您的位置：首页 > 编程语言 > Java开发

Java：Cookie实现记住用户名、密码

2017-09-15 10:43 288 查看

package

com.laizhi.util;

003	import java.io.IOException;

005	import java.io.PrintWriter;

007	import java.io.UnsupportedEncodingException;

009	import javax.servlet.FilterChain;

011	import javax.servlet.ServletException;

013	import javax.servlet.http.Cookie;

015	import javax.servlet.http.HttpServletRequest;

017	import javax.servlet.http.HttpServletResponse;

019	import javax.servlet.http.HttpSession;

021	import java.security.MessageDigest;

023	import java.security.NoSuchAlgorithmException;

025	import com.laizhi.bean.User;

027	import com.laizhi.dao.UserDAO;

029	import com.laizhi.factory.DaoImplFactory;

031	import com.sun.org.apache.xerces.internal.impl.dv.util.Base64;

/*

035	*2014.07.01

**/

039	public class CookieUtil {

040	//保存cookie时的cookieName

041	private final static String cookieDomainName = “laizhi”;

042	//加密cookie时的网站自定码

044	private final static String webKey = “ 123456 ”;

045	//设置cookie有效期是两个星期，根据需要自定义

046	private final static long cookieMaxAge = 60 * 60 * 24 * 7 * 2 ;

047	//保存Cookie到客户端-------------------------------------------------------------------------

048	//在CheckLogonServlet.java中被调用

049	//传递进来的user对象中封装了在登陆时填写的用户名与密码

051	public static void saveCookie(User user,HttpServletResponse response) {

052	//cookie的有效期

053	long validTime = System.currentTimeMillis() + (cookieMaxAge * 5000 );

054	//MD5加密用户详细信息

055	String cookieValueWithMd5 =getMD5(user.getUserName() + ":" + user.getPassword()

057	+ ":" + validTime + ":" + webKey);

058	//将要被保存的完整的Cookie值

059	String cookieValue = user.getUserName() + ":" + validTime + ":" + cookieValueWithMd5;

060	//再一次对Cookie的值进行BASE64编码

062	String cookieValueBase64 = new String(Base64.encode(cookieValue.getBytes()));

063	//开始保存Cookie

064	Cookie cookie = new Cookie(cookieDomainName,cookieValueBase64);

065	//存两年(这个值应该大于或等于validTime)

066	cookie.setMaxAge( 60 * 60 * 24 * 365 * 2 );

068	//cookie有效路径是网站根目录

070	cookie.setPath( "/" );

//向客户端写入

074	response.addCookie(cookie);

080	//读取Cookie,自动完成登陆操作----------------------------------------------------------------

082	//在Filter程序中调用该方法,见AutoLogonFilter.java

084	public static void readCookieAndLogon(HttpServletRequest request,HttpServletResponse response,

086	FilterChain chain) throws IOException,ServletException,UnsupportedEncodingException{

087	//根据cookieName取cookieValue

088	Cookie cookies[] = request.getCookies();

089	String cookieValue = null ;

090	if (cookies!= null ){

091	for ( int i= 0 ;i

092	if (cookieDomainName.equals(cookies[i].getName())) {

093	cookieValue = cookies[i].getValue();

break

100	//如果cookieValue为空,返回,

101	if (cookieValue== null ){

return

104	//如果cookieValue不为空,才执行下面的代码

105	//先得到的CookieValue进行Base64解码

106	String cookieValueAfterDecode = new String (Base64.decode(cookieValue), "utf-8" );

107	//对解码后的值进行分拆,得到一个数组,如果数组长度不为3,就是非法登陆

108	String cookieValues[] = cookieValueAfterDecode.split( ":" );

109	if (cookieValues.length!= 3 ){

110	response.setContentType( "text/html;charset=utf-8" );

111	PrintWriter out = response.getWriter();

112	out.println( "你正在用非正常方式进入本站..." );

113	out.close();

return

116	//判断是否在有效期内,过期就删除Cookie

117	long validTimeInCookie = new Long(cookieValues[ 1 ]);

118	if (validTimeInCookie < System.currentTimeMillis()){

119	//删除Cookie

120	clearCookie(response);

121	response.setContentType( "text/html;charset=utf-8" );

122	PrintWriter out = response.getWriter();

123	out.println( "" );你的Cookie已经失效,请重新登陆

124	out.close();

return

127	//取出cookie中的用户名,并到数据库中检查这个用户名,

128	String username = cookieValues[ 0 ];

130	//根据用户名到数据库中检查用户是否存在

131	UserDAO ud = DaoImplFactory.getInstance();

132	User user = ud.selectUserByUsername(username);

134	//如果user返回不为空,就取出密码,使用用户名+密码+有效时间+ webSiteKey进行MD5加密

135	if (user!= null ){

136	String md5ValueInCookie = cookieValues[ 2 ];

137	String md5ValueFromUser =getMD5(user.getUserName() + ":" + user.getPassword()

138	+ ":" + validTimeInCookie + ":" + webKey);

139	//将结果与Cookie中的MD5码相比较,如果相同,写入Session,自动登陆成功,并继续用户请求

140	if (md5ValueFromUser.equals(md5ValueInCookie)){

141	HttpSession session = request.getSession( true );

142	session.setAttribute( "user" ,user);

143	chain.doFilter(request,response);

else

//返回为空执行

149	response.setContentType( "text/html;charset=utf-8" );

150	PrintWriter out = response.getWriter();

151	out.println( "cookie验证错误！" );

152	out.close();

return

161	//用户注销时,清除Cookie,在需要时可随时调用-----------------------------------------------------

162	public static void clearCookie( HttpServletResponse response){

163	Cookie cookie = new Cookie(cookieDomainName, null );

164	cookie.setMaxAge( 0 );

165	cookie.setPath( "/" );

166	response.addCookie(cookie);

169	//获取Cookie组合字符串的MD5码的字符串----------------------------------------------------------------

170	public static String getMD5(String value) {

171	String result = null ;

try

173	byte [] valueByte = value.getBytes();

174	MessageDigest md = MessageDigest.getInstance( "MD5" );

175	md.update(valueByte);

176	result = toHex(md.digest());

177	} catch (NoSuchAlgorithmException e2){

178	e1.printStackTrace();

180	return result;

182	//将传递进来的字节数组转换成十六进制的字符串形式并返回

183	private static String toHex( byte [] buffer){

184	StringBuffer sb = new StringBuffer(buffer.length * 2 );

185	for ( int i = 0 ; i < buffer.length; i++){

186	sb.append(Character.forDigit((buffer[i] & 0xf0 ) >> 4 , 16 ));

187	sb.append(Character.forDigit(buffer[i] & 0x0f , 16 ));

189	return sb.toString();

内容来自用户分享和网络整理，不保证内容的准确性，如有侵权内容，可联系管理员处理

标签：

相关文章推荐

新的分享

章节导航