验证用户是否已经登录
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
package cn.hongxin.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class LoginFilter implements Filter{ public void init(FilterConfig filterConfig) throws ServletException { } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { //将request强转成htt... HttpServletRequest req = (HttpServletRequest) request; //获取session HttpSession ss = req.getSession(); //从session中获取user if (ss.getAttribute( "user" )== null ){ System.err.println( "你还没有登录" ); req.getSession().setAttribute( "msg" , "请你先登录" ); //重定向到登录 HttpServletResponse resp = (HttpServletResponse) response; resp.sendRedirect(req.getContextPath()+ "/index.jsp" );[W2] } else { //放行 chain.doFilter(request, response); } } public void destroy() { } } |
配置到web.xml中且对jsps/*进行过虑:
1
2
3
4
5
6
7
8
9
|
< filter > < filter-name >login</ filter-name > < filter-class >cn.itcast.filter.LoginFilter</ filter-class > </ filter > < filter-mapping > < filter-name >login</ filter-name > < url-pattern >/jsps/*</ url-pattern > < url-pattern >/views/*</ url-pattern > </ filter-mapping > |
实现自动登录
自动登录,是为了帮助用户多次使用这个网页时,不用再次输入用户名和密码就可以登录。
是指用户将用户的登录信息,人,保存到本地的文件中Cookie中。
Name,value – 声明时 new Cookie(key,value);
Path - 默认值,即为当前保存cookie的这个serlvet所在的路径。
如果Cookie在这样的路径:http://loclhost:8080/project/abc/AServlet
则Cookie的路径为: http://loclhost/project/abc
则说明:
所在在http://loclhost/project/abc目录下的servlet才可以读取这个cookie的值。
如果:
保存Cookie类:http://loclhost:8080/project/a/b/AServlet
则Cookie的默认path为;
http://loclhost/project/a/b
第一步:开发一个登录页面
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
< c:choose > < c:when test = "${empty sessionScope.name}" > < form name = "x" method = "post" action="<c:url value = '/LoginServlet' />"> Name:< input type = "text" name = "name" />< br /> auto: < input type = "radio" name = "auto" value = "-1" >不自动登录 < br /> < input type = "radio" name = "auto" value = "1" >1天< br /> < input type = "radio" name = "auto" value = "7" >1周< br /> < input type = "submit" /> </ form > </ c:when > < c:otherwise > 你已经登录了:${name}< br /> < a href="<c:url value = '/LoginServlet' />">退出</ a > </ c:otherwise > </ c:choose > |
第二步:成功保存cookie
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //接收用户姓名 String name = request.getParameter( "name" ); String auto = request.getParameter( "auto" ); //将用户信息放到session request.getSession().setAttribute( "name" ,name); //判断auto是否是-1 if (!auto.equals( "-1" )){ int day = Integer.parseInt(auto); //1|7 int seconds = 60 * 60 * 24 *day; //声明cookie Cookie c = new Cookie( "autoLogin" ,name); c.setMaxAge(seconds); c.setPath(request.getContextPath()); //保存cookie response.addCookie(c); } } |
第三步:要求访问本网点中任何一个页面都应该实现自动登录
写一个过虑器,对所有url=/*进行过虑。在doFilter中读取所有cookie。是否存在名称为autoLogin的名称cookie。
永远都放行。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { //在这儿读取cookie HttpServletRequest req = (HttpServletRequest) request; //获取所的有cookie Cookie[] cs = req.getCookies(); if (cs!= null ){ for (Cookie c:cs){ if (c.getName().equals( "autoLogin" )){ //如果存在自动登录的cookie String value = c.getValue(); //用户名称 //登录成功是指 req.getSession().setAttribute( "name" , value); break ; } } } //不管是否自动登录成 chain.doFilter(request, response); } |
第四涉:配置到web.xml中对所有url=/*
1
2
3
4
5
6
7
8
|
< filter > < filter-name >auto</ filter-name > < filter-class >cn.itcast.filter.AutoFilter</ filter-class > </ filter > < filter-mapping > < filter-name >auto</ filter-name > < url-pattern >/*</ url-pattern > </ filter-mapping > |
第五步:开发退出
1
2
3
4
5
6
7
8
9
|
System.err.println( "用户退出" ); //删除整个session request.getSession().invalidate(); Cookie c = new Cookie( "autoLogin" , "ddd" ); c.setMaxAge( 0 ); c.setPath(request.getContextPath()); response.addCookie(c); // request.getSession().removeAttribute("name"); response.sendRedirect(request.getContextPath()+ "/index.jsp" ); |
第六步:优化代码
由于用户在做手工登录时,也会进入AutoFiilter的doFilter方法,且读取所有Cookie遍历一次。而这次遍历对用户来说是多余。
所以应该将LoginServet这个url在doFiler中不过过虑。
且对退出也不能自动登录。
以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,同时也希望多多支持服务器之家!
原文链接:http://www.cnblogs.com/zhenghongxin/p/4457445.html