通常我们登录某网站,会有选择保存几天,或者是几个星期不用登录,之后输入该网站地址无需登录直接进入主页面,那么这就叫做自动登录,怎么实现呢,下面我以一个小例子来演示一下
登录页面:login.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<html>
<head>
</head>
<body>
<form action="login.do">
用户名:<input type="text" name="username" ><br/>
密 码:<input type="text" name="password" ><br/>
<input type="submit" value="登录" /><select name="saveTime">
<option value="366">一年</option>
<option value="183">半年</option>
<option value="30">一个月</option>
<option value="7">一周</option>
</select>
</form>
</body>
</html>
那么从上面可看到可选择保存自动登录的期限,可以是一年,半年,一个月,一周,当然这都是以天为单位的
服务类:LoginService
package com.login.servlet;
public class LoginService {
public static boolean login(String username, String password) {
if ("admin".equals(username) && "123456".equals(password)) {
return true;
} else {
return false;
}
}
}
业务处理servlet:LoginServlet
package com.login.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LoginServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String username=request.getParameter("username");
String password=request.getParameter("password");
String savetime=request.getParameter("saveTime");
if(LoginService.login(username, password)){
if(null!=savetime&&!savetime.isEmpty()){
int saveTime=Integer.parseInt(savetime);//这里接受的表单值为天来计算的
int seconds=saveTime*24*60*60;
Cookie cookie = new Cookie("user", username+"=="+password);
cookie.setMaxAge(seconds);
response.addCookie(cookie);
}
request.setAttribute("username",username);
request.getRequestDispatcher("/main.jsp").forward(request,response);
}else{
request.getRequestDispatcher("/index.jsp").forward(request,response);
}
}
}
看清上面处理Cookie的方式步骤:其实这是为第一次登录该网站时【前提是选择了保存自动登录期限时间】处理Cookie,只要这一步处理成功,以后都无需经过这个Servlet因为我们接下来要在请求到达前,从Cookie中取出我们的用户名和密码,这样的话就需要一个过滤器了
package com.login.servlet;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class IndexFilter implements Filter {
public void destroy() {
// TODO Auto-generated method stub
}
public void doFilter(ServletRequest arg0, ServletResponse arg1,
FilterChain arg2) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) arg0;
HttpServletResponse response = (HttpServletResponse) arg1;
Cookie[] cookies = request.getCookies();
String[] cooks = null;
String username = null;
String password = null;
if (cookies != null) {
for (Cookie coo : cookies) {
String aa = coo.getValue();
cooks = aa.split("==");
if (cooks.length == 2) {
username = cooks[0];
password = cooks[1];
}
}
}
if (LoginService.login(username, password)) {
request.getSession().setAttribute("username",username);
response.sendRedirect("main.jsp");
//request.getRequestDispatcher("/main.jsp").forward(request, response);
}else{
arg2.doFilter(request,response );
}
}
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
}
}
我这里所说的请求到达之前,不是指的某个路径匹配的servlet而是指的就是在输入网址到达登录页面前就要进行自动登录的处理,那么web.xml中应该怎么配置呢
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<filter>
<filter-name>loginFilter</filter-name>
<filter-class>com.login.servlet.IndexFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>loginFilter</filter-name>
<url-pattern>/index.jsp</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>com.login.servlet.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/login.do</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>login.jsp</welcome-file>
</welcome-file-list>
</web-app>
看见了没有,上面的filter匹配路径只是针对一个页面,与通常写/*匹配所有请求到达之前是不一样的写法哦
主页面:main.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<html>
<head>
<title>My JSP 'maiin.jsp' starting page</title>
</head>
<body>
登录成功,欢迎${username}的到来
</body>
</html>
输入地址:http://localhost:8080/WebApp/login.jsp,出现登录页面
然后输入:admin,123456 ,选择一个保存日期
这样第一次登录成功之后,是经由LoginServlet处理了,由于选择了日期,所以Cookie中保存了用户信息,所以之后再输入同样地址后,不会出现登录页面,就不再经过LoginServlet处理【因为LoginServlet处理的是登陆页面上登录按钮请求的】,而直接提前交由IndexFilter处理,直接进入主页面,明白了么?