我操,在struts2 的action中操作cookie怎么就这么蛋疼啊,这是我的代码,我他妈的不知道哪里错了,快一个星期了,弄这个鸡巴cookie,人都崩溃了,难道就没人在action中操作过cookie吗?package com.zuwoba.presentation.action.account;import java.util.Map;import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;import org.apache.struts2.ServletActionContext;
import org.apache.struts2.StrutsStatics;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;import com.opensymphony.xwork2.ActionContext;
import com.zuwoba.model.User;
import com.zuwoba.model.UserSession;
import com.zuwoba.presentation.action.base.BaseAction;
import com.zuwoba.util.EmailLoginAddress;
import com.zuwoba.util.MD5_Encoding;/**
* @project_name zuwoba
* @file_name LoginAction.java
* @author tianhandigeng
* @version Oct 25, 2010 2:53:04 PM
* @declaration
*/
public class LoginAction extends BaseAction implements ServletRequestAware,ServletResponseAware{
private String email_username;
private String password;
private String captcha;
private String autologin; private HttpServletRequest request;
private HttpServletResponse response;
// 提示窗口
private String hint;
private String tip; public String getTip() {
return tip;
} public void setTip(String tip) {
this.tip = tip;
} public String getPassword() {
return password;
} public void setPassword(String password) {
this.password = password;
} public String getAutologin() {
return autologin;
} public void setAutologin(String autologin) {
this.autologin = autologin;
} public String getEmail_username() {
return email_username;
} public void setEmail_username(String email_username) {
this.email_username = email_username;
} public String getHint() {
return hint;
} public void setHint(String hint) {
this.hint = hint;
} public String getCaptcha() {
return captcha;
} public void setCaptcha(String captcha) {
this.captcha = captcha;
} public void setServletRequest(HttpServletRequest servletRequest) {
this.request=servletRequest;
} public void setServletResponse(HttpServletResponse servletResponse) {
this.response=servletResponse;
}
@SuppressWarnings("unchecked")
public String execute() {
HttpSession session=request.getSession();
//获得域名
String host=request.getServerName(); email_username = this.getEmail_username().trim();
password = this.getPassword().trim();
captcha = this.getCaptcha().trim().toLowerCase();
autologin = this.getAutologin(); // 密码加密
MD5_Encoding md5 = new MD5_Encoding();
password = md5.getMD5ofStr(password); if (!captcha.equals(session.getAttribute("idcode"))) {
this.setTip("验证码错误");
this.setHint("failed");
return INPUT;
} else {
// Email登录
User user1 = userService.findUserByEmailPassword(email_username,
password); if (user1 != null) {
if ("N".equals(user1.getEnable())) {// 邮件登陆但没有激活
String emailAddress = EmailLoginAddress
.getEmialLoginAddress(email_username); session.setAttribute("email", email_username);
session.setAttribute("secret", user1.getSecret());
session.setAttribute("tempname", user1.getUsername());
session.setAttribute("emailAddress", emailAddress); return "unverified";
} else {
// 处理自动登录
if (autologin != null) {
// 创建两个cookie对象
// 一个cookie记录用户名,另一个记录唯一的验证码
// 并将此验证码写入数据库,以备用户返回时查询(防止伪造cookie)
Cookie cookie1 = new Cookie("SESSION_LOGIN_USERNAME", user1
.getUsername());
cookie1.setMaxAge(60 * 60 * 24 * 14);// 设置cookie有效期为2周
cookie1.setPath("/");
cookie1.setDomain(host);
response.addCookie(cookie1); String sessionid = session.getId();
Cookie cookie2 = new Cookie("SESSION_ID", sessionid);
cookie2.setMaxAge(60 * 60 * 24 * 14);
cookie2.setPath("/");
cookie2.setDomain(host);
response.addCookie(cookie2); // 在数据库中插入相应记录
UserSession userSession = new UserSession();
userSession.setUsername(user1.getUsername());
userSession.setSessionid(sessionid);
userService.addUserSession(userSession);
}
session.setAttribute("user", user1);
return SUCCESS;
} else {
this.setHint("failed");
this.setTip("不存在这样的Email或用户名或密码错误");
return INPUT;
}
}
}
}
}
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;import org.apache.struts2.ServletActionContext;
import org.apache.struts2.StrutsStatics;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;import com.opensymphony.xwork2.ActionContext;
import com.zuwoba.model.User;
import com.zuwoba.model.UserSession;
import com.zuwoba.presentation.action.base.BaseAction;
import com.zuwoba.util.EmailLoginAddress;
import com.zuwoba.util.MD5_Encoding;/**
* @project_name zuwoba
* @file_name LoginAction.java
* @author tianhandigeng
* @version Oct 25, 2010 2:53:04 PM
* @declaration
*/
public class LoginAction extends BaseAction implements ServletRequestAware,ServletResponseAware{
private String email_username;
private String password;
private String captcha;
private String autologin; private HttpServletRequest request;
private HttpServletResponse response;
// 提示窗口
private String hint;
private String tip; public String getTip() {
return tip;
} public void setTip(String tip) {
this.tip = tip;
} public String getPassword() {
return password;
} public void setPassword(String password) {
this.password = password;
} public String getAutologin() {
return autologin;
} public void setAutologin(String autologin) {
this.autologin = autologin;
} public String getEmail_username() {
return email_username;
} public void setEmail_username(String email_username) {
this.email_username = email_username;
} public String getHint() {
return hint;
} public void setHint(String hint) {
this.hint = hint;
} public String getCaptcha() {
return captcha;
} public void setCaptcha(String captcha) {
this.captcha = captcha;
} public void setServletRequest(HttpServletRequest servletRequest) {
this.request=servletRequest;
} public void setServletResponse(HttpServletResponse servletResponse) {
this.response=servletResponse;
}
@SuppressWarnings("unchecked")
public String execute() {
HttpSession session=request.getSession();
//获得域名
String host=request.getServerName(); email_username = this.getEmail_username().trim();
password = this.getPassword().trim();
captcha = this.getCaptcha().trim().toLowerCase();
autologin = this.getAutologin(); // 密码加密
MD5_Encoding md5 = new MD5_Encoding();
password = md5.getMD5ofStr(password); if (!captcha.equals(session.getAttribute("idcode"))) {
this.setTip("验证码错误");
this.setHint("failed");
return INPUT;
} else {
// Email登录
User user1 = userService.findUserByEmailPassword(email_username,
password); if (user1 != null) {
if ("N".equals(user1.getEnable())) {// 邮件登陆但没有激活
String emailAddress = EmailLoginAddress
.getEmialLoginAddress(email_username); session.setAttribute("email", email_username);
session.setAttribute("secret", user1.getSecret());
session.setAttribute("tempname", user1.getUsername());
session.setAttribute("emailAddress", emailAddress); return "unverified";
} else {
// 处理自动登录
if (autologin != null) {
// 创建两个cookie对象
// 一个cookie记录用户名,另一个记录唯一的验证码
// 并将此验证码写入数据库,以备用户返回时查询(防止伪造cookie)
Cookie cookie1 = new Cookie("SESSION_LOGIN_USERNAME", user1
.getUsername());
cookie1.setMaxAge(60 * 60 * 24 * 14);// 设置cookie有效期为2周
cookie1.setPath("/");
cookie1.setDomain(host);
response.addCookie(cookie1); String sessionid = session.getId();
Cookie cookie2 = new Cookie("SESSION_ID", sessionid);
cookie2.setMaxAge(60 * 60 * 24 * 14);
cookie2.setPath("/");
cookie2.setDomain(host);
response.addCookie(cookie2); // 在数据库中插入相应记录
UserSession userSession = new UserSession();
userSession.setUsername(user1.getUsername());
userSession.setSessionid(sessionid);
userService.addUserSession(userSession);
}
session.setAttribute("user", user1);
return SUCCESS;
} else {
this.setHint("failed");
this.setTip("不存在这样的Email或用户名或密码错误");
return INPUT;
}
}
}
}
}
解决方案 »
- 和大家讨论一个编码的问题 求解?
- 获取有关客户端上次请求的URL的常规方案
- java链表嵌套问题,帮忙解决一下吧。。。用C和C++也行
- 用Dreamweaver做jsp时为什么连接不上Mysql数据库呢?
- 面试时感觉无从说起,求助
- 动态html 转pdf
- 如何把dom里的内容输出到屏幕?
- 大家听说过深圳博科信息产业有限公司吗?最好有在里面上班的大哥说说情况阿(给100)
- 在jbuiler7与weblogic7整合时,按照网上的资料配置了server,可是我的ejb wizard依然是灰的无效,请高手指教
- 请教一个关于组合框的setSelectedIndex()方法,怎么都想不明白啊
- JSP页面通过数组来更改<img>的src属性,那么id属性如何动态指定?
- quartz问题请教,急,在线等
其次,autologin != null完后最好先判断cookie是否已经存在,不存在再新增
public static void saveUser(User user, HttpServletRequest request, HttpServletResponse response) {
// Cookie: id|name|permission
String cookieValue = LoginUtil.toCookieValue(user);
LoginUtil.addCookie(Constants.USER_COOKIE, cookieValue, response); // Save the user's password
LoginUtil.savePassword(user.getPassword(), response); HttpSession session = request.getSession(true);
session.setAttribute(Constants.USER_SESSION, user);
}
public static void addCookie(String name, String value, HttpServletResponse response) {
Cookie cookie = new Cookie(name, value);
cookie.setMaxAge(Constants.COOKIE_MAX_AGE);
cookie.setPath(Constants.COOKIE_PATH);
response.addCookie(cookie);
} public static void removeCookie(String name, HttpServletResponse response) {
Cookie cookie = new Cookie(name, "");
cookie.setPath(Constants.COOKIE_PATH);
cookie.setMaxAge(0);
response.addCookie(cookie);
}
用户输入用户名、密码登录时服务器写cookie,保存用户名和密码到用户本地,当然密码是加密的。
该cookie的有效期可以设为24小时,一周或半月。用户再次访问这个网站任何URL时,这时IE都会带该cookie到服务器,
服务器端可以用一个filter来进行拦截,如果用户名、密码正确就自动帮他登了录,
并把用户信息写到 session对象中进行保存。