Servlet过滤器案例-自动登录

使用过滤器实现自动登录

登录的jsp页面

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>   
    <title>My JSP 'login.jsp' starting page</title> 	
  </head>
  
  <body>
     <form action="${pageContext.request.contextPath }/servlet/LoginServlet" method="post">
   		用户名:<input type="text" name="username"><br/>
   		密码:<input type="password" name="password"><br/>
   		有效期:<input type="radio" name="autoLoginTime" value="${60*60}">1小时
		   	  <input type="radio" name="autoLoginTime" value="${10*60}">10分钟
		   	  <input type="radio" name="autoLoginTime" value="${2*60}"  checked="checked">2分钟<br/>
   		<input type="submit" value="登陆">
   	</form>
  </body>
</html>


处理登录请求的servlet

package com.hbsi.servlet;

import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import sun.misc.BASE64Encoder;

import com.hbsi.dao.UserDao;
import com.hbsi.domain.User;

public class LoginServlet extends HttpServlet {

	public void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		
		String username = request.getParameter("username");
		String password = request.getParameter("password");
		int autoLoginTime =Integer.parseInt(request.getParameter("autoLoginTime"));
		UserDao dao = new UserDao();
		User user = dao.find(username, password);
		if(user!=null){
			request.getSession().setAttribute("user",user);
			//String password1 = user.getPassword();
			//String md5password = md5(password1);
			Cookie cookie1 = new Cookie("username",user.getUsername());
			Cookie cookie2 = new Cookie("password",user.getPassword());

			
			cookie1.setMaxAge(autoLoginTime);
			cookie2.setMaxAge(autoLoginTime);
			
			cookie1.setPath("/AutomaticLogin");
			cookie2.setPath("/AutomaticLogin");
			
			response.addCookie(cookie1);
			response.addCookie(cookie2);
			
			response.sendRedirect("/AutomaticLogin/welcome.jsp");
			
		}else{
			request.setAttribute("message","用户名密码错");
			request.getRequestDispatcher("/message.jsp").forward(request, response);
		}
		
	}
	
	private String md5(String input){
		try {
			MessageDigest md = MessageDigest.getInstance("md5");
			byte[] result = md.digest(input.getBytes());
			BASE64Encoder encoder = new BASE64Encoder();
			return encoder.encode(result);
		} catch (NoSuchAlgorithmException e) {
			throw new RuntimeException();
		}
		
	}
	

	public void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {

		doGet(request, response);
	}

}


登录信息的jsp页面

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>   
    <title>My JSP 'message.jsp' starting page</title> 	
  </head>
  
  <body>
   ${message}<br>
  </body>
</html>


登录后的首页jsp

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>   
    <title>My JSP 'welcome.jsp' starting page</title> 	
  </head>
  
  <body>
    欢迎您:${user.username} <br>
  </body>
</html>


Servlet过滤器

package com.hbsi.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.hbsi.dao.UserDao;
import com.hbsi.domain.User;

public class AutoLoginFilter implements Filter {

	@Override
	public void destroy() {
		// TODO Auto-generated method stub

	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {
		
		HttpServletRequest req = (HttpServletRequest) request;
		HttpServletResponse resp = (HttpServletResponse) response;
		
		//1.检查用户是否登录
		User user = (User) req.getSession().getAttribute("user");
		if(user!=null){
			chain.doFilter(req,resp);
			return;
		}
		
		//2.检查用户是否带cookie来
		String username = null;
		String password = null;
		Cookie[] cookies = req.getCookies();
		for(int i=0;cookies!=null && i<cookies.length;i++){
			if(cookies[i].getName().equals("username")){
				username = cookies[i].getValue();
			}
			if(cookies[i].getName().equals("password")){
				password = cookies[i].getValue();
			}
		}
		if(username==null && password==null){
			chain.doFilter(req, resp);
			return;
		}
		
		UserDao dao = new UserDao();
		User user1 = dao.find(username);
		String save_password = user1.getPassword();
		if(!password.equals(save_password)){
			chain.doFilter(req, resp);
			return;
		}
		req.getSession().setAttribute("user",user1);
		chain.doFilter(req, resp);
	}

	@Override
	public void init(FilterConfig filterConfig) throws ServletException {
		// TODO Auto-generated method stub

	}

}


连接数据库的工具类

package com.hbsi.util;

import java.io.InputStream;
import java.util.Properties;
import javax.sql.DataSource;

import org.apache.commons.dbcp.BasicDataSourceFactory;

public class DBManger2 {
	private static DataSource ds;
	static {
		try {
			InputStream in = DBManger2.class.getClassLoader()
					.getResourceAsStream("dbcpconfig.properties");
			Properties prop = new Properties();
			prop.load(in);
			ds = BasicDataSourceFactory.createDataSource(prop);
		} catch (Exception e) {
			e.printStackTrace();
		}
	}

	public static DataSource getDataSource(){
		return ds;
	}
}

 

连接数据库所读的配置文件

#连接设置
driverClassName=com.mysql.jdbc.Driver
url=jdbc:mysql://localhost:3306/java
username=root
password=root

#<!-- 初始化连接 -->
initialSize=10

#最大连接数量
maxActive=50

#<!-- 最大空闲连接 -->
maxIdle=20

#<!-- 最小空闲连接 -->
minIdle=5

#<!-- 超时等待时间以毫秒为单位 6000毫秒/1000等于60秒 -->
maxWait=60000


#JDBC驱动建立连接时附带的连接属性属性的格式必须为这样:[属性名=property;] 
#注意:"user" 与 "password" 两个属性会被明确地传递,因此这里不需要包含他们。
connectionProperties=useUnicode=true;characterEncoding=gbk

#指定由连接池所创建的连接的自动提交(auto-commit)状态。
defaultAutoCommit=true

#driver default 指定由连接池所创建的连接的只读(read-only)状态。
#如果没有设置该值,则“setReadOnly”方法将不被调用。(某些驱动并不支持只读模式,如:Informix)
defaultReadOnly=

#driver default 指定由连接池所创建的连接的事务级别(TransactionIsolation)。
#可用值为下列之一:(详情可见javadoc。)NONE,READ_UNCOMMITTED, READ_COMMITTED, REPEATABLE_READ, SERIALIZABLE
defaultTransactionIsolation=READ_UNCOMMITTED



实体类

package com.hbsi.domain;

public class User {
	
	private String username;
	private String password;
	public String getUsername() {
		return username;
	}
	public void setUsername(String username) {
		this.username = username;
	}
	public String getPassword() {
		return password;
	}
	public void setPassword(String password) {
		this.password = password;
	}
	

}


处理实体类的实现类

package com.hbsi.dao;

import java.util.List;
import org.apache.commons.dbutils.QueryRunner;
import org.apache.commons.dbutils.handlers.BeanHandler;
import org.apache.commons.dbutils.handlers.BeanListHandler;
import com.hbsi.domain.User;
import com.hbsi.util.DBManger2;

public class UserDao {
	public List<User> getAll(){
		try{
			QueryRunner runner = new QueryRunner(DBManger2.getDataSource());
			
			String sql = "select * from user1";
			
			return (List<User>) runner.query(sql,new BeanListHandler(User.class));
			
		}catch(Exception e){
			throw new RuntimeException();
		}
	}
	
	public User find(String username,String password){
		try{
			QueryRunner runner = new QueryRunner(DBManger2.getDataSource());
			
			String sql = "select * from user1 where username=? and password=?";
			Object[] params = {username,password};
			
			return (User) runner.query(sql, params, new BeanHandler(User.class));
			
		}catch(Exception e){
			throw new RuntimeException();
		}
	}
	
	public User find(String username){
		try{
			QueryRunner runner = new QueryRunner(DBManger2.getDataSource());
			
			String sql = "select * from user1 where username=?";
			
			
			return (User) runner.query(sql, username, new BeanHandler(User.class));
			
		}catch(Exception e){
			throw new RuntimeException();
		}
	}

}


web.xml文件

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" 
	xmlns="http://java.sun.com/xml/ns/javaee" 
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
	http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
  <servlet>
    <servlet-name>LoginServlet</servlet-name>
    <servlet-class>com.hbsi.servlet.LoginServlet</servlet-class>
  </servlet>

  <servlet-mapping>
    <servlet-name>LoginServlet</servlet-name>
    <url-pattern>/servlet/LoginServlet</url-pattern>
  </servlet-mapping>
  
   <filter>
    <filter-name>AutoLoginFilter</filter-name>
    <filter-class>com.hbsi.filter.AutoLoginFilter</filter-class>
  </filter>
  <filter-mapping>
     <filter-name>AutoLoginFilter</filter-name>
     <url-pattern>/*</url-pattern>
  </filter-mapping>
  <welcome-file-list>
    <welcome-file>index.jsp</welcome-file>
  </welcome-file-list>
</web-app>

 

项目大概一览

  • 3
    点赞
  • 7
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值