1.介绍
我希望实现这样一个功能,以main.jsp作为这个小项目的主页,同时这个页面也是项目启动的欢迎页面,当我第一次进入该页面时,该webapp肯定是没有关于我的任何信息的,所以我需要先进行登录,因此我在main.jsp添加一个超链接,点击该超链接可以去登录,当我登录成功后,仍然跳转到主页,在从login.jsp跳转到main.jsp的过程中,会先被拦截器(拦截所有请求)拦截,判断是否有用户的cookie,并将信息存入到session域(方便这次会话)中,到此便会将main.jsp页面刷新,展示一个已登录用户该看到的页面,以及提供注销功能
用户可以关掉浏览器窗口进行测试,只要用户cookie还未过期,无论什么时候访问main.jsp都是已登录的
main.jsp
<%@ page import="java.io.PrintWriter" %> <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>首页 <% PrintWriter printWriter= response.getWriter(); String path=request.getContextPath(); if (session.getAttribute("user")==null){ printWriter.write("您还未登录,请登录
"); }else { printWriter.write("Hello,欢迎您admin先生/女士,这是主页
"); printWriter.write("你可以选择 1:关闭当前窗口,再次访问"+path+"/main.jsp测试是否自动登录
"); printWriter.write("你可以选择 2:注销退出"); } %>login.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>登录页 测试账号:admin 123456
web.xml
main.jsp LogoutServlet LogoutServlet com.Homework.logout.LogoutServlet LogoutServlet /LogoutServlet LoginServlet LoginServlet com.Homework.login.LoginServlet LoginServlet /LoginServlet AutoLoginFilter AutoLoginFilter com.Homework.login.AutoLoginFilter AutoLoginFilter /* 实体类
package com.Homework.pojo; public class User { //封装用户的属性 private String username; private String password; public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } @Override public String toString() { return "User{" + "username='" + username + ''' + ", password='" + password + ''' + '}'; } }LoginServlet类—处理登录请求
package com.Homework.login; import com.Homework.pojo.User; import javax.servlet.ServletException; import javax.servlet.http.cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; public class LoginServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // 获得用户名和密码 request.setCharacterEncoding("utf-8"); String username = request.getParameter("username"); String password = request.getParameter("password"); // 验证输入用户名和密码是否正确 if ("admin".equals(username) && "123456".equals(password)) { // 将用户状态存入session域 User user = new User(); user.setUsername(username); user.setPassword(password); request.getSession().setAttribute("user", user); // 发送自动登录的cookie String autoLoginTime = request.getParameter("autoLoginTime"); if (autoLoginTime != null) { // 注意 cookie 中的密码要加密 cookie cookie = new cookie("autoLoginUser", username + "-" + password); cookie.setMaxAge(Integer.parseInt(autoLoginTime)*60); response.addcookie(cookie); } // 跳转至首页 转发 response.sendRedirect(request.getContextPath()+"/main.jsp"); } else { request.setAttribute("errerMsg", "用户名或密码错误"); request.getRequestDispatcher("/login.jsp").forward(request,response); } } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { } }拦截器—配置了拦截所有请求
package com.Homework.login; import com.Homework.pojo.User; import javax.servlet.*; import javax.servlet.http.cookie; import javax.servlet.http.HttpServletRequest; import java.io.IOException; public class AutoLoginFilter implements Filter { public void init(FilterConfig filterConfig) throws ServletException { System.out.println("------hello"); } public void doFilter(ServletRequest req, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; // 下次用户请求被拦截后,执行以下代码实现自动登录功能!!! // 获得一个名为 autoLoginUser 的cookie cookie[] cookies = request.getcookies(); String autoLoginMsg = null; for (int i = 0; cookies != null && i < cookies.length; i++) { if ("autoLoginUser".equals(cookies[i].getName())) { // 找到了指定的cookie // 获取登录用户信息:admin-123456 autoLoginMsg = cookies[i].getValue(); break; } } if (autoLoginMsg != null) { // 做自动登录 String[] parts = autoLoginMsg.split("-"); String username = parts[0]; String password = parts[1]; // 检查用户名和密码 if ("admin".equals(username)&&("123456").equals(password)) { // 登录成功,将用户状态 user 对象存入 session域 User user = new User(); user.setUsername(username); user.setPassword(password); request.getSession().setAttribute("user", user); } } // 放行 chain.doFilter(request, response); } public void destroy() { } }LogoutServlet—处理注销请求
package com.Homework.logout; import javax.servlet.ServletException; import javax.servlet.http.cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; public class LogoutServlet extends HttpServlet { private static final long serialVersionUID = 1L; public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // 用户注销 request.getSession().removeAttribute("user"); // 从客户端删除自动登录的cookie cookie cookie = new cookie("autoLoginUser", "msg"); cookie.setPath(request.getContextPath()); cookie.setMaxAge(0); response.addcookie(cookie); // 转发 response.sendRedirect(request.getContextPath()+"/main.jsp"); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { } }
