同样项目代码建立在登录项目上:Maven Web项目Servlet开发之登陆界面
项目首先在登录页面有保存 cookie 的 checkbox,第一次成功保存 cookie 之后,直接登录 welcome 页面(首先通过session验证,若验证不通过则通过 cookie 验证 ),代码如下:
package com.busymonkey;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Servlet implementation class ServletDemo
*/
public class Login extends HttpServlet {
private static final long serialVersionUID = 1L;
public Login() {
super();
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
try {
PrintWriter pw = response.getWriter();
pw.println("<html>");
pw.println("<body>");
pw.println("<center>");
pw.println("<h1>Login</h1>");
pw.println("<form action=verify method=post>");
pw.println("UserName:<input type=text name=username><br>");
pw.println("PassWord:<input type=password name=passwd><br>");
pw.println("<input type=checkbox name=keep value=2>No more login in two weeks<br>");
pw.println("<input type=submit value=loging><br>");
pw.println("</form>");
pw.println("</center>");
pw.println("</body>");
pw.println("</html>");
}
catch (Exception ex) {
ex.printStackTrace();
}
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
package com.busymonkey;
import javax.servlet.ServletException;
import javax.servlet.http.*;
import java.io.*;
import java.sql.*;
public class Verify extends HttpServlet {
private static final long serialVersionUID = 1L;
public Verify() {
super();
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
Connection ct = null;
Statement sm = null;
ResultSet rs = null;
try {
String u=request.getParameter("username");
String p=request.getParameter("passwd");
//数据库连接
Class.forName("com.mysql.jdbc.Driver");
//得到连接
ct = DriverManager.getConnection("jdbc:mysql://127.0.0.1:3306/db_hou", "root", "123456");
//创建Statement
sm = ct.createStatement();
rs = sm.executeQuery("select * from users where username='"+u+"' and passwd='"+p+"'");
if (rs.next()) {//next能进来说明用户是存在的
String dbPasswd = rs.getString("passwd");
if (dbPasswd.equals(p)) {
HttpSession hs = request.getSession(true);
hs.setMaxInactiveInterval(20);
hs.setAttribute("pass", "ok");
String keep = request.getParameter("keep");
if (keep != null) {
//将用户名和密码保存在客户端 cookie技术
Cookie name = new Cookie("myname",u);
Cookie pass = new Cookie("mypasswd",p);
//设置时间
name.setMaxAge(14*24*3600);
pass.setMaxAge(14*24*3600);
//回写到客户端
response.addCookie(name);
response.addCookie(pass);
}
response.sendRedirect("welcome?uname=" + u + "&upass=" + p);
}
else
{
response.sendRedirect("login");
}
}
else {
response.sendRedirect("login");
}
}
catch (Exception ex) {
ex.printStackTrace();
}finally{
try {
if (rs!=null) rs.close();
if (sm!=null) sm.close();
if (ct!=null) ct.close();
}
catch (Exception ex) {
ex.printStackTrace();
}
}
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
package com.busymonkey;
import javax.servlet.ServletException;
import javax.servlet.http.*;
import java.io.*;
import java.sql.*;
public class WelCome extends HttpServlet {
private static final long serialVersionUID = 1L;
public WelCome() {
super();
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
Connection ct = null;
PreparedStatement ps = null;
ResultSet rs = null;
HttpSession hs = request.getSession(true);
String val = (String) hs.getAttribute("pass");//非法登陆返回空
if ( val == null )
{
//如果session中没有用户信息,再看看cookie中有没有信息
Cookie [] allCookies = request.getCookies();
String name = null;
String passwd = null;
int i = 0;
if (allCookies != null) {
//取出cookie
for (i = 0; i < allCookies.length; i++) {
//依次取出
Cookie temp = allCookies[i];
if (temp.getName().equals("myname")) {
name = temp.getValue();
}
else if (temp.getName().equals("mypasswd")) {
passwd = temp.getValue();
}
}
if (!name.equals("") && !passwd.equals("")) {
//到Verify里去验证
response.sendRedirect("verify?username="+name+"&passwd="+passwd);
return;
}
}
try {
response.sendRedirect("login");
}
catch (Exception ex) {
ex.printStackTrace();
}
}
String u = request.getParameter("uname");
String p = request.getParameter("upass");
try {
//分页技术
int pageSize = 3;//每页条数
int pageCurrent = 1;//当前页数
int rowCount = 0;//总条数
int pageCount = 0;//总页数
PrintWriter pw = response.getWriter();
//动态接收pageCurrent
String sPageCurrent = request.getParameter("pageCurrent");
if (sPageCurrent != null) {
pageCurrent = Integer.parseInt(sPageCurrent);
}
//得到rowCount
Class.forName("com.mysql.jdbc.Driver");
ct = DriverManager.getConnection("jdbc:mysql://127.0.0.1:3306/db_hou", "root", "123456");
ps = ct.prepareStatement("select count(*) from users");
rs = ps.executeQuery();
if (rs.next()) {
rowCount = rs.getInt(1);
}
//计算pageCount
if (rowCount%pageSize == 0) {
pageCount = rowCount/pageSize;
}
else {
pageCount = rowCount/pageSize + 1;
}
ps = ct.prepareStatement("select * from users limit ?,?");
//给?赋值
ps.setInt(1, pageSize*(pageCurrent-1));
ps.setInt(2, pageSize);
rs = ps.executeQuery();
pw.println("<body><center>");
pw.println("<img src=./imgs/1.GIF ><br>");
pw.println("Welcome!!!! " + u + " pass=" + p);
//表数据显示
pw.println("<table border=1>");
pw.println("<tr><th>ID</th><th>NAME</th><th>PASSWD</th><th>GRADE</th></tr>");
while (rs.next()) {
pw.println("<tr>");
pw.println("<td>"+rs.getInt("userId")+"</td>");
pw.println("<td>"+rs.getString("username")+"</td>");
pw.println("<td>"+rs.getString("passwd")+"</td>");
pw.println("<td>"+rs.getInt("grade")+"</td>");
pw.println("</tr>");
}
pw.println("</table>");
//上一页
if (pageCurrent != 1)
pw.println("<a href=welcome?pageCurrent="+(pageCurrent-1)+">Prepage</a>");
//显示超链接
for (int i = pageCurrent; i <= pageCurrent+5; i ++) {
pw.println("<a href=welcome?pageCurrent="+i+">"+i+"</a>");
}
//下一页
if (pageCurrent != pageCount)
pw.println("<a href=welcome?pageCurrent="+(pageCurrent+1)+">Nextpage</a>");
pw.println("</center></body>");
}
catch (Exception ex) {
ex.printStackTrace();
}
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
1、关于 windows 上cookies 的保存路径: c:\Documents and Settings\你的用户名\Cookies,linux上的 cookie 文件能方便的在火狐浏览器里看到,在浏览器里的 privacy 里,有个remove cookie 里可以查看到。
2、关于Verify程序中,同时有session技术和cookie技术,先后顺序一定要明确,首先你开通了cookie IE浏览器没有禁用cookie当然可以收到cookie 其次你编程的时候实现了添加cookie或者用的是session 这两者都会产生cookie cookie name 为JSESSIONID 应该是你用了session编程,它会在记录此窗口的临时cookie 放在内存中 只要你这个窗口不关掉 它的子窗口也可以得到这个cookie 并使用但你一旦关掉了这个窗口 这个cookie就消失了!也就是说,如果Verify程序中,先进行cookie技术来保存cookie,再使用session技术,那么你之前保存的cookie就会放到内存中,导致你在火狐浏览器中无法找到你的cookie。
关于 cookie 和session 技术的比较:
1、cookie 保存在客户端,session 保存在服务器端。
2、相比较而言,cookie 的安全性比 session 要弱。
3、cookie 通过网络在客户端与服务器端传输,而 session 保存在服务器端,不需要传输。
4、关于生命周期(20分钟为例)cookie 的生命周期是累计的,从创建时,就开始计时,20分钟后 cookie 生命周期结束,cookie 就无效。
session 的生命周期是间隔的,从创建时,开始计时,如在20分钟内,没有访问过 session,那么 session 信息无效,如果在20分钟内,比如在19分钟时,访问过 session,那么它的生命周期将重新开始计算。
另外,关机会造成session 生命周期结束,但是对 cookie 没有任何影响。