Automatic login is to help users log in without entering their username and password again when using this web page many times.
Automatic login means that the user saves the user's login information and person to a local file cookie.
Name,value - new cookie(key,value);
Path-Default value is the path where the serlvet that currently saves the cookie is located.
If the cookie is in such a path: http://loclhost:8080/project/abc/AServlet
Then the path of the cookie is: http://loclhost/project/abc
Then it means:
Only the servlet located in the http://loclhost/project/abc directory can read the value of this cookie.
if:
Save the cookie class: http://loclhost:8080/project/a/b/AServlet
Then the default path of the cookie is: http://loclhost/project/a/b
Step 1: Develop a login page
<c:choose> <c:when test="${empty sessionScope.name}"> <form name="x" method="post" action="<c:url value='/LoginServlet'/>"> Name:<input type="text" name="name"/><br/> auto: <input type="radio" name="auto" value="-1">No automatic login<br/> <input type="radio" name="auto" value="1">1 day<br/> <input type="radio" name="auto" value="7">1 week<br/> <input type="submit"/> </form> </c:when> <c:otherwise> You are already logged in:${name}<br/> <a href="<c:url value='/LoginServlet'//>">LoginServlet'/LoginServlet'//">LoginServlet</a> </c:otherwise></c:choose>Step 2: Save cookies successfully
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //Receive user name String name = request.getParameter("name"); String auto = request.getParameter("auto"); //Put user information in session request.getSession().setAttribute("name",name); //Defend whether auto is -1 if(!auto.equals("-1")){ int day = Integer.parseInt(auto); //1|7 int seconds = 60*60*24*day; //Declare cookie Cookie c = new Cookie("autoLogin",name); c.setMaxAge(seconds); c.setPath(request.getContextPath()); //Save cookie response.addCookie(c); } }Step 3: Automatic login should be achieved if you require access to any page in this website.
Write a scrutinizer to consider all url=/*. Read all cookies in doFilter. Is there a name cookie with the name autoLogin?
Always let go.
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { //Read cookie here HttpServletRequest req = (HttpServletRequest) request; //Get all cookies Cookies[] cs = req.getCookies(); if(cs!=null){ for(Cookie c:cs){ if(c.getName().equals("autoLogin")){//If there is a cookie that is automatically logged in String value = c.getValue();//User name//Login successfully refers to req.getSession().setAttribute("name", value); break; } } } // Regardless of whether it is automatically logged into chain.doFilter(request, response); }Fourth involves: configure all urls=/* in web.xml
<filter> <filter-name>auto</filter-name> <filter-class>cn.itcast.filter.AutoFilter</filter-class> </filter> <filter-mapping> <filter-name>auto</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
Step 5: Development Exit
System.err.println("User Exit"); //Delete the entire session request.getSession().invalidate(); Cookie c = new Cookie("autoLogin", "ddd"); c.setMaxAge(0); c.setPath(request.getContextPath()); response.addCookie(c); // request.getSession().removeAttribute("name"); response.sendRedirect(request.getContextPath()+"/index.jsp");Step 6: Optimize the code
Since the user will also enter the doFilter method of AutoFiilter when logging in manually, and read all cookies to traverse it once. And this traversal is redundant for the user.
Therefore, the LoginServet url should be used in doFiler.
And you cannot log in automatically when logging out.
Supplementary knowledge points:
Verify that the user is logged in
package cn.hongxin.filter;import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession; public class LoginFilter implements Filter{ public void init(FilterConfig filterConfig) throws ServletException { } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { //Forcing request to http... HttpServletRequest req = (HttpServletRequest) request; //Get session HttpSession ss = req.getSession(); //Get user from session if(ss.getAttribute("user")==null){ System.err.println("You are not logged in yet"); req.getSession().setAttribute("msg", "Please log in first"); //Redirect to login HttpServletResponse resp = (HttpServletResponse) response; resp.sendRedirect(req.getContextPath()+"/index.jsp"); [W2] }else{ //Release chain.doFilter(request, response); } } public void destroy() { }}Configure into web.xml and consider jsps/*:
<filter> <filter-name>login</filter-name> <filter-class>cn.itcast.filter.LoginFilter</filter-class> </filter> <filter-mapping> <filter-name>login</filter-name> <url-pattern>/jsps/*</url-pattern> <url-pattern>/views/*</url-pattern> </filter-mapping>
The above is all about this article, I hope it will be helpful to everyone's learning.