Use SSH filters and cookies to enable automatic login for 2 weeks without exiting

Source: Internet
Author: User

First, we need to make a check box under the login interface. After the check box is selected, automatic logon will take 2 weeks, and automatic logon will not be canceled unless you click exit.

 

View the logon Action Code

…………if (!(lf.get("auto_login") == null)) {int times = 1000 * 60 * 60 * 24 * 14;AutoLoginModel alm = new AutoLoginModel();alm.setUsername(username);alm.setSessionid(hs.getId());alm.setTimes(new Date().getTime() + times);Cookie cookie = new Cookie("auto_users", username);cookie.setPath("/");cookie.setMaxAge(times);response.addCookie(cookie);cookie = new Cookie("auto_id", hs.getId());cookie.setPath("/");cookie.setMaxAge(times);response.addCookie(cookie);us.addLoginInfo(alm);}return mapping.findForward("to_login_suc");…………

Code snippet

1. Check whether automatic logon is selected. If yes, the user name, sessionid and expiration time of this logon are encapsulated in the database, and the cookie of the user name and sessionid is generated.

2. Be sure to set path ("/"). Why? If this is not done, the cookie domain is different, and the cookie cannot be obtained from other pages.

In this way, the cookie at login has been recorded, and how can we determine automatic login?

We need to write a filter to listen to all requests. Then, when a cookie exists, the user name and password are recorded.

Then we extract the cookie. At the same time, we need to determine whether there is any user login information in the session at this time. If there is, nothing will be done. If not, continue to the step, then retrieve the information recorded last time from the database, and then compare, if the user name and sessionid in the cookie are the same as the latest records read from the database and the number of milliseconds compared with the current time, if the user information is not expired, the user information is retrieved and saved in the session, in this way, automatic login is complete!

Let's look at the interceptor code.

............ Public void dofilter (servletrequest arg0, servletresponse arg1, filterchain arg2) throws ioexception, servletexception {httpservletrequest request = (httpservletrequest) arg0; cookie [] cookies = request. getcookies (); If (cookies! = NULL) {If (cookies. length> 1) {httpsession HS = request. getsession (); usersmodel um = (usersmodel) HS. getattribute ("users_info"); If (UM = NULL) {string username = ""; string sessionid = ""; for (INT I = 0; I <cookies. length; I ++) {cookie = Cookies [I]; If (cookie. getname (). equalsignorecase ("auto_users") {username = cookie. getvalue (); // obtain the cookie username} If (cookie. getname (). equalsignorecase ("Au To_id ") {sessionid = cookie. getvalue (); // obtain the Cookie's sessionid} If (! (Username. equals ("") | sessionid. equals ("") {string store_path = request. getservletcontext (). getrealpath ("/WEB-INF/"); applicationcontext context = new filesystemxmlapplicationcontext (store_path + "/applicationcontext. XML "); usersservice US = (usersservice) context. getbean ("usersservice"); autologinmodel ALM = us. getlogininfo (username); If (ALM. getUserName (). equals (username) & ALM. getsessionid (). equ ALS (sessionid) & new date (). gettime () <ALM. gettimes () {HS. setattribute ("users_info", us. getusers (username);} else {httpservletresponse response = (httpservletresponse) arg1; For (Cookie: cookies) {If ("auto_users ". equals (cookie. getname () {cookie = new cookie ("auto_users", ""); cookie. setpath ("/"); cookie. setmaxage (0); response. addcookie (cookie);} If ("auto_id ". equals (cookie. getname () {Co Okie = new cookie ("auto_id", ""); cookie. setpath ("/"); cookie. setmaxage (0); response. addcookie (cookie) ;}}}}} arg2.dofilter (arg0, arg1 );}..................

As for how to configure the filter, I will not talk about it here.

 

Finally, exit
Clear cookies and delete records stored in the database

…………HttpSession hs = request.getSession();UsersModel um = (UsersModel) hs.getAttribute("users_info");Cookie[] cookies = request.getCookies();if (cookies != null) {for (Cookie cookie : cookies) {if ("auto_users".equals(cookie.getName())) {cookie = new Cookie("auto_users", "");cookie.setMaxAge(0);cookie.setPath("/");response.addCookie(cookie);}if ("auto_id".equals(cookie.getName())) {cookie = new Cookie("auto_id", "");cookie.setMaxAge(0);cookie.setPath("/");response.addCookie(cookie);}}us.delLoginInfo(um.getUsername());}hs.invalidate();return (mapping.findForward("to_login"));…………

The automatic login function is complete. I thought about the results of one day.

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.