實現用戶的自動登錄：
解決方案：
設置一個全站攔截的過慮器。
在此過慮器中，讀取用戶帶過來的Cookie信息，然后從中讀取用戶的用戶名和密碼，自動幫助用戶登錄。
即可實現自動登錄功能。

用Filter驗證用戶是否已經登錄過。已經登錄過了，我們就根據他選擇的自動登錄來選擇讓他在多久內能自動登錄。

IP黑名單過濾就很簡單了，只要在Filter過濾器防范一下就OK。
在init方法中，我們先把黑名單的IP加載進Set<String> set集合，
Set集合有如下特點:

Java.util.HashSet類實現了Java.util.Set接口。 1 它不允許出現重復元素； 2 不保證和政集合中元素的順序 3 允許包含值為null的元素，但最多只能有一個null元素。contains方法:當且僅當 本set包含一個元素 e，并且滿足(o==null ? e==null : o.equals(e))條件時,contains()方法才返回true. 因此 contains()方法 必定使用equals方法來檢查是否相等.需要注意的是: set 中是可以包含 null值的(常見的集合類都可以包含null值). 所以如果添加了null,然后判斷是否包含null,將會返回true

黑名單IP過濾:

package cn.hncu.pubs;import java.io.IOException; import java.util.HashSet; import java.util.Set;import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse;public class CharacterFilter implements Filter{private String charset;//黑名單private Set<String> set = new HashSet<String>();@Overridepublic void init(FilterConfig filterConfig) throws ServletException {charset = filterConfig.getInitParameter("charset");//到數據庫中把黑名單加載進來，這里簡單模擬一下set.add("192.168.31.168");}@Overridepublic void doFilter(ServletRequest request, ServletResponse response,FilterChain chain) throws IOException, ServletException {request.setCharacterEncoding(charset);//以下演示黑名單過濾技術String ip = request.getRemoteAddr();;//獲得客戶端的IPif(set.contains(ip)){HttpServletResponse resp = (HttpServletResponse) response;resp.setContentType("text/html;charset=utf-8");resp.getWriter().println("你已被列入黑名單!");}else{//放行chain.doFilter(request, response);}}@Overridepublic void destroy() {}}

配置web.xml：

<filter><filter-name>character</filter-name><filter-class>cn.hncu.pubs.CharacterFilter</filter-class><init-param><param-name>charset</param-name><param-value>utf-8</param-value> </init-param></filter><filter-mapping><filter-name>character</filter-name><url-pattern>/*</url-pattern></filter-mapping>

這樣就可以防止IP在黑名單的用戶訪問我們的網站了！

用戶的自動登錄

User值對象:

package cn.hncu.domain;/*** @author 陳浩翔** 2016-8-18*/ public class User {private String name;private String pwd;public User() {super();}public String getName() {return name;}public void setName(String name) {this.name = name;}public String getPwd() {return pwd;}public void setPwd(String pwd) {this.pwd = pwd;} }

LoginServlet.java：

package cn.hncu.servlet;import java.io.IOException; import java.io.PrintWriter; import java.net.URLEncoder;import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse;import cn.hncu.domain.User;public class LoginServlet extends HttpServlet {public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {doPost(request, response);}public void doPost(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {//從頁面接收登錄信息String name = request.getParameter("name");String pwd = request.getParameter("pwd");String time = request.getParameter("time");//System.out.println(name+","+pwd+","+time);User user = new User();user.setName(name);user.setPwd(pwd);if(name!=null && name.trim().length()!=0 && pwd!=null){if(name.equals(pwd)){//按理應該到后臺去驗證登錄是否成功，這里直接以用戶名和密碼相同為登錄成功request.getSession().setAttribute("user", user);//登錄成功，就往客戶端寫一個cookie,將用戶名和密碼存到cookie中-應該進行加密!//為了能夠兼容中文，要進行編碼name = URLEncoder.encode(name, "utf-8");pwd = URLEncoder.encode(pwd, "utf-8");Cookie cookie = new Cookie("autoLogin", name+"#!#"+pwd);cookie.setPath(request.getContextPath());//權限：本項目中的類都可以訪問該cookie//有效期cookie.setMaxAge( 60 * Integer.parseInt(time) );response.addCookie(cookie);//存儲到客戶端}else{request.getSession().setAttribute("error", "密碼錯誤!");}}else{request.getSession().setAttribute("error", "請輸入用戶名!");}response.sendRedirect(request.getContextPath()+"/index.jsp");}}

index.jsp:

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html><head><title>演示利用Filter實現自動登錄</title></head><body><h2>主頁-演示利用Filter實現自動登錄</h2><c:if test="${!empty sessionScope.error}"><font color="red">${sessionScope.error}</font><c:remove var="error" scope="session"/></c:if><c:if test="${empty sessionScope.user}" var="boo"><form action="<c:url value='/LoginServlet'/>" method="post">Name:<input type="text" name="name"><br/><br/><!-- 這里為了演示清楚，就直接用text了 -->&nbsp;Pwd:<input type="text" name="pwd"><br/><fieldset><legend>自動登錄</legend><input type="radio" name="time" value="0" checked="checked">不自動登錄<br/><input type="radio" name="time" value="1" >1分鐘<br/><input type="radio" name="time" value="60" >1小時<br/><input type="radio" name="time" value="86400" >1天<br/><input type="radio" name="time" value="604800" >1周<br/><input type="radio" name="time" value="2592000" >一個月<br/></fieldset><input type="submit" value="登錄"></form> </c:if><c:if test="${!boo}">${user.name},歡迎回來。<a href="<c:url value='/CancelAutoLoginServlet'/>">取消自動登錄</a></c:if></body> </html>

CancelAutoLoginServlet.java-取消自動登錄：

package cn.hncu.servlet;import java.io.IOException; import java.io.PrintWriter;import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse;public class CancelAutoLoginServlet extends HttpServlet {public void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {doPost(request, response);}public void doPost(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {//取消自動登錄，其實就是刪除CookieCookie cookie = new Cookie("autoLogin", "");cookie.setPath(request.getContextPath());//這個路徑必須和原來的設置為一樣，否則沒用的cookie.setMaxAge(0);//有效期為0即是刪除response.addCookie(cookie);response.sendRedirect(request.getContextPath()+"/index.jsp");} }

AutoLoginFilter.java-自動登錄:

package cn.hncu.filter;import java.io.IOException; import java.net.URLDecoder;import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest;import cn.hncu.domain.User;public class AutoLoginFilter implements Filter {@Overridepublic void init(FilterConfig filterConfig) throws ServletException {}@Overridepublic void doFilter(ServletRequest request, ServletResponse response,FilterChain chain) throws IOException, ServletException {HttpServletRequest req = (HttpServletRequest) request;if(req.getSession().getAttribute("user")==null){//還沒有登錄，幫你自動登錄Cookie cs[] = req.getCookies();if(cs!=null){for(Cookie c :cs){//找"autoLogin"這個cookieif(c.getName().equals("autoLogin")){String str = c.getValue();String vals[] = str.split("#!#");String name = URLDecoder.decode(vals[0], "utf-8");String pwd = URLDecoder.decode(vals[1], "utf-8");//...//這里應該再去后臺數據庫驗證是否登錄能夠成功,這里我就直接以兩者相等來判斷if(name.equals(pwd)){//如果成功則返回一個user對象User user = new User();user.setName(name);user.setPwd(pwd);req.getSession().setAttribute("user", user);break;}}}}}chain.doFilter(req, response);//放行}@Overridepublic void destroy() {} }

web.xml:

<?xml version="1.0" encoding="UTF-8"?> <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"><display-name></display-name><filter><filter-name>character</filter-name><filter-class>cn.hncu.pubs.CharacterFilter</filter-class><init-param><param-name>charset</param-name><param-value>utf-8</param-value> </init-param></filter><filter><filter-name>autoLogin</filter-name><filter-class>cn.hncu.filter.AutoLoginFilter</filter-class></filter><filter-mapping><filter-name>character</filter-name><url-pattern>/*</url-pattern></filter-mapping><filter-mapping><filter-name>autoLogin</filter-name><url-pattern>/*</url-pattern></filter-mapping><servlet><servlet-name>CancelAutoLoginServlet</servlet-name><servlet-class>cn.hncu.servlet.CancelAutoLoginServlet</servlet-class></servlet><servlet><servlet-name>LoginServlet</servlet-name><servlet-class>cn.hncu.servlet.LoginServlet</servlet-class></servlet><servlet-mapping><servlet-name>CancelAutoLoginServlet</servlet-name><url-pattern>/CancelAutoLoginServlet</url-pattern></servlet-mapping><servlet-mapping><servlet-name>LoginServlet</servlet-name><url-pattern>/LoginServlet</url-pattern></servlet-mapping><welcome-file-list><welcome-file>index.jsp</welcome-file></welcome-file-list> </web-app>

代碼里面都有注釋!

實現的功能就是自動登錄和取消自動登錄。

主要利用了過濾器。還有用到cookie技術。

完整項目鏈接:
https://github.com/chenhaoxiang/Java/tree/master/myAutoLoginWeb
myAutoLoginWeb.zip文件

轉載請附上原文博客鏈接：

http://blog.csdn.net/qq_26525215

總結

以上是生活随笔為你收集整理的JavaWeb-过滤器Filter学习(三)实现用户的自动登录与IP黑名单过滤的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。