Filter实现自动用户自动登录功能(三)

(一)Filter实现自动用户自动登录的原理

1.登录界面将表单数据提交给LoginServlet处理，并把获取的数据保存到Cookie对象中去。
2.AutoLoginFilter拦截用户登录请求，并判断请求是否包含用户自动登录的Cookie，如果有获取用户的账号和密码进行判断。如果为true，将用户信息封装到User对象存入Session域中，从而实现自动登录功能。

实例演示

package com.Entity;public class User {    //封装用户的属性    private String username;    private String password;    public String getUsername() {        return username;    }    public void setUsername(String username) {        this.username = username;    }    public String getPassword() {        return password;    }    public void setPassword(String password) {        this.password = password;    }}

package com.Servlet;import java.io.IOException;import javax.servlet.ServletException;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import com.Entity.User;public class LoginServlet extends HttpServlet {    public void doGet(HttpServletRequest request,              HttpServletResponse response)            throws ServletException, IOException {        //1.获得用户名和密码        request.setCharacterEncoding("utf-8");        String username = request.getParameter("username");        String password = request.getParameter("password");        //2.验证输入用户名和密码是否正确        if ("Kaina".equals(username) && "123".equals(password)) {            //3.将用户状态 user 对象存入 session域            User user = new User();            user.setUsername(username);            user.setPassword(password);            request.getSession().setAttribute("user", user);            //4.发送自动登录的cookie            String autoLogin = request.getParameter("autologin");            if (autoLogin != null) {                //5.注意 cookie 中的密码要加密                Cookie cookie = new Cookie("autologin", username + "-"                        + password);                cookie.setMaxAge(Integer.parseInt(autoLogin));                cookie.setPath(request.getContextPath());                response.addCookie(cookie);            }        //6.跳转至首页        response.sendRedirect(request.getContextPath()+"/index.jsp");        } else {            request.setAttribute("errerMsg", "用户名或密码错");            request.getRequestDispatcher("/login.jsp")            .forward(request,response);        }    }    public void doPost(HttpServletRequest request,           HttpServletResponse response)            throws ServletException, IOException {        doGet(request, response);    }}

package com.Servlet;import java.io.IOException;import javax.servlet.*;import javax.servlet.http.*;public class LogoutServlet extends HttpServlet {    private static final long serialVersionUID = 1L;    public void doGet(HttpServletRequest request,              HttpServletResponse response)            throws ServletException, IOException {        //1.用户注销        request.getSession().removeAttribute("user");        //2.从客户端删除自动登录的cookie        Cookie cookie = new Cookie("autologin", "msg");        cookie.setPath(request.getContextPath());        cookie.setMaxAge(0);        response.addCookie(cookie);        response.sendRedirect(request.getContextPath()+"/index.jsp");     }    public void doPost(HttpServletRequest request,         HttpServletResponse response)            throws ServletException, IOException {        doGet(request, response);    }}

package com.Filter;import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServletRequest;import com.Entity.User;public class AutoLoginFilter implements Filter {    public void init(FilterConfig filterConfig) throws ServletException {    }    public void doFilter(ServletRequest req, ServletResponse response,            FilterChain chain) throws IOException, ServletException {        HttpServletRequest request = (HttpServletRequest) req;        //1.下次用户请求被拦截后，执行以下代码实现自动登录功能！！！        //1.获得一个名为 autologin 的cookie        Cookie[] cookies = request.getCookies();        String autologin = null;        for (int i = 0; cookies != null && i < cookies.length; i++) {            if ("autologin".equals(cookies[i].getName())) {                //2.找到了指定的cookie                autologin = cookies[i].getValue();                break;            }        }        if (autologin != null) {            //3.做自动登录            String[] parts = autologin.split("-");            String username = parts[0];            String password = parts[1];            //4.检查用户名和密码            if ("itcast".equals(username)&& ("123456").equals(password)) {                // 登录成功,将用户状态 user 对象存入 session域                User user = new User();                user.setUsername(username);                user.setPassword(password);                request.getSession().setAttribute("user", user);            }        }        // 放行        chain.doFilter(request, response);    }    public void destroy() {    }}

package com.Filter;import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServletRequest;import com.Entity.User;public class AutoLoginFilter implements Filter {    public void init(FilterConfig filterConfig) throws ServletException {    }    public void doFilter(ServletRequest req, ServletResponse response,            FilterChain chain) throws IOException, ServletException {        HttpServletRequest request = (HttpServletRequest) req;        //1.下次用户请求被拦截后，执行以下代码实现自动登录功能！！！        //1.获得一个名为 autologin 的cookie        Cookie[] cookies = request.getCookies();        String autologin = null;        for (int i = 0; cookies != null && i < cookies.length; i++) {            if ("autologin".equals(cookies[i].getName())) {                //2.找到了指定的cookie                autologin = cookies[i].getValue();                break;            }        }        if (autologin != null) {            //3.做自动登录            String[] parts = autologin.split("-");            String username = parts[0];            String password = parts[1];            //4.检查用户名和密码            if ("itcast".equals(username)&& ("123456").equals(password)) {                // 登录成功,将用户状态 user 对象存入 session域                User user = new User();                user.setUsername(username);                user.setPassword(password);                request.getSession().setAttribute("user", user);            }        }        // 放行        chain.doFilter(request, response);    }    public void destroy() {    }}

<%@ page language="java" contentType="text/html; charset=utf-8"pageEncoding="utf-8" import="java.util.*"%><%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%><html><head><title>显示登录的用户信息</title></head><body>    <br />    <center>        <h3>欢迎光临</h3>    </center>    <br />    <br />    <c:choose>        <c:when test="${sessionScope.user==null }">           <a href="${pageContext.request.contextPath }/login.jsp">用户登录</a>        </c:when>        <c:otherwise>      欢迎你，${sessionScope.user.username }           <a href="${pageContext.request.contextPath }/LogoutServlet">退出</a>        </c:otherwise>    </c:choose>    <hr /></body></html>

<?xml version="1.0" encoding="UTF-8"?><web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">  <display-name>Project01</display-name>  <welcome-file-list>    <welcome-file>index.jsp</welcome-file>  </welcome-file-list>  <servlet>    <description></description>    <display-name>LogoutServlet</display-name>    <servlet-name>LogoutServlet</servlet-name>    <servlet-class>com.Servlet.LogoutServlet</servlet-class>  </servlet>  <servlet-mapping>    <servlet-name>LogoutServlet</servlet-name>    <url-pattern>/LogoutServlet</url-pattern>  </servlet-mapping>  <servlet>    <description></description>    <display-name>LoginServlet</display-name>    <servlet-name>LoginServlet</servlet-name>    <servlet-class>com.Servlet.LoginServlet</servlet-class>  </servlet>  <servlet-mapping>    <servlet-name>LoginServlet</servlet-name>    <url-pattern>/LoginServlet</url-pattern>  </servlet-mapping>  <filter>    <display-name>AutoLoginFilter</display-name>    <filter-name>AutoLoginFilter</filter-name>    <filter-class>com.Filter.AutoLoginFilter</filter-class>  </filter>  <filter-mapping>    <filter-name>AutoLoginFilter</filter-name>    <!-- 拦截所有用户请求 -->    <url-pattern>/*</url-pattern>  </filter-mapping></web-app>

输出http://localhost/Project01/login.jsp：

---

关闭浏览器后，再次打开浏览器输入http://localhost/Project01/index.jsp：