利用Servlet实现用户永久登录
在Servlet中通过Cookie技术实现,在Servlet中输入用户账号,密码和有效期,将账号信息保存在Cookie中,设置Cookie的最大保存时间,将此Cookie保存在客户端的Cookie中
使用MD5加密技术,通过MD5加密技术将用户账号生成一个**并保存在Cookie中,然后再用户登录中,根据该**来判断用户显示的是用户登录还是登陆后的状态。MD5加密技术通过java.security.Message.Digest类实现的
MakeMD5类,加密
import java.security.MessageDigest;
public class MakeMD5 {
public final static String getMD5(String str){
char hexDiagitArr[]={'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
MessageDigest digest=null;
try{
digest=MessageDigest.getInstance("MD5"); //创建MD5算法摘要
digest.update(str.getBytes()); //更新摘要
byte mdBytes[]=digest.digest(); //加密并返回字节数组
//新建字符数组,长度为myBytes字节数组的2倍,用于保存加密后的值
char newCArr[]=new char[mdBytes.length*2];
int k=0;
for(int i=0;i<mdBytes.length;i++){ //循环字符串组
byte byte0=mdBytes[i]; //获得每一个字节
newCArr[k++]=hexDiagitArr[byte0>>>4&0xf];
newCArr[k++]=hexDiagitArr[byte0&0xf];
}
return String.valueOf(newCArr); //返回加密后的字符串
}catch(Exception ex){
ex.printStackTrace();
}
return null;
}
}
index.jsp页面,第一次访问显示登陆页面,第二次访问判断Servlet返回的Cookie信息,根据Cookie信息来决定是否显示用户登录之后的信息
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ page import="com.cn.zj.tool.MakeMD5" %>
<%@ page import="java.net.URLDecoder" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<%
boolean loginFlag = false; //设置一个变量 ,用于保存是否登录
String account = null ; //声明用于保存从Cookie中读取的账号
String md5Account = null; //声明用于保存从Cookie中读取的加密的账号
Cookie cookieArr[] = request.getCookies(); //获取请求中所有的Cookie
if(cookieArr!=null&&cookieArr.length>0){
for(Cookie cookie : cookieArr){ //循环Cookie数组
if(cookie.getName().equals("account")){
account = cookie.getValue(); //找到账号的Cookie值
account = URLDecoder.decode(account,"UTF-8");//解码 ,还原中文字符串的值
}
if(cookie.getName().equals("md5Account")){
md5Account = cookie.getValue(); //找到加密账号的Cookie值
}
}
}
if(account!=null&&md5Account!=null){
loginFlag = md5Account.equals(MakeMD5.getMD5(account));
}
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>利用Cookie实现永久登录</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
<style type="text/css">
.style1{
width: 400px;
height: 200px;
border: 1px solid;
border-color: green;
}
table{
font-size: 14px;
color: navy;
font-family: 楷体;
}
input{
font-size: 14px;
color: navy;
font-family: 楷体;
}
.btn{
font-size: 14px;
background-color:orange;
color: white;
font-family: 楷体;
}
</style>
</head>
<body>
<%
if(loginFlag){
%>
<fieldset class="style1" >
<legend>欢迎您回来</legend>
<table align="center">
<tr>
<td><%=account %>,欢迎您登录本网站!</td>
<td align="center">
<a href="<%=basePath%>foreverlogin?action=logout">注销登录</a>
</td>
</tr>
</table>
</fieldset>
<%}else{ %>
<fieldset class="style1">
<legend>用户登录</legend>
<form action="foreverlogin?action=login" method="post">
<table align="center">
<tr>
<td>账号:</td>
<td><input type="text" name="account"></td>
</tr>
<tr>
<td>密码:</td>
<td><input type="password" name="pwd"></td>
</tr>
<tr>
<td>有效期:</td>
<td>
<input type="radio" name="timeout" value="-1" checked="checked">关闭浏览器即失效<br/>
<input type="radio" name="timeout" value="<%=30*24*60*60 %>">30天内有效<br/>
<input type="radio" name="timeout" value="<%=Integer.MAX_VALUE %>">永久有效
</td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" value="登 录" ></td>
</tr>
</table>
</form>
</fieldset>
<%} %>
</body>
</html>
ForeverLoginServlet类,判断调用用户登录方法或用户注销的方法
import java.io.IOException;
import java.io.PrintWriter;
import java.net.URLEncoder;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.cn.zj.tool.MakeMD5;
public class ForeverLoginServlet extends HttpServlet {
/**
* Constructor of the object.
*/
public ForeverLoginServlet() {
super();
}
/**
* Destruction of the servlet. <br>
*/
public void destroy() {
super.destroy(); // Just puts "destroy" string in log
// Put your code here
}
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("UTF-8"); //设置请求编码格式
response.setCharacterEncoding("UTF-8"); //设置响应编码格式
String action = request.getParameter("action");//获得action参数,主要判断是登录还是注销
if("login".equals(action)){
this.login(request, response); //调用login方法
}else if("logout".equals(action)){
this.logout(request, response); //调用logout方法
}
}
/**
* 该方法处理用户登录
* @param request
* @param response
* @throws ServletException
* @throws IOException
*/
public void login(HttpServletRequest request,HttpServletResponse response)
throws ServletException, IOException{
String account = request.getParameter("account"); //获得账号
String pwd = request.getParameter("pwd"); //获得密码
int timeout= Integer.parseInt(request.getParameter("timeout"));//获得登录保存时间的期限
String md5Account = MakeMD5.getMD5(account); //将账号加密
account = URLEncoder.encode(account,"UTF-8"); //如果账号是中文,需要转换Unicode才能保存在Cookie中
Cookie accountCookie = new Cookie("account",account);//将账号保存在Cookie中
accountCookie.setMaxAge(timeout); //设置账号Cookie的最大保存时间
Cookie md5AccountCookie = new Cookie("md5Account",md5Account);//将加密后的账号保存在Cookie中
md5AccountCookie.setMaxAge(timeout); //设置加密后的账号最大保存时间
response.addCookie(accountCookie); //写到客户端的Cookie中
response.addCookie(md5AccountCookie); //写到客户端的Cookie中
try {
Thread.sleep(1000); //将此线程暂停1秒后继续执行
} catch (InterruptedException e) {
e.printStackTrace();
}
//将页面重定向到用户登录页
response.sendRedirect("index.jsp?"+System.currentTimeMillis());
}
/**
* 该方法处理用户注销
* @param request
* @param response
* @throws ServletException
* @throws IOException
*/
public void logout(HttpServletRequest request,HttpServletResponse response)
throws ServletException, IOException{
Cookie accountCookie = new Cookie("account",""); //创建一个空的Cookie
accountCookie.setMaxAge(0); //设置此Cookie保存时间为0
Cookie md5AccountCookie = new Cookie("md5Account","");//创建一个空的Cookie
md5AccountCookie.setMaxAge(0); //设置此Cookie保存时间为0
response.addCookie(accountCookie); //写到客户端Cookie中,将覆盖名为account的Cookie
response.addCookie(md5AccountCookie); //写到客户端Cookie中,将覆盖名为md5AccountCookie的Cookie
try {
Thread.sleep(1000); //将此线程暂停1秒后继续执行
} catch (InterruptedException e) {
e.printStackTrace();
}
//将页面重定向到用户登录页
response.sendRedirect("index.jsp?"+System.currentTimeMillis());
}
public void init() throws ServletException {
}
}
web.xml文件配置
<servlet>
<servlet-name>ForeverLoginServlet</servlet-name>
<servlet-class>com.cn.zj.Servlet.ForeverLoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>ForeverLoginServlet</servlet-name>
<url-pattern>/foreverlogin</url-pattern>
</servlet-mapping>