<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<head>
<title>Login</title>
</head>
<body>
<%--用户信息验证失败,显示错误信息--%>
<c:if test="${not empty requestScope.msg}">
<div class="form-group">
<label for="username" class="col-sm-2 control-label"></label>
<div class="col-sm-10">
<font style="color: #f00; font-weight: bold;">${msg}</font>
</div>
</div>
</c:if>
<form action="${pageContext.request.contextPath}/autoLogin" method="post">
<input type="text" name="username" placeholder="请输入用户名">
<input type="password" name="password" placeholder="请输入密码">
<input type="checkbox" name="autoLogin">
<input type="submit" width="100" value="登录">
</form>
</body>
</html>
登陆表单页面
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<head>
<title>$Title$</title>
</head>
<body>
<%--用户信息验证成功,显示用户名--%>
<c:if test="${not empty loginUser}">
${loginUser.username}
</c:if>
</body>
</html>
登陆成功跳转页
package com.zjl.main;
import com.zjl.main.domain.User;
import com.zjl.main.service.UserService;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.sql.SQLException;
@WebServlet(name = "Test04Servlet")
public class Test04Servlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
request.setCharacterEncoding("UTF-8");
// 获取 request 参数
String username = request.getParameter("username");
String password = request.getParameter("password");
String autoLogin = request.getParameter("autoLogin");
// 用户登陆信息验证
User user = new User();
user.setUsername(username);
user.setPassword(password);
UserService service = new UserService();
User loginUser = null;
try {
loginUser = service.login(user);
} catch (SQLException e) {
e.printStackTrace();
}
if (loginUser != null) {
// 如果确认自动登陆,则将用户名密码封装成一个字符串,添加在cookie中返回给客户端
if (autoLogin != null) {
Cookie cookie = new Cookie("autoLoginCookie", username + "@" + password);
cookie.setPath("/");
cookie.setMaxAge(60*60);
response.addCookie(cookie);
}
// 验证成功,将用户信息设置在session对象中
request.getSession().setAttribute("loginUser", loginUser);
// 重定向至index.jsp
response.sendRedirect(request.getContextPath() + "/index.jsp");
} else {
// 验证失败,将错误信息设置在 request 中,转发到login.jsp中
request.setAttribute("msg", "用户名与密码不匹配");
request.getRequestDispatcher("/login.jsp").forward(request, response);
}
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doPost(request, response);
}
}
package com.zjl.main.filter;
import com.zjl.main.domain.User;
import com.zjl.main.service.UserService;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.sql.SQLException;
@WebFilter(filterName = "AutoLoginFilter")
public class AutoLoginFilter implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
// 强转
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
// 验证 session 中是否存在此用户
User loginUser = (User) request.getSession().getAttribute("loginUser");
if (loginUser != null) {
chain.doFilter(request, response);
return;
}
// 验证是否包含自动登陆的cookie
Cookie[] allCookie = request.getCookies();
Cookie userCookie = null;
if (allCookie != null) {
for (Cookie c : allCookie) {
if ("autoLoginCookie".equals(c.getName())) {
userCookie = c;
break;
}
}
}
if (userCookie == null) {
chain.doFilter(request, response);
return;
}
// 验证cookie中信息是否正确
String[] u = userCookie.getValue().split("@");
String username = u[0];
String password = u[1];
User user = new User();
user.setUsername(username);
user.setPassword(password);
UserService service = new UserService();
try {
loginUser = service.login(user);
} catch (SQLException e) {
e.printStackTrace();
}
if (loginUser == null) {
chain.doFilter(request, response);
return;
}
request.getSession().setAttribute("loginUser", loginUser);
chain.doFilter(request, response);
}
public void init(FilterConfig config) throws ServletException {
}
}
过滤器
<filter>
<filter-name>AutoLoginFilter</filter-name>
<filter-class>com.zjl.main.filter.AutoLoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AutoLoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
在web.xml中注册过滤器