Login.jsp
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>登录</title> </head> <body> <form action="LoginServlet" method="post"> 账号:<input type="text" name="account"/><br/> 密码:<input type="password" name="password"/><br/> 有效期: <input type="radio" name="cookie" value="true"/> 30天内失效<br/> <input type="submit" value="登录"/><br/> </form> </body> </html>
welcome.jsp
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>My JSP 'welcome.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css"> --> </head> <body> <h1>30天内自动登陆</h1><hr> <c:if test="${sessionScope.account == null}"> 游客! <a href="Login.jsp">登录</a> </c:if> <c:if test="${sessionScope.account != null}"> 欢迎回来,${sessionScope.account } <a href="InvalidateServlet">注销</a> </c:if> </body> </html>
User,UserDao,DBHelper同之前
LoginServlet
package com.cn.servlet; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import com.cn.dao.UserDao; public class LoginServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { this.doPost(request, response); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.setCharacterEncoding("utf-8"); HttpSession session = request.getSession(); String account = request.getParameter("account"); String password = request.getParameter("password"); UserDao userDao = new UserDao(); Boolean user = userDao.queryUser(account, password); if(user){ request.getSession().setAttribute("account", account); if("true".equals(request.getParameter("cookie"))){ Cookie cookie = new Cookie("cookie",account+":"+password); cookie.setPath(request.getContextPath()); cookie.setMaxAge(3600*24*30); response.addCookie(cookie); } response.sendRedirect("welcome.jsp"); }else{ response.setContentType("text/html;charset=utf-8"); PrintWriter pw = response.getWriter(); pw.print("<script> window.οnlοad=function(){alert('对不起账号或者密码不正确');}</script>"); } } }
InvalidateServlet
package com.cn.servlet; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class InvalidateServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { this.doPost(request, response); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { if(request.getSession(false)!=null){ request.getSession().invalidate(); //删除自动登录 cookie Cookie cookie = new Cookie("cookie", ""); cookie.setPath(request.getContextPath()); cookie.setMaxAge(0); response.addCookie(cookie); } response.sendRedirect("welcome.jsp"); } }
CookieFilter
package com.cn.filter; import java.io.IOException; import java.sql.SQLException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import com.cn.dao.UserDao; import com.cn.pojo.User; public class CookieFilter implements Filter { public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse resp = (HttpServletResponse) response; //1.只有未登录的用户才能自动登陆 if(req.getSession(false)==null || req.getSession().getAttribute("account")==null){ //2.只有带了自动登陆cookie的用户才能自动登陆 Cookie [] cs = req.getCookies(); Cookie findC = null; if(cs!=null){ for(Cookie c : cs){ if("cookie".equals(c.getName())){ findC = c; break; } } } if(findC!=null){ //3.自动登录Cookie中保存的用户名密码都需要是正确的才能自动登陆 String account = findC.getValue().split(":")[0]; String password= findC.getValue().split(":")[1]; UserDao userDao = new UserDao(); Boolean user = userDao.queryUser(account, password); if(user){ req.getSession().setAttribute("account", account); } } } //无论是否自动登陆,都放行资源 chain.doFilter(request, response); } public void destroy() { // TODO Auto-generated method stub } public void init(FilterConfig arg0) throws ServletException { // TODO Auto-generated method stub } }
web.xml
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0"> <display-name>jspT2</display-name> <servlet> <description>This is the description of my J2EE component</description> <display-name>This is the display name of my J2EE component</display-name> <servlet-name>LoginServlet</servlet-name> <servlet-class>com.cn.servlet.LoginServlet</servlet-class> </servlet> <servlet> <description>This is the description of my J2EE component</description> <display-name>This is the display name of my J2EE component</display-name> <servlet-name>InvalidateServlet</servlet-name> <servlet-class>com.cn.servlet.InvalidateServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>LoginServlet</servlet-name> <url-pattern>/LoginServlet</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>InvalidateServlet</servlet-name> <url-pattern>/InvalidateServlet</url-pattern> </servlet-mapping> <filter> <filter-name>CookieFilter</filter-name> <filter-class>com.cn.filter.CookieFilter</filter-class> </filter> <filter-mapping> <filter-name>CookieFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <welcome-file-list> <welcome-file>index.html</welcome-file> <welcome-file>index.htm</welcome-file> <welcome-file>index.jsp</welcome-file> <welcome-file>default.html</welcome-file> <welcome-file>default.htm</welcome-file> <welcome-file>default.jsp</welcome-file> </welcome-file-list> </web-app>