How to use cookie to log out from website

最新推荐文章于 2021-09-20 11:45:09 发布
最新推荐文章于 2021-09-20 11:45:09 发布
阅读量187 收藏
点赞数
分类专栏: 小知识 文章标签: servlet jsp login cookie
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/WuNJIT/article/details/108427283
版权

1. login.jsp to get the username and password from user

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>

<form action="<%= request.getContextPath()%>/Controller" method="post">

	<!-- we display the username and password and submit them to Controller -->
	Username: <input type="text" name="username" ><br/>
	Password: <input type="password" name="password"><br/>
	<input type="submit" value="submit">
	
</form>

</body>
</html>

2. Controller servlet to handle the information from user and direct user into memberArea page

package cook.xxxxxx;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * Servlet implementation class Controller
 */
@WebServlet("/Controller")
public class Controller extends HttpServlet {
	private static final long serialVersionUID = 1L;

    /**
     * Default constructor. 
     */
    public Controller() {
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// get information from form, username and password
		String username = request.getParameter("username");
		String password = request.getParameter("password");
		// if else sentence to handle different situiations
		if(username.equals("James") && password.equals("123")) {
			// first we get the session and set all sessions to be invalidate
			request.getSession().invalidate();
			// then we create new session and set its active time for 300 seconds
			HttpSession newSession = request.getSession(true);
			newSession.setMaxInactiveInterval(300);
			// create a cookie cUsernameCookie
			Cookie cUsernameCookie = new Cookie("username", username);
			response.addCookie(cUsernameCookie);
			// enter into the memberArea.jsp
			response.sendRedirect("memberArea.jsp");
		} else {
			// enter into the login.jsp
			response.sendRedirect("login.jsp");
		}
	}

}

3. Then we can enter into the memberArea page

<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Member Area</title>
</head>
<body>

	<%
	String username = null, sessionID = null;
	Cookie[] cookies = request.getCookies();
	if(cookies != null){
		for(Cookie cookie : cookies){
			if(cookie.getName().equals("username") ){
				username = cookie.getValue();
			}
			if(cookie.getName().equals("JSESSIONID")){
				sessionID = cookie.getValue();
			}
		}
	}
	if(sessionID == null || username == null){
		response.sendRedirect("login.jsp");
	}
	%>
	
	Username : <%= username %><br>
	SessionID : <%= sessionID %><br>
	We entered into the member area !!! <br>

	<!-- add another form to handle the logout of the page -->
	<!-- use the  MemberAreaController to handle the form information to logout-->
	<form action="<%= request.getContextPath()%>/MemberAreaController" method="get">
    <input type="hidden" name="action" value="destroy">
    <input type="submit" value="logout">
    </form>
    
</body>
</html>

And in this memberArea page we use another form to handle the logout function, and we use another servlet named MemberAreaController to handle the get the action = destroy from this form

4. MemberAreaController servlet to handle logout and destroy the session and cookies

package cook.xxxxxx;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Servlet implementation class MemberAreaController
 */
@WebServlet("/MemberAreaController")
public class MemberAreaController extends HttpServlet {
	private static final long serialVersionUID = 1L;
       
    /**
     * @see HttpServlet#HttpServlet()
     */
    public MemberAreaController() {
        super();
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// first we get the action string from the request by request.getParameter("action")
		String action = request.getParameter("action");
		// if the action is destroy, then we handle logout
		switch (action) {
		case "destroy":
			// we need to destroy this session
			request.getSession().invalidate();	
			// and set all the cookies to be null
			Cookie[] cookies = request.getCookies();
			for(Cookie cookie: cookies) {
				// we need to set the cookie which name is username to be null
				// and max age to be 0
				if(cookie.getName().equals("username")) {
					cookie.setValue(null); // set to be null
					cookie.setMaxAge(0); // set the max age to be 0
					response.addCookie(cookie);
				}
			}
			// then we redirect the page to login.jsp
			response.sendRedirect("login.jsp");
			break;

		default:
			break;
		}
	}
}

5. How do this program work?
login page
After we login the page and entered into the MemberArea page
Then we logout from above page and destroy the data of that login
6. Notation
If we don’t handle the cookies which names username by the following codes in the MemberAreaController servlet, problem will occur.
When we clicked on the logout button, we still are not logout because we can still enter into the link http://localhost:8080/cook/memberArea.jsp to directly enter into the memberArea page, which is not good
The reason is that we create a cookie named username, so if we don’t handle this cookie, when the old session is invalidated, a new session with a new sessionId will created.

			Cookie[] cookies = request.getCookies();
			for(Cookie cookie: cookies) {
				// we need to set the cookie which name is username to be null
				// and max age to be 0
				if(cookie.getName().equals("username")) {
					cookie.setValue(null); // set to be null
					cookie.setMaxAge(0); // set the max age to be 0
					response.addCookie(cookie);
				}
			}

Thus we need to invalidate the cookie named username to be null and make its setMaxAge to be 0
Actually, logout using cookie is not a good idea, we can handle logout using session attribute later.

James Bond Wu
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
anaconda配置R详细记录
WuNJIT的博客
09-19 1732
下载anaconda程序 https://www.anaconda.com/products/individual 下载MACOS版本 安装之后界面如下 下一步配置新的运行环境 然后在新配置的环境中用MAC的terminal打开终端 打开终端后倒入包 安装R packages命令如下 conda install -c r r-dplyr 然后用Jupyter打开即新建一个R的编辑文件使用R了 注意: 一定不要忘记配置R,以及建立新环境后的安装R到这个新的环境中,打开终端操作比较方便一行命令搞定co
Servlet的WebServlet注解详解
WuNJIT的博客
09-04 940
1. 如何实现Servlet,代码如下 package com.xxxx.servlet; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResp
HttpClient 4.x how to use cookies?
acuna1的专栏
10-20 765
public void generateRequest() {     DefaultHttpClient httpclient = new DefaultHttpClient();     HttpPost httppost = new HttpPost("http://mysite.com/login");     httpclient.getParams().setPar
教你使用cookie登录
热门推荐
清欢无别事
09-20 1万+
cookie
How to redirect to login page after cookie expires in Angular JS?
jfkidear的专栏
09-01 6237
How to redirect to login page after cookie expires in Angular JS?  Posted on 2015-05-18 16:04:40 by iamtheDanger  Last Updated: Aug 24, 2015Views: 948Votes: 0 I have the following piece o
How to Setup and Install Oracle Weblogic inCentOS7
weixin_33895016的博客
09-14 276
In this tutorial, I'll guide you on how to setup and install Oracle Weblogicon CentOS 7 operation system. Oracle Weblogic is a middleware tool that is widely used by large companies to ser...
How to Use Objects
06-12
How to Use Objects Code and Concepts Holger Gast
log4j-tutorial.zip_How To Change It
09-23
This tutorial explains how to set up log4j with email, files and stdout. It compares XML to properties configuration files, shows how to change LogLevels for a running application. Furthermore, we ...
How to use projector
09-28
How to use projector
asp.net mvc How to use EF
02-10
How to use EF,How to use EF
JSP - Form - Servlet 的doGet()和doPost()方法简单交互
WuNJIT的博客
09-04 571
jsp form代码 记得form的action应该是servlet的地址URL,method为get或者post ```html <%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%> Form demo Full name: Gender: Male Female Lan
IntelliJ says ‘cannot run program ‘/path/to/tomcat/bin/catalina.sh‘ error=13 permission denied
WuNJIT的博客
09-04 467
今天我在IntelliJ Idea中新建了一个Java EE的project之后发现Edit Configuration我选择Tomcat的local之后run不了,显示错误如下: IntelliJ says 'cannot run program ‘/path/to/tomcat/bin/catalina.sh’ error=13 permission denied。后来在网上查了下,发现有可能是我的Tomcat的包下错了,我的PC是MAC,好像应该用tar.gz (pgp, sha512)。应该下tar
常见的实现servlet的三种形式
WuNJIT的博客
09-04 272
常见的实现servlet的三种形式 package com.xxxx.servlet; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRespon
Java Web jsp && servlet 实现简单的MVC控制
WuNJIT的博客
09-04 201
1. What is MVC? MVC Pattern stands for Model-View-Controller Pattern. This pattern is used to separate application’s concerns. Model: Handles data and business logic. View: Presents the data to the user whenever asked for. Controller: Entertains user reque
JavaBean class in Java
WuNJIT的博客
09-05 187
JavaBeans are classes that encapsulate many objects into a single object (the bean). It is a java class that should follow following conventions: Must implement Serializable. It should have a public no-arg constructor. All properties in java bean must be
Servlet Servlet的工作流程
WuNJIT的博客
09-04 155
如何理解路径 如下例子 http://localhost:8080/s01/ser01 localhost代表主机 8080为端口号 /s01为项目路径 /ser001为项目下的资源路径
Basic Introduction of Session
WuNJIT的博客
09-06 151
Session introduction session称为“会话控制”,Session 对象存储特定用户会话所需的属性及配置信息。 当程序需要为某个客户端的请求创建一个session时,服务器首先检查这个客户端是否包含一个session标识(即JSESSIONID)。 如果是第一次请求服务器,服务器会创建session,并创建Cookie,在Cookie中保存Session的id,发送给客户端,这样客户端就有了自己的session的id了。但这个Cookie只在浏览器内存中存在,也就是说,在关闭浏览器
how to use python to convert a datatype from 1.0 to 1
最新发布
07-13
To convert a data type from 1.0 to 1 in Python, you can use the `int()` function to convert the float to an integer. Here's an example: ```python value = 1.0 converted_value = int(value) print(converted_value) ``` Output: ``` 1 ``` In the above code, the `int()` function is used to convert the float value `1.0` to an integer. The result is assigned to the variable `converted_value`, which will hold the value `1`.

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值