使用过滤器实现自动登录
登录的jsp页面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My JSP 'login.jsp' starting page</title>
</head>
<body>
<form action="${pageContext.request.contextPath }/servlet/LoginServlet" method="post">
用户名:<input type="text" name="username"><br/>
密码:<input type="password" name="password"><br/>
有效期:<input type="radio" name="autoLoginTime" value="${60*60}">1小时
<input type="radio" name="autoLoginTime" value="${10*60}">10分钟
<input type="radio" name="autoLoginTime" value="${2*60}" checked="checked">2分钟<br/>
<input type="submit" value="登陆">
</form>
</body>
</html>
处理登录请求的servlet
package com.hbsi.servlet;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import sun.misc.BASE64Encoder;
import com.hbsi.dao.UserDao;
import com.hbsi.domain.User;
public class LoginServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String username = request.getParameter("username");
String password = request.getParameter("password");
int autoLoginTime =Integer.parseInt(request.getParameter("autoLoginTime"));
UserDao dao = new UserDao();
User user = dao.find(username, password);
if(user!=null){
request.getSession().setAttribute("user",user);
//String password1 = user.getPassword();
//String md5password = md5(password1);
Cookie cookie1 = new Cookie("username",user.getUsername());
Cookie cookie2 = new Cookie("password",user.getPassword());
cookie1.setMaxAge(autoLoginTime);
cookie2.setMaxAge(autoLoginTime);
cookie1.setPath("/AutomaticLogin");
cookie2.setPath("/AutomaticLogin");
response.addCookie(cookie1);
response.addCookie(cookie2);
response.sendRedirect("/AutomaticLogin/welcome.jsp");
}else{
request.setAttribute("message","用户名密码错");
request.getRequestDispatcher("/message.jsp").forward(request, response);
}
}
private String md5(String input){
try {
MessageDigest md = MessageDigest.getInstance("md5");
byte[] result = md.digest(input.getBytes());
BASE64Encoder encoder = new BASE64Encoder();
return encoder.encode(result);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException();
}
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}
登录信息的jsp页面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My JSP 'message.jsp' starting page</title>
</head>
<body>
${message}<br>
</body>
</html>
登录后的首页jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My JSP 'welcome.jsp' starting page</title>
</head>
<body>
欢迎您:${user.username} <br>
</body>
</html>
Servlet过滤器
package com.hbsi.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.hbsi.dao.UserDao;
import com.hbsi.domain.User;
public class AutoLoginFilter implements Filter {
@Override
public void destroy() {
// TODO Auto-generated method stub
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
//1.检查用户是否登录
User user = (User) req.getSession().getAttribute("user");
if(user!=null){
chain.doFilter(req,resp);
return;
}
//2.检查用户是否带cookie来
String username = null;
String password = null;
Cookie[] cookies = req.getCookies();
for(int i=0;cookies!=null && i<cookies.length;i++){
if(cookies[i].getName().equals("username")){
username = cookies[i].getValue();
}
if(cookies[i].getName().equals("password")){
password = cookies[i].getValue();
}
}
if(username==null && password==null){
chain.doFilter(req, resp);
return;
}
UserDao dao = new UserDao();
User user1 = dao.find(username);
String save_password = user1.getPassword();
if(!password.equals(save_password)){
chain.doFilter(req, resp);
return;
}
req.getSession().setAttribute("user",user1);
chain.doFilter(req, resp);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
// TODO Auto-generated method stub
}
}
连接数据库的工具类
package com.hbsi.util;
import java.io.InputStream;
import java.util.Properties;
import javax.sql.DataSource;
import org.apache.commons.dbcp.BasicDataSourceFactory;
public class DBManger2 {
private static DataSource ds;
static {
try {
InputStream in = DBManger2.class.getClassLoader()
.getResourceAsStream("dbcpconfig.properties");
Properties prop = new Properties();
prop.load(in);
ds = BasicDataSourceFactory.createDataSource(prop);
} catch (Exception e) {
e.printStackTrace();
}
}
public static DataSource getDataSource(){
return ds;
}
}
连接数据库所读的配置文件
#连接设置
driverClassName=com.mysql.jdbc.Driver
url=jdbc:mysql://localhost:3306/java
username=root
password=root
#<!-- 初始化连接 -->
initialSize=10
#最大连接数量
maxActive=50
#<!-- 最大空闲连接 -->
maxIdle=20
#<!-- 最小空闲连接 -->
minIdle=5
#<!-- 超时等待时间以毫秒为单位 6000毫秒/1000等于60秒 -->
maxWait=60000
#JDBC驱动建立连接时附带的连接属性属性的格式必须为这样:[属性名=property;]
#注意:"user" 与 "password" 两个属性会被明确地传递,因此这里不需要包含他们。
connectionProperties=useUnicode=true;characterEncoding=gbk
#指定由连接池所创建的连接的自动提交(auto-commit)状态。
defaultAutoCommit=true
#driver default 指定由连接池所创建的连接的只读(read-only)状态。
#如果没有设置该值,则“setReadOnly”方法将不被调用。(某些驱动并不支持只读模式,如:Informix)
defaultReadOnly=
#driver default 指定由连接池所创建的连接的事务级别(TransactionIsolation)。
#可用值为下列之一:(详情可见javadoc。)NONE,READ_UNCOMMITTED, READ_COMMITTED, REPEATABLE_READ, SERIALIZABLE
defaultTransactionIsolation=READ_UNCOMMITTED
实体类
package com.hbsi.domain;
public class User {
private String username;
private String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
处理实体类的实现类
package com.hbsi.dao;
import java.util.List;
import org.apache.commons.dbutils.QueryRunner;
import org.apache.commons.dbutils.handlers.BeanHandler;
import org.apache.commons.dbutils.handlers.BeanListHandler;
import com.hbsi.domain.User;
import com.hbsi.util.DBManger2;
public class UserDao {
public List<User> getAll(){
try{
QueryRunner runner = new QueryRunner(DBManger2.getDataSource());
String sql = "select * from user1";
return (List<User>) runner.query(sql,new BeanListHandler(User.class));
}catch(Exception e){
throw new RuntimeException();
}
}
public User find(String username,String password){
try{
QueryRunner runner = new QueryRunner(DBManger2.getDataSource());
String sql = "select * from user1 where username=? and password=?";
Object[] params = {username,password};
return (User) runner.query(sql, params, new BeanHandler(User.class));
}catch(Exception e){
throw new RuntimeException();
}
}
public User find(String username){
try{
QueryRunner runner = new QueryRunner(DBManger2.getDataSource());
String sql = "select * from user1 where username=?";
return (User) runner.query(sql, username, new BeanHandler(User.class));
}catch(Exception e){
throw new RuntimeException();
}
}
}
web.xml文件
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>com.hbsi.servlet.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/servlet/LoginServlet</url-pattern>
</servlet-mapping>
<filter>
<filter-name>AutoLoginFilter</filter-name>
<filter-class>com.hbsi.filter.AutoLoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AutoLoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
项目大概一览