransactionIsolation=READ_UNCOMMITTED
实体类
package com.hbsi.domain; public class User { private String username; private String password; public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } }
处理实体类的实现类
package com.hbsi.dao; import java.util.List; import org.apache.commons.dbutils.QueryRunner; import org.apache.commons.dbutils.handlers.BeanHandler; import org.apache.commons.dbutils.handlers.BeanListHandler; import com.hbsi.domain.User; import com.hbsi.util.DBManger2; public class UserDao { public List<User> getAll(){ try{ QueryRunner runner = new QueryRunner(DBManger2.getDataSource()); String sql = "select * from user1"; return (List<User>) runner.query(sql,new BeanListHandler(User.class)); }catch(Exception e){ throw new RuntimeException(); } } public User find(String username,String password){ try{ QueryRunner runner = new QueryRunner(DBManger2.getDataSource()); String sql = "select * from user1 where username=? and password=?"; Object[] params = {username,password}; return (User) runner.query(sql, params, new BeanHandler(User.class)); }catch(Exception e){ throw new RuntimeException(); } } public User find(String username){ try{ QueryRunner runner = new QueryRunner(DBManger2.getDataSource()); String sql = "select * from user1 where username=?"; return (User) runner.query(sql, username, new BeanHandler(User.class)); }catch(Exception e){ throw new RuntimeException(); } } }
web.xml文件
<?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <servlet> <servlet-name>LoginServlet</servlet-name> <servlet-class>com.hbsi.servlet.LoginServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>LoginServlet</servlet-name> <url-pattern>/servlet/LoginServlet</url-pattern> </servlet-mapping> <filter> <filter-name>AutoLoginFilter</filter-name> <filter-class>com.hbsi.filter.AutoLoginFilter</filter-class> </filter> <filter-mapping> <filter-name>AutoLoginFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> </web-app>
项目大概一览
相关文章推荐
- 过滤器案例-----自动登录
- 黑马day14 过滤器之自动登录小案例
- 黑马day14 过滤器之自动登录小案例
- 过滤器Filter的案例2——自动登录
- JAVAWEB开发之Servlet Filter(过滤器)详解包括post和get编码过滤器、URL访问权限控制、自动登录。以及装饰模式的使用
- 【过滤器】(3)过滤器的应用案例:网站自动登录技术(Cookie记忆)
- JavaWeb之过滤器实现自动登录案例
- 过滤器Filter--登录案例
- 2011级-csdn-java-张侃— 过滤器(自动登录)
- JavaWeb-过滤器Filter学习(三)实现用户的自动登录与IP黑名单过滤
- Struts2.0里的过滤器interceptor之用户只可以访问Login.action与Register.action,访问其它.action的链接时,自动切换到登录页面
- 利用过滤器(Filter)实现自动登录功能
- 基于Servlet、JSP、JDBC、MySQL的登录模块(含过滤器的使用和配置)
- 重新学javaweb---过滤器应用--30天自动登录
- Servlet中用Cookie实现自动登录
- 正确认识return的重要性,自动登录时servlet/jsp
- 开发安全应用程序(二)--开发用于进行表单登录处理的 servlet 过滤器
- 过滤器的应用之自动登录--filter(三)
- struts2结合过滤器和cookie实现自动登录
- ssh过滤器小案例(登录)Struts2-0