struts2结合过滤器和cookie实现自动登录

写个过滤器要对登录页面进行过滤，如果session为空，则去cookie中去寻找相关的信息，如果找到了则加载用户的信息，然后转发到登录成功的页面。我用的是struts2实现的，cookie存放用户名和Md5加密后的密码，贴代码:

1.登录页面index.jsp

[c-sharp] view plain copy print ?

1. <%@ page language="java" import="java.util.*" pageEncoding="gbk"%>  
2. <html>  
3. <body>  
4. <form name="form" id="form1" action="user_login.action" method="post">  
5. 用户名:  
6. <input name="user.username" id="username" />  
7. <br />  
8. 密码:  
9. <input type="password" name="user.password" id="password" />  
10. <br />  
11. <input type="checkbox" name="autologin" value="on">  
12. 两周内自动登录  
13. <div>  
14. <font><font color="red"></font>${message}</font>  
15. </div>  
16. <br>  
17. <input type="submit" value="登录" />  
18. </form>  
19. </body>  
20. </html>  

<%@ page language="java" import="java.util.*" pageEncoding="gbk"%> <html> <body> <form name="form" id="form1" action="user_login.action" method="post"> 用户名: <input name="user.username" id="username" /> <br /> 密码: <input type="password" name="user.password" id="password" /> <br /> <input type="checkbox" name="autologin" value="on"> 两周内自动登录 <div> <font><font color="red"></font>${message}</font> </div> <br> <input type="submit" value="登录" /> </form> </body> </html> 

 

2.登录成功页面welcome.jsp

[c-sharp] view plain copy print ?

1. <%@ page language="java" import="java.util.*" pageEncoding="gbk"%>  
2. <html>  
3.   </head>  
4.   <body>  
5.     登录成功!${user.username}  
6.   </body>  
7. </html>  

<%@ page language="java" import="java.util.*" pageEncoding="gbk"%> <html> </head> <body> 登录成功!${user.username} </body> </html> 

3.User.java

[java] view plain copy print ?

1. package bean;  
2. public class User {  
3. private int id;  
4. private String username;  
5. private String password;  
6. public User() {  
7. }  
8. public void setPassword(String password) {  
9. this.password = password;  
10. }  
11. public String getPassword() {  
12. return password;  
13. }  
14. public void setUsername(String username) {  
15. this.username = username;  
16. }  
17. public String getUsername() {  
18. return username;  
19. }  
20. public void setId(int id) {  
21. this.id = id;  
22. }  
23. public int getId() {  
24. return id;  
25. }  
26. }  

package bean; public class User { private int id; private String username; private String password; public User() { } public void setPassword(String password) { this.password = password; } public String getPassword() { return password; } public void setUsername(String username) { this.username = username; } public String getUsername() { return username; } public void setId(int id) { this.id = id; } public int getId() { return id; } } 

 

4.UserAction.java

[java] view plain copy print ?

1. package action;  
2. import javax.servlet.http.Cookie;  
3. import javax.servlet.http.HttpServletRequest;  
4. import javax.servlet.http.HttpServletResponse;  
5. import javax.servlet.http.HttpSession;  
6. import org.apache.struts2.interceptor.ServletRequestAware;  
7. import org.apache.struts2.interceptor.ServletResponseAware;  
8. import util.DBUtil;  
9. import util.UtilCommon;  
10. import bean.User;  
11. import com.opensymphony.xwork2.ActionSupport;  
12. public class UserAction extends ActionSupport implements ServletRequestAware,  
13. ServletResponseAware {  
14. private User user;  
15. private String autologin;  
16. private HttpServletRequest request;  
17. private HttpServletResponse response;  
18. private HttpSession session;  
19. private String message;  
20. public String login() {  
21. Cookie username, password;  
22. session = request.getSession();  
23. user.setPassword(UtilCommon.md5Encryption(user.getPassword()));//MD5加密   
24. user=DBUtil.checkLogin(user);  
25. if (user != null) {  
26. if ("on".equals(autologin)){  
27. // 如果用户选择了“两周内自动登录”，则向用户发送两个cookie， 一个cookie记录用户名，另一个记录密码   
28. username = new Cookie("username", user.getUsername());  
29. username.setMaxAge(60 * 60 * 24 * 14); // 设置Cookie有效期为14天   
30. username.setPath("/");  
31. response.addCookie(username);  
32. password = new Cookie("password", user.getPassword());   
33. password.setMaxAge(60 * 60 * 24 * 14);  
34. password.setPath("/");  
35. response.addCookie(password);  
36. }  
37. session.setAttribute("user", user);  
38. } else {  
39. message = "用户名或密码错误!";  
40. return "input";  
41. }  
42. return "success";  
43. }  
44. public void setServletRequest(HttpServletRequest request) {  
45. this.request = request;  
46. }  
47. public void setServletResponse(HttpServletResponse response) {  
48. this.response = response;  
49. }  
50. public String getAutologin() {  
51. return autologin;  
52. }  
53. public void setAutologin(String autologin) {  
54. this.autologin = autologin;  
55. }  
56. public User getUser() {  
57. return user;  
58. }  
59. public void setUser(User user) {  
60. this.user = user;  
61. }  
62. public void setMessage(String message) {  
63. this.message = message;  
64. }  
65. public String getMessage() {  
66. return message;  
67. }  
68. }  

package action; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.struts2.interceptor.ServletRequestAware; import org.apache.struts2.interceptor.ServletResponseAware; import util.DBUtil; import util.UtilCommon; import bean.User; import com.opensymphony.xwork2.ActionSupport; public class UserAction extends ActionSupport implements ServletRequestAware, ServletResponseAware { private User user; private String autologin; private HttpServletRequest request; private HttpServletResponse response; private HttpSession session; private String message; public String login() { Cookie username, password; session = request.getSession(); user.setPassword(UtilCommon.md5Encryption(user.getPassword()));//MD5加密 user=DBUtil.checkLogin(user); if (user != null) { if ("on".equals(autologin)){ // 如果用户选择了“两周内自动登录”，则向用户发送两个cookie， 一个cookie记录用户名，另一个记录密码 username = new Cookie("username", user.getUsername()); username.setMaxAge(60 * 60 * 24 * 14); // 设置Cookie有效期为14天 username.setPath("/"); response.addCookie(username); password = new Cookie("password", user.getPassword()); password.setMaxAge(60 * 60 * 24 * 14); password.setPath("/"); response.addCookie(password); } session.setAttribute("user", user); } else { message = "用户名或密码错误!"; return "input"; } return "success"; } public void setServletRequest(HttpServletRequest request) { this.request = request; } public void setServletResponse(HttpServletResponse response) { this.response = response; } public String getAutologin() { return autologin; } public void setAutologin(String autologin) { this.autologin = autologin; } public User getUser() { return user; } public void setUser(User user) { this.user = user; } public void setMessage(String message) { this.message = message; } public String getMessage() { return message; } }  

5.过滤器LoginFilter.java

[java] view plain copy print ?

1. package filter;  
2. import java.io.IOException;  
3. import javax.servlet.Filter;  
4. import javax.servlet.FilterChain;  
5. import javax.servlet.FilterConfig;  
6. import javax.servlet.ServletException;  
7. import javax.servlet.ServletRequest;  
8. import javax.servlet.ServletResponse;  
9. import javax.servlet.http.Cookie;  
10. import javax.servlet.http.HttpServletRequest;  
11. import javax.servlet.http.HttpServletResponse;  
12. import javax.servlet.http.HttpSession;  
13. import util.DBUtil;  
14. import bean.User;  
15. public class LoginFilter implements Filter {  
16. public void destroy() {  
17. }  
18. public void doFilter(ServletRequest req, ServletResponse res,  
19. FilterChain chain) throws IOException, ServletException {  
20. HttpServletRequest request = (HttpServletRequest) req;  
21. HttpServletResponse response = ((HttpServletResponse) res);  
22. HttpSession session = request.getSession(true);  
23. String username, password;  
24. Cookie[] cookies;  
25. User user = (User) session.getAttribute("user");  
26. if (user == null) {  
27. cookies = request.getCookies();  
28. if (cookies != null && cookies.length > 0) {  
29. username = getCookieValue(cookies, "username");  
30. password = getCookieValue(cookies, "password");  
31. if (username != null && password != null) {  
32. user=new User();  
33. user.setUsername(username);  
34. user.setPassword(password);  
35. user = DBUtil.checkLogin(user);// 加载用户信息   
36. session.setAttribute("user", user); // user添加到session中。   
37. request.getRequestDispatcher("/welcome.jsp").forward(request,  
38. response);  
39. } else {  
40. request.getRequestDispatcher("/login.jsp").forward(request,  
41. response);  
42. }  
43. } else {  
44. request.getRequestDispatcher("/login.jsp").forward(request,  
45. response);  
46. }  
47. }  
48. chain.doFilter(req, res);  
49. }  
50. public void init(FilterConfig arg0) throws ServletException {  
51. }  
52. public String getCookieValue(Cookie[] cookies, String str) {  
53. String result = null;  
54. for (Cookie cookie : cookies) {  
55. if (cookie.getName().equals(str)) {  
56. result = cookie.getValue();  
57. break;  
58. }  
59. }  
60. return result;  
61. }  
62. }  

package filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import util.DBUtil; import bean.User; public class LoginFilter implements Filter { public void destroy() { } public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = ((HttpServletResponse) res); HttpSession session = request.getSession(true); String username, password; Cookie[] cookies; User user = (User) session.getAttribute("user"); if (user == null) { cookies = request.getCookies(); if (cookies != null && cookies.length > 0) { username = getCookieValue(cookies, "username"); password = getCookieValue(cookies, "password"); if (username != null && password != null) { user=new User(); user.setUsername(username); user.setPassword(password); user = DBUtil.checkLogin(user);// 加载用户信息 session.setAttribute("user", user); // user添加到session中。 request.getRequestDispatcher("/welcome.jsp").forward(request, response); } else { request.getRequestDispatcher("/login.jsp").forward(request, response); } } else { request.getRequestDispatcher("/login.jsp").forward(request, response); } } chain.doFilter(req, res); } public void init(FilterConfig arg0) throws ServletException { } public String getCookieValue(Cookie[] cookies, String str) { String result = null; for (Cookie cookie : cookies) { if (cookie.getName().equals(str)) { result = cookie.getValue(); break; } } return result; } }  

 

6.数据库操作DBUtil.java

 

[java] view plain copy print ?

1. package util;  
2. import java.sql.Connection;  
3. import java.sql.DriverManager;  
4. import java.sql.PreparedStatement;  
5. import java.sql.ResultSet;  
6. import java.sql.SQLException;  
7. import bean.User;  
8. public class DBUtil {  
9. //取得数据库连接   
10. public static Connection getConnection() {  
11. Connection conn = null;  
12. try {  
13. Class.forName("com.mysql.jdbc.Driver");  
14. } catch (ClassNotFoundException e) {  
15. // TODO Auto-generated catch block   
16. e.printStackTrace();  
17. System.out.println("驱动程序没有找到" + e.getMessage());  
18. }  
19. try {  
20. conn = DriverManager.getConnection(  
21. "jdbc:mysql://localhost:3306/cookie", "root", "123");  
22. } catch (SQLException e) {  
23. // TODO Auto-generated catch block   
24. e.printStackTrace();  
25. System.out.println("获得连接出错!");  
26. }  
27. return conn;  
28. }  
29. public static User checkLogin(User user){  
30. Connection con=null;  
31. PreparedStatement ps=null;  
32. ResultSet rs=null;  
33. String sql="select * from users where username=? and password=?";  
34. try{  
35. con=getConnection();  
36. ps=con.prepareStatement(sql);  
37. ps.setString(1, user.getUsername());  
38. ps.setString(2, user.getPassword());  
39. rs=ps.executeQuery();  
40. if(rs.next()){  
41. user.setId(rs.getInt("id"));  
42. user.setUsername(rs.getString("username"));  
43. user.setPassword(rs.getString("password"));  
44. return user;  
45. }  
46. rs.close();  
47. ps.close();  
48. con.close();  
49. }catch(Exception e){  
50. e.printStackTrace();  
51. }  
52. return null;  
53. }  
54. }  

package util; import java.sql.Connection; import java.sql.DriverManager; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; import bean.User; public class DBUtil { //取得数据库连接 public static Connection getConnection() { Connection conn = null; try { Class.forName("com.mysql.jdbc.Driver"); } catch (ClassNotFoundException e) { // TODO Auto-generated catch block e.printStackTrace(); System.out.println("驱动程序没有找到" + e.getMessage()); } try { conn = DriverManager.getConnection( "jdbc:mysql://localhost:3306/cookie", "root", "123"); } catch (SQLException e) { // TODO Auto-generated catch block e.printStackTrace(); System.out.println("获得连接出错!"); } return conn; } public static User checkLogin(User user){ Connection con=null; PreparedStatement ps=null; ResultSet rs=null; String sql="select * from users where username=? and password=?"; try{ con=getConnection(); ps=con.prepareStatement(sql); ps.setString(1, user.getUsername()); ps.setString(2, user.getPassword()); rs=ps.executeQuery(); if(rs.next()){ user.setId(rs.getInt("id")); user.setUsername(rs.getString("username")); user.setPassword(rs.getString("password")); return user; } rs.close(); ps.close(); con.close(); }catch(Exception e){ e.printStackTrace(); } return null; } }

7.md5加密方法类UtilCommon.java

[java] view plain copy print ?

1. package util;  
2. import java.security.MessageDigest;  
3. import java.security.NoSuchAlgorithmException;  
4. public class UtilCommon {  
5. public static String md5Encryption(String plainText) {  
6. StringBuffer buf = new StringBuffer("");  
7. try {  
8. MessageDigest md = MessageDigest.getInstance("MD5");  
9. md.update(plainText.getBytes());  
10. byte b[] = md.digest();  
11. int i;  
12. for (int offset = 0; offset < b.length; offset++) {  
13. i = b[offset];  
14. if (i < 0)  
15. i += 256;  
16. if (i < 16)  
17. buf.append("0");  
18. buf.append(Integer.toHexString(i));  
19. }  
20. } catch (NoSuchAlgorithmException e) {  
21. // TODO Auto-generated catch block   
22. e.printStackTrace();  
23. }  
24. //return buf.toString());// 32位的加密   
25. return buf.toString().substring(8, 24);// 16位的加密   
26. }  
27. public static void main(String agrs[]) {  
28. System.out.println(md5Encryption("123456"));  
29. }  
30. }  

package util; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; public class UtilCommon { public static String md5Encryption(String plainText) { StringBuffer buf = new StringBuffer(""); try { MessageDigest md = MessageDigest.getInstance("MD5"); md.update(plainText.getBytes()); byte b[] = md.digest(); int i; for (int offset = 0; offset < b.length; offset++) { i = b[offset]; if (i < 0) i += 256; if (i < 16) buf.append("0"); buf.append(Integer.toHexString(i)); } } catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block e.printStackTrace(); } //return buf.toString());// 32位的加密 return buf.toString().substring(8, 24);// 16位的加密 } public static void main(String agrs[]) { System.out.println(md5Encryption("123456")); } }  

 

8.web.xml

[xhtml] view plain copy print ?

1. <?xml version="1.0" encoding="UTF-8"?>  
2. <web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"  
3. xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  
4. xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee   
5. http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">  
6. <welcome-file-list>  
7. <welcome-file>login.jsp</welcome-file>  
8. </welcome-file-list>  
9. <filter>  
10. <!-- 定义核心Filter的名字 -->  
11. <filter-name>LoginFilter</filter-name>  
12. <!-- 定义核心Filter的实现类 -->  
13. <filter-class>  
14. filter.LoginFilter  
15. </filter-class>  
16. </filter>  
17. <filter-mapping>  
18. <filter-name>LoginFilter</filter-name>  
19. <url-pattern>*.jsp</url-pattern>  
20. </filter-mapping>  
21. <filter>  
22. <filter-name>struts2</filter-name>  
23. <filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class>  
24. </filter>  
25. <filter-mapping>  
26. <filter-name>struts2</filter-name>  
27. <url-pattern>/*</url-pattern>  
28. </filter-mapping>  
29. <filter>  
30. <filter-name>struts-cleanup</filter-name>  
31. <filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class>  
32. </filter>  
33. <filter-mapping>  
34. <filter-name>struts-cleanup</filter-name>  
35. <url-pattern>/*</url-pattern>  
36. </filter-mapping>  
37. </web-app>  

<?xml version="1.0" encoding="UTF-8"?> <web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"> <welcome-file-list> <welcome-file>login.jsp</welcome-file> </welcome-file-list> <filter> <!-- 定义核心Filter的名字 --> <filter-name>LoginFilter</filter-name> <!-- 定义核心Filter的实现类 --> <filter-class> filter.LoginFilter </filter-class> </filter> <filter-mapping> <filter-name>LoginFilter</filter-name> <url-pattern>*.jsp</url-pattern> </filter-mapping> <filter> <filter-name>struts2</filter-name> <filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class> </filter> <filter-mapping> <filter-name>struts2</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter> <filter-name>struts-cleanup</filter-name> <filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class> </filter> <filter-mapping> <filter-name>struts-cleanup</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> </web-app>  

 

9.struts.xml

[xhtml] view plain copy print ?

1. <?xml version="1.0" encoding="UTF-8" ?>  
2. <!DOCTYPE struts PUBLIC  
3.     "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"  
4.     "http://struts.apache.org/dtds/struts-2.0.dtd">  
5. <struts>  
6.     <constant name="struts.i18n.reload" value="true" />  
7.     <constant name="struts.devMode" value="false" />  
8.     <constant name="struts.configuration.xml.reload" value="true" />  
9.     <package name="default" extends="struts-default" namespace="/">  
10.         <action name="user_*" class="action.UserAction" method="{1}">  
11.             <result name="success">/welcome.jsp</result>  
12.             <result name="input">/login.jsp</result>  
13.         </action>  
14.     </package>  
15. </struts>  

<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN" "http://struts.apache.org/dtds/struts-2.0.dtd"> <struts> <constant name="struts.i18n.reload" value="true" /> <constant name="struts.devMode" value="false" /> <constant name="struts.configuration.xml.reload" value="true" /> <package name="default" extends="struts-default" namespace="/"> <action name="user_*" class="action.UserAction" method="{1}"> <result name="success">/welcome.jsp</result> <result name="input">/login.jsp</result> </action> </package> </struts>

 

10.数据库脚本

[java] view plain copy print ?

1. /* 
2. SQLyog 企业版 - MySQL GUI v8.14  
3. MySQL - 5.6.2-m5 : Database - cookie 
4. ********************************************************************* 
5. */  
6. /*!40101 SET NAMES utf8 */;  
7. /*!40101 SET SQL_MODE=''*/;  
8. /*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;  
9. /*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;  
10. /*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;  
11. /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;  
12. CREATE DATABASE /*!32312 IF NOT EXISTS*/`cookie` /*!40100 DEFAULT CHARACTER SET utf8 */;  
13. USE `cookie`;  
14. /*Table structure for table `users` */  
15. DROP TABLE IF EXISTS `users`;  
16. CREATE TABLE `users` (  
17.   `id` int(11) NOT NULL AUTO_INCREMENT,  
18.   `username` varchar(50) DEFAULT NULL,  
19.   `password` varchar(50) DEFAULT NULL,  
20.   PRIMARY KEY (`id`)  
21. ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;  
22. /*Data for the table `users` */  
23. insert  into `users`(`id`,`username`,`password`) values (1,'zxc','49ba59abbe56e057');  
24. /*!40101 SET SQL_MODE=@OLD_SQL_MODE */;  
25. /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;  
26. /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;  
27. /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;  

/* SQLyog 企业版 - MySQL GUI v8.14 MySQL - 5.6.2-m5 : Database - cookie ********************************************************************* */ /*!40101 SET NAMES utf8 */; /*!40101 SET SQL_MODE=''*/; /*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */; /*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */; /*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */; /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */; CREATE DATABASE /*!32312 IF NOT EXISTS*/`cookie` /*!40100 DEFAULT CHARACTER SET utf8 */; USE `cookie`; /*Table structure for table `users` */ DROP TABLE IF EXISTS `users`; CREATE TABLE `users` ( `id` int(11) NOT NULL AUTO_INCREMENT, `username` varchar(50) DEFAULT NULL, `password` varchar(50) DEFAULT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; /*Data for the table `users` */ insert into `users`(`id`,`username`,`password`) values (1,'zxc','49ba59abbe56e057'); /*!40101 SET SQL_MODE=@OLD_SQL_MODE */; /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;  

工程结构图:

 

 

struts2的jar包和mysql的驱动自己加，你们懂的!