filter的简介
filter是对客户端访问资源的过滤,符合条件放行,不符合条件不放行,并且可以对目 标资源访问前后进行逻辑处理
步骤:
思路: 前台有一个 <input type="checkbox" name="autoLogin" value="autoLogin"> 自动登录,当判断选中的时候,把username和password存到cookie中,当你关闭浏览器,再次打开的时候,先经过filter,判断cookie中是否有username和password,如果有,取出来,从数据库中查到user,存到session中,chain.doFilter(request, response);放行,就达到自动登陆的目的。
- 编写一个过滤器的类实现Filter接口
- 实现接口中尚未实现的方法(着重实现doFilter方法)
- 在web.xml中进行配置(主要是配置要对哪些资源进行过滤)
前台是一个form表单login.jsp
success.jsp 成功就可以取出session中的user
<c:if test="${empty user }">
<li><a href="login.jsp">登录</a></li>
<li><a href="register.jsp">注册</a></li>
</c:if>
<c:if test="${!empty user }">
<li>欢迎您,${user.username }</li>
<li><a href="#">退出</a></li>
</c:if>
1. 编写servlet
request.setCharacterEncoding("UTF-8");
String username = request.getParameter("username");
String password = request.getParameter("password");
HttpSession session = request.getSession();
loginService loginService = new loginService();
User user = null;
try {
//从数据库中根据username和password查询user
user = loginService.findUser(username,password);
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
if(user!=null) {
String autoLogin = request.getParameter("autoLogin");
if(autoLogin!=null) {
//对username进行编码(如果是中文)
String username_code = URLEncoder.encode(username, "UTF-8");
//username和password cookie
Cookie cookie_username = new Cookie("username1",username_code);
Cookie cookie_password = new Cookie("password1",user.getPassword());
//设置存活时间
cookie_username.setMaxAge(60*60);
cookie_password.setMaxAge(60*60);
//设置访问路径
cookie_username.setPath(request.getContextPath());
cookie_password.setPath(request.getContextPath());
response.addCookie(cookie_username);
response.addCookie(cookie_password);
}
//存在session中
session.setAttribute("user", user);
response.sendRedirect(request.getContextPath());
}else {
System.out.println(username);
request.setAttribute("loginInfo", "用户名或密码错误");
request.getRequestDispatcher("/login.jsp").forward(request, response);
}
2.过滤器的类实现Filter接口
package web.filter;
import java.io.IOException;
import java.sql.SQLException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.ithiema.domain.User;
import com.ithiema.service.loginService;
public class AutoLogin implements Filter{
@Override
public void destroy() {
// TODO Auto-generated method stub
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
String cookie_username = null;
String cookie_password = null;
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
HttpSession session = request.getSession();
Cookie[] cookies = request.getCookies();
if(cookies!=null) {
for(Cookie cookie:cookies) {
if("username1".equals(cookie.getName())) {
cookie_username = cookie.getValue();
}
if("password1".equals(cookie.getName())) {
cookie_password = cookie.getValue();
}
}
}
if(cookie_username!=null&&cookie_password!=null) {
loginService loginService = new loginService();
User user = null;
try {
//取出username和password 从数据库中查user
user = loginService.findUser(cookie_username, cookie_password);
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
session.setAttribute("user", user);
}
//放行
chain.doFilter(request, response);
}
@Override
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
}
}
3.web.xml中添加这个
<filter>
<filter-name>AutoLoginFilter</filter-name>
<filter-class>web.filter.AutoLogin</filter-class>
</filter>
<filter-mapping>
<filter-name>AutoLoginFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>