通过COOKIE实现自动登录

1。 loginAction.java 建cookie，取cookie

//若cookie有用户名，提取记住的用户名
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (Cookie cookie : cookies) {
if ("SESSION_LOGIN_USERNAME".equals(cookie.getName())) {

// 得到cookie的用户名，取的时候解码
loginname1 = URLDecoder.decode(cookie.getValue(), "GBK");
request.setAttribute("loginname", loginname1);
break;
}
}
}

if ("true".equals(request.getParameter("isSubmit"))) {

//判断用户名，密码正确

.....

//记住用户名
String rememberName = request.getParameter("rememberName");
String autologin = request.getParameter("autologin");

if (rememberName != null && rememberName.equals("1")) {

//cookie存不了中文，要转码
String value = URLEncoder.encode(loginname, "GBK");
Cookie cookie1 = new Cookie("SESSION_LOGIN_USERNAME", value); // 保存用户名到Cookie
cookie1.setPath("/");
cookie1.setMaxAge(24 * 60 * 60 * 30);//设置有效期，单位为秒，这里为一个月
response.addCookie(cookie1);
}
//自动登录
// 保存密码到Cookie，注意需要加密一下
if (autologin != null && autologin.equals("1")) {
Cookie cookie2 = new Cookie("SESSION_LOGIN_PASSWORD", MD5
.digest(password.getBytes()));
cookie2.setPath("/");
cookie2.setMaxAge(24 * 60 * 60 * 30);
response.addCookie(cookie2);
}

//登录之后的操作

request.getSession().setAttribute("_USER", user);
request.setAttribute("login", true);
request.setAttribute("user", user);

request.getRequestDispatcher("workspace.shtml").forward(request, response);

}
2.login.vm登录的页面

<tr>
<td> </td>
<td><label>
<input type="checkbox" name="rememberName" value="1" checked/>
记住用户名
</label>
<label>
<input type="checkbox" name="autologin" value="1" />
自动登录
</label></td>
</tr>

3.IndexAction.java 首页的action 取cookie，自动登录

// 判断是否自动登录
String usernameCookie = null;
String passwordCookie = null;
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (Cookie cookie : cookies) {
if ("SESSION_LOGIN_USERNAME".equals(cookie.getName())) {
usernameCookie = URLDecoder
.decode(cookie.getValue(), "GBK"); // 得到cookie的用户名
}
if ("SESSION_LOGIN_PASSWORD".equals(cookie.getName())) {
passwordCookie = cookie.getValue(); // 得到cookie的密码
}
}
if (usernameCookie != null && passwordCookie != null) { // 如果存在
MemberManager m = new MemberManager();
Account user = m.getAccountByLoginname(usernameCookie);
String password = user.getPassword();

//判断cookie中的密码与数据库密码是否一致
if (MD5.digest(password.getBytes()).equals(passwordCookie)) {
// 登陆成功的处理
request.setAttribute("login", true);
request.getSession().setAttribute("_USER", user);
request.getRequestDispatcher("workspace.shtml").forward(
request, response);
} else {
// 登陆不成功的处理
request.getRequestDispatcher("login.shtml").forward(
request, response);
}
}
}

4.logout.jsp 退出登录，清空cookie中的密码 清空cookie

<%@page contentType="text/html; charset=GBK"%>
<%@page import="javax.servlet.http.Cookie"%>
<%
session.setAttribute("forward", null);
session.setAttribute("forward-url", null);
session.setAttribute("forward-parameters", null);
session.setAttribute("_USER", null);
session.setAttribute("_BASKET", null);
Cookie[] cookies = request.getCookies();
try {
for (int j = 0; j < cookies.length; j++) {
if ("SESSION_LOGIN_PASSWORD".equals(cookies[j].getName())) {
Cookie killMyCookie = new Cookie(cookies[j].getName(),
"");
killMyCookie.setMaxAge(0);
killMyCookie.setPath("/");
response.addCookie(killMyCookie);
break;
}
}
} catch (Exception ex) {
System.out.println("error！ ");
}
%>
<html>
<body></body>
</html>
<script language="javascript">
window.location.href = './';
</script>