Java:Cookie实现记住用户名密码
Posted 步履不停
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Java:Cookie实现记住用户名密码相关的知识,希望对你有一定的参考价值。
package com.gamecenter.api.util; import java.io.IOException; import java.io.PrintWriter; import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import com.gamecenter.api.common.UserInfo; /** * 类说明 * @author chitu * @version 创建时间:2016年11月21日 下午1:39:51 */ public class CookieUtil { //保存cookie时的cookieName private final static String cookieDomainName = "gamecenter"; //加密cookie时的网站自定码 private final static String webKey = "gamecenter"; //设置cookie有效期是两个星期,根据需要自定义 private final static long cookieMaxAge = 60 * 60 * 24 * 7 * 2; //保存Cookie到客户端------------------------------------------------------------------------- //在CheckLogonServlet.java中被调用 //传递进来的user对象中封装了在登陆时填写的用户名与密码 public static void saveCookie(String username,String password, HttpServletResponse response) throws Exception { //cookie的有效期 long validTime = System.currentTimeMillis() + (cookieMaxAge * 5000); //MD5加密用户详细信息 String cookieValueWithMd5 =getMD5(username + ":" + password+ ":" + validTime + ":" + webKey); //将要被保存的完整的Cookie值 String cookieValue = username + ":" + validTime + ":" + cookieValueWithMd5; //再一次对Cookie的值进行BASE64编码 String cookieValueBase64 = new String(Base64Util.encode(cookieValue.getBytes())); //开始保存Cookie Cookie cookie = new Cookie(cookieDomainName, cookieValueBase64); //存两年(这个值应该大于或等于validTime) cookie.setMaxAge(60 * 60 * 24 * 365 * 2); //cookie有效路径是网站根目录 cookie.setPath("/"); //向客户端写入 response.addCookie(cookie); } //读取Cookie,自动完成登陆操作---------------------------------------------------------------- //在Filter程序中调用该方法,见AutoLogonFilter.java public static void readCookieAndLogon(HttpServletRequest request, HttpServletResponse response,FilterChain chain) throws IOException, ServletException,UnsupportedEncodingException{ //根据cookieName取cookieValue Cookie cookies[] = request.getCookies(); String cookieValue = null; if(cookies!=null){ for(int i = 0; i < cookies.length; i++){ if (cookieDomainName.equals(cookies[i].getName())) { cookieValue = cookies[i].getValue(); break; } } } //如果cookieValue为空,返回, if(cookieValue==null){ return; } //如果cookieValue不为空,才执行下面的代码 //先得到的CookieValue进行Base64解码 String cookieValueAfterDecode = new String (Base64Util.decode(cookieValue),"utf-8"); //对解码后的值进行分拆,得到一个数组,如果数组长度不为3,就是非法登陆 String cookieValues[] = cookieValueAfterDecode.split(":"); if(cookieValues.length!=3){ response.setContentType("text/html;charset=utf-8"); PrintWriter out = response.getWriter(); out.println("你正在用非正常方式进入本站..."); out.close(); return; } //判断是否在有效期内,过期就删除Cookie long validTimeInCookie = new Long(cookieValues[1]); if(validTimeInCookie < System.currentTimeMillis()){ //删除Cookie clearCookie(response); response.setContentType("text/html;charset=utf-8"); PrintWriter out = response.getWriter(); out.println("你的Cookie已经失效,请重新登陆"); out.close(); return; } //取出cookie中的用户名,并到数据库中检查这个用户名, String username = cookieValues[0]; //根据用户名到数据库中检查用户是否存在 UserDAO ud = DaoImplFactory.getInstance(); User user = ud.selectUserByUsername(username); //如果user返回不为空,就取出密码,使用用户名+密码+有效时间+ webSiteKey进行MD5加密 if(user!=null){ String md5ValueInCookie = cookieValues[2]; String md5ValueFromUser =getMD5(user.getUserName() + ":" + user.getPassword() + ":" + validTimeInCookie + ":" + webKey); //将结果与Cookie中的MD5码相比较,如果相同,写入Session,自动登陆成功,并继续用户请求 if(md5ValueFromUser.equals(md5ValueInCookie)){ HttpSession session = request.getSession(true); session.setAttribute("user", user); chain.doFilter(request, response); } }else{ //返回为空执行 response.setContentType("text/html;charset=utf-8"); PrintWriter out = response.getWriter(); out.println("cookie验证错误!"); out.close(); return; } } //用户注销时,清除Cookie,在需要时可随时调用----------------------------------------------------- public static void clearCookie( HttpServletResponse response){ Cookie cookie = new Cookie(cookieDomainName, null); cookie.setMaxAge(0); cookie.setPath("/"); response.addCookie(cookie); } //获取Cookie组合字符串的MD5码的字符串---------------------------------------------------------------- public static String getMD5(String value) { String result = null; try{ byte[] valueByte = value.getBytes(); MessageDigest md = MessageDigest.getInstance("MD5"); md.update(valueByte); result = toHex(md.digest()); } catch (NoSuchAlgorithmException e){ e.printStackTrace(); } return result; } //将传递进来的字节数组转换成十六进制的字符串形式并返回 private static String toHex(byte[] buffer){ StringBuffer sb = new StringBuffer(buffer.length * 2); for (int i = 0; i < buffer.length; i++){ sb.append(Character.forDigit((buffer[i] & 0xf0) >> 4, 16)); sb.append(Character.forDigit(buffer[i] & 0x0f, 16)); } return sb.toString(); } }
以上是关于Java:Cookie实现记住用户名密码的主要内容,如果未能解决你的问题,请参考以下文章