需求:
1.当用户请求主页面时如果没有登陆转发到登陆界面
2.将用户信息存入到session中,账号密码存入cookie。
3.利用Filter过滤全局检测cookie,调用service实现登陆。
密码加密,登陆,注册页面不能自动登陆
jsp:
主页面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8" isELIgnored="false"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<html>
<head>
</head>
<body>
<c:if test="${sessionScope.c==null}">
<script type="text/javascript">
location.href = '${pageContext.request.contextPath}/login.jsp';
</script>
</c:if>
<h5>当前用户:${sessionScope.c.name}</h5>
</body>
</html>
登陆页面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8" isELIgnored="false"%>
<html>
<head>
</head>
<body>
<hr>
${error}
<form action="${pageContext.request.contextPath}/login" method="post">
用户姓名:<input type="text" name="username"><br>
用户密码:<input type="password" name="password"><br> <input type="checkbox" name="autoLogin"value="is">自动登陆<br>
<input type="submit" value="登陆">
</form>
</body>
</html>
登陆servlet
package com.kick.web;
import java.io.IOException;
import java.sql.SQLException;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.kick.domain.Customer;
import com.lick.service.KickService;
public class LoginServlet extends HttpServlet {
public void destroy() {
super.destroy();
}
@SuppressWarnings("unchecked")
public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {
request.setCharacterEncoding("utf-8");
String username = request.getParameter("username");
String password = request.getParameter("password");
String autoLogin = request.getParameter("autoLogin");
if (username != null) {
KickService service = new KickService();//业务层登陆方法 不贴了
try {
Customer c = service.queryCustomer(username, password);
if (c == null) {
request.setAttribute("error", "用户名或密码错误");
request.getRequestDispatcher("/login.jsp").forward(request,
response);
} else {
// 登陆成功 将用户存入到session中
request.getSession().setAttribute("c", c);
//判断是否勾选,自动登陆将用户名和密码存入到cookie中
if("is".equals(autoLogin)){
Cookie cookie=new Cookie("autoLogin",username+","+password);
cookie.setPath("/");
cookie.setMaxAge(60*60*24*7);//存储7天
//回写到客户端
response.addCookie(cookie);
}
//重定向到主页面 response.sendRedirect(request.getContextPath()+"/success.jsp");
}
} catch (SQLException e) {
e.printStackTrace();
response.getWriter().write("用户名或密码错误");
return;
}
}
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
public void init() throws ServletException {
}
}
Filter
package com.kick.filter;
import java.io.IOException;
import java.sql.SQLException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.kick.domain.Customer;
import com.kick.utils.CookieUtils;
import com.lick.service.KickService;
public class AutoLoginFilter implements Filter {
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
// 拦截请求进行自动登陆
Customer customer = (Customer) request.getSession().getAttribute("c");
String uri = request.getRequestURI();
String contextpath = request.getContextPath();
String path = uri.substring(contextpath.length());
// 判断用户的请求 路径是否为登陆页面
if (!path.equals("/login.jsp") || path.equals("/login")) {
// 如果用户没有登陆即session没有超时,还存有用户信息进行自动登陆
if (customer == null) {
Cookie cookie = CookieUtils.getCookie(request.getCookies(),
"autoLogin");
if (cookie != null) {
// 获取用户名和密码
String username = cookie.getValue().split(",")[0];
String password = cookie.getValue().split(",")[1];
KickService service = new KickService();
// 登陆
try {
Customer c = service.queryCustomer(username, password);
if (c != null) {
request.getSession().setAttribute("c", c);//将用户信息存入到session
}
} catch (SQLException e) {
e.printStackTrace();
}
}
}
}
// 登陆之后正常操作
chain.doFilter(request, response);
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<filter>
<filter-name>AutoLoginFilter</filter-name>
<filter-class>com.kick.filter.AutoLoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AutoLoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>com.kick.web.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
</web-app>