Filter 控制用户自动登录

原创 2015年07月07日 23:31:05


2014年9月8日 16:19:44


结合会话管理和过滤器知识,用户可以自动跳过登录界面,直接进入网站主页面。




//前台界面:    

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>XX论坛</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
 
</head>
<body>
<c:if test="${sessionScope.user==null}">
<a href="${pageContext.request.contextPath}/autologin/login.jsp">登录</a>
</c:if>
<c:if test="${sessionScope.user!=null}">
欢迎您:${sessionScope.user.nick}
</c:if>
<hr/>
网站主页<br/>
<a href="${pageContext.request.contextPath}/autologin/1.jsp">其他页面</a>
</body>
</html>


<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title></title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
 
</head>
<body>
<c:if test="${sessionScope.user==null}">
<a href="${pageContext.request.contextPath}/autologin/login.jsp">登录</a>
</c:if>
<c:if test="${sessionScope.user!=null}">
欢迎您:${sessionScope.user.nick}
</c:if>
</body>
</html>




<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>登录页面</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
 
</head>
<body>
<form action="${pageContext.request.contextPath}/servlet/LoginServlet" method="post">
用户名:<input type="text" name="username"/><br/>
密码:<input type="password" name="password"/><br/>
<input type="checkbox" name="autologin"/>下次自动登录<br/>
<input type="submit" value="登录"/>
</form>
</body>
</html>





//后台代码;



package cn.itcast.filter.autologin;
 
import java.io.Serializable;
 
public class User implements Serializable{
private String username;
private String nick;
private String password;
public User(){}
public User(String username, String nick, String password) {
super();
this.username = username;
this.nick = nick;
this.password = password;
}
 
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getNick() {
return nick;
}
public void setNick(String nick) {
this.nick = nick;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}




package cn.itcast.filter.autologin;
 
import java.util.ArrayList;
import java.util.List;
 
public class UserDB {
private static List<User> users = new ArrayList<User>();
static{
users.add(new User("gfy","葛付以","123"));
users.add(new User("zql","朱巧玲","123"));
users.add(new User("王翔云","浮云哥","123"));
}
public static User findUser(String username,String password){
User user = null;
for(User u:users){
if(username.equals(u.getUsername())&&password.equals(u.getPassword())){
user = u;
break;
}
}
return user;
}
public static User findUser(String username){
User user = null;
for(User u:users){
if(username.equals(u.getUsername())){
user = u;
break;
}
}
return user;
}
}




package cn.itcast.filter.autologin;
 
import java.io.IOException;
 
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
 
import sun.misc.BASE64Encoder;
//完成用户登录
public class LoginServlet extends HttpServlet {
 
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// 1、取到用户名和密码
String username = request.getParameter("username");
String password = request.getParameter("password");
// 2、验证是否正确
User user = UserDB.findUser(username, password);
if(user!=null){
// 3、正确,把用户放到HttpSession中
request.getSession().setAttribute("user", user);
// 4、判断用户是否需要自动登录
String autologin = request.getParameter("autologin");
if(autologin!=null){
// 5、是:把用户名和密码保存到一个指定的cookie中
Cookie c = new Cookie("loginInfo",new BASE64Encoder().encode(username.getBytes())+"_"+MD5Util.md5(password));//存在客户端的cookie中,如果密码是名为,很危险
c.setMaxAge(Integer.MAX_VALUE);
c.setPath(request.getContextPath());
response.addCookie(c);
}
}
// 6、重定向到主页
response.sendRedirect(request.getContextPath()+"/autologin/index.jsp");
}
 
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
 
doGet(request, response);
}
 
}



package cn.itcast.filter.autologin;
 
import java.security.MessageDigest;
 
import sun.misc.BASE64Encoder;
 
public class MD5Util {
public static String md5(String message){
try{
MessageDigest md = MessageDigest.getInstance("md5");
byte b[] = md.digest(message.getBytes());
return new BASE64Encoder().encode(b);
}catch(Exception e){
throw new RuntimeException(e);
}
}
}



package cn.itcast.filter.autologin;
 
import java.io.IOException;
 
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
 
import sun.misc.BASE64Decoder;
//完成用户的自动登录
public class AutoLoginFilter implements Filter {
 
public void destroy() {
 
}
 
public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse)resp;
HttpSession session = request.getSession();
User u = (User)session.getAttribute("user");
if(u==null){//只有没有登录时才自动登录,已经登录了就不需要了
// System.out.println("自动登录执行了");
// 1、获取名称为loginInfo的cookie
Cookie loginInfoCookie = null;
Cookie cs[] = request.getCookies();
for(int i=0;cs!=null&&i<cs.length;i++){
if("loginInfo".equals(cs[i].getName())){
loginInfoCookie = cs[i];
break;
}
}
if(loginInfoCookie!=null){
// 2、有:取出cookie的值:用户名_加密的密码
String usernamePassword = loginInfoCookie.getValue();// zql_slkdjflksjkfslkfls
// 3、拆出用户名和密码
String username = usernamePassword.split("\\_")[0];//用户名
username = new String(new BASE64Decoder().decodeBuffer(username));
String cookiePassword = usernamePassword.split("\\_")[1];//密码
// 4、再次验证用户名和密码是否正确(根据用户名查出密码,加密后再与cookie中的那个密码进行比对)
User user = UserDB.findUser(username);
if(user!=null){
//根据用户名查出密码,加密后再与cookie中的那个密码进行比对
if(cookiePassword.equals(MD5Util.md5(user.getPassword()))){
// 5、正确:得到用户对象,放到HttpSession中(自动登录)
session.setAttribute("user", user);
}
}
}
}
//放行
chain.doFilter(request, response);
}
 
public void init(FilterConfig filterConfig) throws ServletException {
 
}
 
}




package cn.itcast.filter.autologin;
 
import java.io.IOException;
 
import org.junit.Test;
 
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
 
public class Base64Demo {
@Test
public void testEncode(){
String s = "你好";
BASE64Encoder base64 = new BASE64Encoder();
System.out.println(base64.encode(s.getBytes()));
}
//xOO6ww==
@Test
public void testDecode() throws IOException{
String s = "xOO6ww==";
BASE64Decoder base64 = new BASE64Decoder();
byte b[] = base64.decodeBuffer(s);
System.out.println(new String(b));
}
}

2014年9月8日 16:19:44


结合会话管理和过滤器知识,用户可以自动跳过登录界面,直接进入网站主页面。

 




//前台界面:    

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>XX论坛</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
 
</head>
<body>
<c:if test="${sessionScope.user==null}">
<a href="${pageContext.request.contextPath}/autologin/login.jsp">登录</a>
</c:if>
<c:if test="${sessionScope.user!=null}">
欢迎您:${sessionScope.user.nick}
</c:if>
<hr/>
网站主页<br/>
<a href="${pageContext.request.contextPath}/autologin/1.jsp">其他页面</a>
</body>
</html>


<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title></title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
 
</head>
<body>
<c:if test="${sessionScope.user==null}">
<a href="${pageContext.request.contextPath}/autologin/login.jsp">登录</a>
</c:if>
<c:if test="${sessionScope.user!=null}">
欢迎您:${sessionScope.user.nick}
</c:if>
</body>
</html>




<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>登录页面</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
 
</head>
<body>
<form action="${pageContext.request.contextPath}/servlet/LoginServlet" method="post">
用户名:<input type="text" name="username"/><br/>
密码:<input type="password" name="password"/><br/>
<input type="checkbox" name="autologin"/>下次自动登录<br/>
<input type="submit" value="登录"/>
</form>
</body>
</html>





//后台代码;



package cn.itcast.filter.autologin;
 
import java.io.Serializable;
 
public class User implements Serializable{
private String username;
private String nick;
private String password;
public User(){}
public User(String username, String nick, String password) {
super();
this.username = username;
this.nick = nick;
this.password = password;
}
 
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getNick() {
return nick;
}
public void setNick(String nick) {
this.nick = nick;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}




package cn.itcast.filter.autologin;
 
import java.util.ArrayList;
import java.util.List;
 
public class UserDB {
private static List<User> users = new ArrayList<User>();
static{
users.add(new User("gfy","葛付以","123"));
users.add(new User("zql","朱巧玲","123"));
users.add(new User("王翔云","浮云哥","123"));
}
public static User findUser(String username,String password){
User user = null;
for(User u:users){
if(username.equals(u.getUsername())&&password.equals(u.getPassword())){
user = u;
break;
}
}
return user;
}
public static User findUser(String username){
User user = null;
for(User u:users){
if(username.equals(u.getUsername())){
user = u;
break;
}
}
return user;
}
}




package cn.itcast.filter.autologin;
 
import java.io.IOException;
 
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
 
import sun.misc.BASE64Encoder;
//完成用户登录
public class LoginServlet extends HttpServlet {
 
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// 1、取到用户名和密码
String username = request.getParameter("username");
String password = request.getParameter("password");
// 2、验证是否正确
User user = UserDB.findUser(username, password);
if(user!=null){
// 3、正确,把用户放到HttpSession中
request.getSession().setAttribute("user", user);
// 4、判断用户是否需要自动登录
String autologin = request.getParameter("autologin");
if(autologin!=null){
// 5、是:把用户名和密码保存到一个指定的cookie中
Cookie c = new Cookie("loginInfo",new BASE64Encoder().encode(username.getBytes())+"_"+MD5Util.md5(password));//存在客户端的cookie中,如果密码是名为,很危险
c.setMaxAge(Integer.MAX_VALUE);
c.setPath(request.getContextPath());
response.addCookie(c);
}
}
// 6、重定向到主页
response.sendRedirect(request.getContextPath()+"/autologin/index.jsp");
}
 
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
 
doGet(request, response);
}
 
}



package cn.itcast.filter.autologin;
 
import java.security.MessageDigest;
 
import sun.misc.BASE64Encoder;
 
public class MD5Util {
public static String md5(String message){
try{
MessageDigest md = MessageDigest.getInstance("md5");
byte b[] = md.digest(message.getBytes());
return new BASE64Encoder().encode(b);
}catch(Exception e){
throw new RuntimeException(e);
}
}
}



package cn.itcast.filter.autologin;
 
import java.io.IOException;
 
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
 
import sun.misc.BASE64Decoder;
//完成用户的自动登录
public class AutoLoginFilter implements Filter {
 
public void destroy() {
 
}
 
public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse)resp;
HttpSession session = request.getSession();
User u = (User)session.getAttribute("user");
if(u==null){//只有没有登录时才自动登录,已经登录了就不需要了
// System.out.println("自动登录执行了");
// 1、获取名称为loginInfo的cookie
Cookie loginInfoCookie = null;
Cookie cs[] = request.getCookies();
for(int i=0;cs!=null&&i<cs.length;i++){
if("loginInfo".equals(cs[i].getName())){
loginInfoCookie = cs[i];
break;
}
}
if(loginInfoCookie!=null){
// 2、有:取出cookie的值:用户名_加密的密码
String usernamePassword = loginInfoCookie.getValue();// zql_slkdjflksjkfslkfls
// 3、拆出用户名和密码
String username = usernamePassword.split("\\_")[0];//用户名
username = new String(new BASE64Decoder().decodeBuffer(username));
String cookiePassword = usernamePassword.split("\\_")[1];//密码
// 4、再次验证用户名和密码是否正确(根据用户名查出密码,加密后再与cookie中的那个密码进行比对)
User user = UserDB.findUser(username);
if(user!=null){
//根据用户名查出密码,加密后再与cookie中的那个密码进行比对
if(cookiePassword.equals(MD5Util.md5(user.getPassword()))){
// 5、正确:得到用户对象,放到HttpSession中(自动登录)
session.setAttribute("user", user);
}
}
}
}
//放行
chain.doFilter(request, response);
}
 
public void init(FilterConfig filterConfig) throws ServletException {
 
}
 
}




package cn.itcast.filter.autologin;
 
import java.io.IOException;
 
import org.junit.Test;
 
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
 
public class Base64Demo {
@Test
public void testEncode(){
String s = "你好";
BASE64Encoder base64 = new BASE64Encoder();
System.out.println(base64.encode(s.getBytes()));
}
//xOO6ww==
@Test
public void testDecode() throws IOException{
String s = "xOO6ww==";
BASE64Decoder base64 = new BASE64Decoder();
byte b[] = base64.decodeBuffer(s);
System.out.println(new String(b));
}
}

版权声明:本文为博主原创文章,未经博主允许不得转载。 举报

相关文章推荐

Filter 控制用户自动登录

2014年9月8日 16:19:44 结合会话管理和过滤器知识,用户可以自动跳过登录界面,直接进入网站主页面。 ...

Filter----自动登录

Filter 相关知识点-----自动登录 index.jsp         " method="post">     Name:     Pwd: ...

精选:深入理解 Docker 内部原理及网络配置

网络绝对是任何系统的核心,对于容器而言也是如此。Docker 作为目前最火的轻量级容器技术,有很多令人称道的功能,如 Docker 的镜像管理。然而,Docker的网络一直以来都比较薄弱,所以我们有必要深入了解Docker的网络知识,以满足更高的网络需求。

用户自动登录

描述:用户选择自动登录多长时间。无论用户访问那个页面都会自动登录。 public class LoginServlet extends HttpServlet { public void doGet...

java_web用户的自动登录模块的实现

java_web用户的自动登录模块的实现

网站自动登录功能实现

功能:第一次登录时,勾选自动登录,关闭浏览器,再次打开,系统会自动进行用户已经登陆状态 实现用户自动登录的过滤器: 在用户登录成功后,以cookis形式发送用户名、密码给客户端 编写一个过滤器,fil...

Filter 实现自动登录

实现原理: 当用户已启用了自动登录时,这时我们将登录时用到的信息封装到Cookie里面,当用户下次访问时,会将cookie带过来,这时我们在Filter里面做判断 实现的步骤 在过虑器里面 ...

用户自动登录

一、什么是用户自动登录?   对于我们的网站向已注册用户提供某些专门的服务,比如网上购物、在线下载、收费浏览等等,就会要求用户在使用这些服务之前进入登录页面,输入用户名和密码,并进行验证。    ...

使用Filter控制用户登录权限

学jsp这么长时间,做的项目也有七八个了,可所有的项目都是用户登录就直接跳转到其拥有权限的页面,或者显示可访问页面的链接。使用这种方式来幼稚地控制访问权限。从来没有想过如果我没有登录,直接输入地址也可...

Filter 对未登录用户访问地址的控制

首先我们应该明白java过滤器的作用原理,他到底是干什么的?什么原理? 顾名思义,过滤器即起到过滤的作用。大家可以把它根过滤网联想一下。这是我画的过滤器示意图: 1  过滤器对用户的‘...

同一用户不同终端登录限制(附:同一浏览器不同用户登录解决方案)

本文介绍了限制同一用户不能在不同终端上同时登录的解决方案,同时介绍了在同一浏览器上登录多个用户的解决方案。
返回顶部
收藏助手
不良信息举报
您举报文章:深度学习:神经网络中的前向传播和反向传播算法推导
举报原因:
原因补充:

(最多只允许输入30个字)