Filter实现自动用户自动登录功能(三)

(一)Filter实现自动用户自动登录的原理

1.登录界面将表单数据提交给LoginServlet处理，并把获取的数据保存到Cookie对象中去。

2.AutoLoginFilter拦截用户登录请求，并判断请求是否包含用户自动登录的Cookie，如果有获取用户的账号和密码进行判断。如果为true，将用户信息封装到User对象存入Session域中，从而实现自动登录功能。

实例演示

package com.Entity;
public class User {
//封装用户的属性
private String username;
private String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}

package com.Servlet;
import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.Entity.User;
public class LoginServlet extends HttpServlet {
public void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
//1.获得用户名和密码
request.setCharacterEncoding("utf-8");
String username = request.getParameter("username");
String password = request.getParameter("password");
//2.验证输入用户名和密码是否正确
if ("Kaina".equals(username) && "123".equals(password)) {

//3.将用户状态 user 对象存入 session域
User user = new User();
user.setUsername(username);
user.setPassword(password);
request.getSession().setAttribute("user", user);
//4.发送自动登录的cookie
String autoLogin = request.getParameter("autologin");
if (autoLogin != null) {
//5.注意 cookie 中的密码要加密
Cookie cookie = new Cookie("autologin", username + "-"
+ password);
cookie.setMaxAge(Integer.parseInt(autoLogin));
cookie.setPath(request.getContextPath());
response.addCookie(cookie);
}
//6.跳转至首页
response.sendRedirect(request.getContextPath()+"/index.jsp");
} else {
request.setAttribute("errerMsg", "用户名或密码错");
request.getRequestDispatcher("/login.jsp")
.forward(request,response);
}
}
public void doPost(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}

package com.Servlet;
import java.io.IOException;
import javax.servlet.*;
import javax.servlet.http.*;
public class LogoutServlet extends HttpServlet {

private static final long serialVersionUID = 1L;
public void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
//1.用户注销
request.getSession().removeAttribute("user");
//2.从客户端删除自动登录的cookie
Cookie cookie = new Cookie("autologin", "msg");
cookie.setPath(request.getContextPath());
cookie.setMaxAge(0);
response.addCookie(cookie);
response.sendRedirect(request.getContextPath()+"/index.jsp");
}
public void doPost(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}

package com.Filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import com.Entity.User;
public class AutoLoginFilter implements Filter {
public void init(FilterConfig filterConfig) throws ServletException {
}
public void doFilter(ServletRequest req, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
//1.下次用户请求被拦截后，执行以下代码实现自动登录功能！！！
//1.获得一个名为 autologin 的cookie
Cookie[] cookies = request.getCookies();
String autologin = null;
for (int i = 0; cookies != null && i < cookies.length; i++) {
if ("autologin".equals(cookies[i].getName())) {
//2.找到了指定的cookie
autologin = cookies[i].getValue();
break;
}
}
if (autologin != null) {
//3.做自动登录
String[] parts = autologin.split("-");
String username = parts[0];
String password = parts[1];
//4.检查用户名和密码
if ("itcast".equals(username)&& ("123456").equals(password)) {
// 登录成功,将用户状态 user 对象存入 session域
User user = new User();
user.setUsername(username);
user.setPassword(password);
request.getSession().setAttribute("user", user);
}
}
// 放行
chain.doFilter(request, response);
}
public void destroy() {
}
}

package com.Filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import com.Entity.User;
public class AutoLoginFilter implements Filter {
public void init(FilterConfig filterConfig) throws ServletException {
}
public void doFilter(ServletRequest req, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
//1.下次用户请求被拦截后，执行以下代码实现自动登录功能！！！
//1.获得一个名为 autologin 的cookie
Cookie[] cookies = request.getCookies();
String autologin = null;
for (int i = 0; cookies != null && i < cookies.length; i++) {
if ("autologin".equals(cookies[i].getName())) {
//2.找到了指定的cookie
autologin = cookies[i].getValue();
break;
}
}
if (autologin != null) {
//3.做自动登录
String[] parts = autologin.split("-");
String username = parts[0];
String password = parts[1];
//4.检查用户名和密码
if ("itcast".equals(username)&& ("123456").equals(password)) {
// 登录成功,将用户状态 user 对象存入 session域
User user = new User();
user.setUsername(username);
user.setPassword(password);
request.getSession().setAttribute("user", user);
}
}
// 放行
chain.doFilter(request, response);
}
public void destroy() {
}
}

<%@ page language="java" contentType="text/html; charset=utf-8"
pageEncoding="utf-8" import="java.util.*"
%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html>
<head>
<title>显示登录的用户信息</title>
</head>
<body>
<br />
<center>
<h3>欢迎光临</h3>
</center>
<br />
<br />
<c:choose>
<c:when test="${sessionScope.user==null }">
<a href="${pageContext.request.contextPath }/login.jsp">用户登录</a>
</c:when>
<c:otherwise>
欢迎你，${sessionScope.user.username }
<a href="${pageContext.request.contextPath }/LogoutServlet">退出</a>
</c:otherwise>
</c:choose>
<hr />
</body>
</html>

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>Project01</display-name>
<welcome-file-list>
<<
cb2f
span class="hljs-title">welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<servlet>
<description></description>
<display-name>LogoutServlet</display-name>
<servlet-name>LogoutServlet</servlet-name>
<servlet-class>com.Servlet.LogoutServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LogoutServlet</servlet-name>
<url-pattern>/LogoutServlet</url-pattern>
</servlet-mapping>
<servlet>
<description></description>
<display-name>LoginServlet</display-name>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>com.Servlet.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/LoginServlet</url-pattern>
</servlet-mapping>
<filter>
<display-name>AutoLoginFilter</display-name>
<filter-name>AutoLoginFilter</filter-name>
<filter-class>com.Filter.AutoLoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AutoLoginFilter</filter-name>
<!-- 拦截所有用户请求 -->
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>

输出http://localhost/Project01/login.jsp：



关闭浏览器后，再次打开浏览器输入http://localhost/Project01/index.jsp：