1 概述
Cookie 是一种客户端存储技术,实际存储的是文本文件,以key-value 形式存储
本文将介绍一下Cookie是如何存储用户名密码的。
记住密码
不记住密码
2 代码实现
cookie_login.jsp
这里写了一个form表单
从Cookie中获取username 和password,如果有值界面就会显示
记住密码 checkbox 会向servlet传递 on 或者 null
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<%
String name = "";
String pwd = "";
Cookie[] cookies = request.getCookies();
for (Cookie cookie : cookies) {
if (cookie.getName().equals("username")) {
name = cookie.getValue();
}
if (cookie.getName().equals("password")) {
pwd = cookie.getValue();
}
}
%>
<form action="cookielogin" method="post">
username:<input type="text" name="username" value="<%=name%>"><br>
password:<input type="password" name="password" value="<%=pwd%>"><br>
remember me:<input type="checkbox" name="remember" ><br>
<input type="submit" value="login"/>
</form>
</body>
</html>
CookieLogoutServlet
从 cookie_login.jsp 接收username 、 password 、remember
其中remember是通过 servletcontent (可以理解为web全局变量)
设置cookie路径
cookie.setPath("/");
设置cookie失效时间,1200秒
cookie.setMaxAge(1200);
cookie1.setMaxAge(1200);
响应时把Cookie返回给客户端的浏览器
resp.addCookie(cookie);
resp.addCookie(cookie1);
package com.duowei.servlet;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.*;
import java.io.IOException;
@WebServlet("/cookielogin")
public class CookieLoginServlet extends HttpServlet {
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpSession session = req.getSession();
String username = req.getParameter("username");
String password = req.getParameter("password");
String remember = req.getParameter("remember");
ServletContext servletContext = this.getServletContext();
servletContext.setAttribute("remember", remember);
ServletContext servletContext1 = this.getServletContext();
String remember1 = (String) servletContext1.getAttribute("remember");
System.out.println(remember1);
if (username.equals("admin") && password.equals("123456")) {
Cookie cookie = new Cookie("username", username);
Cookie cookie1 = new Cookie("password", password);
cookie.setPath("/");
cookie.setMaxAge(1200);
cookie1.setMaxAge(1200);
resp.addCookie(cookie);
resp.addCookie(cookie1);
req.getRequestDispatcher("cookie_welcome.jsp").forward(req, resp);
} else {
resp.sendRedirect("cookie_login.jsp");
}
}
}
cookie_welcome.jsp
进入欢迎页面
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<%
String username = null;
Cookie[] cookies = request.getCookies();
for (Cookie cookie : cookies) {
if (cookie.equals(username)) {
username = cookie.getValue();
}
// out.write(cookie.getName() + "--" + cookie.getValue() + "</br>");
}
%>
<h1>欢迎</h1>
<%= request.getParameter("username") %>
<a href="cookie_logout">退出登录</a>
</body>
</html>
点击退出时传递给CookieLogoutServlet
通过servletcontent 判断 remember 是不是记住密码
如果没有点“记住密码”,直接清除Cookie,然后重定向到登录页面
package com.duowei.servlet;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@WebServlet("/cookie_logout")
public class CookieLogoutServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// ServletContext servletContext = req.getServletContext();
// String remember = (String) servletContext.getAttribute("remember");
ServletContext servletContext = this.getServletContext();
String remember = (String) servletContext.getAttribute("remember");
System.out.println(remember);
if (remember == null) {
Cookie cookie1 = new Cookie("username", "");
Cookie cookie2 = new Cookie("password", "");
resp.addCookie(cookie1);
resp.addCookie(cookie2);
Cookie[] cookies = req.getCookies();
for (Cookie cookie : cookies) {
if (cookie.getName().equals("username") || cookie.getName().equals("password")) {
cookie.setPath("/");
cookie.setValue("");
cookie.setMaxAge(0);
resp.addCookie(cookie);
}
}
}
resp.sendRedirect("cookie_login.jsp");
}
}
3 小结
注意清除Cookie时候我先创建了一组同名的空Cookie,并响应给客户端
Cookie cookie1 = new Cookie(“username”, “”);
Cookie cookie2 = new Cookie(“password”, “”);
resp.addCookie(cookie1);
resp.addCookie(cookie2);
然后逐个进行清除
注意:我设置了Cookie的路径
这样写是为了防止清除Cookie失效
Cookie[] cookies = req.getCookies();
for (Cookie cookie : cookies) {
if (cookie.getName().equals("username") || cookie.getName().equals("password")) {
cookie.setPath("/");
cookie.setValue("");
cookie.setMaxAge(0);
resp.addCookie(cookie);
}
}