java使用Filter实现自动登录的方法

package com.learning.web.servlet;import java.io.IOException;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import com.learning.domain.User;import com.learning.service.UserService;@WebServlet("/servlet/loginServlet")public class LoginServlet extends HttpServlet { private static final long serialVersionUID = 1L; protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {  String username = request.getParameter("username");  String password = request.getParameter("password");  String autologin = request.getParameter("autologin");    UserService userService=new UserService();  User user = userService.findUser(username, password);  //user不为null，则登录成功  if (user!=null) {  //创建cookie来保存用户信息  Cookie cookie=new Cookie("user", user.getUsername()+"&"+user.getPassword());  cookie.setPath("/");  //autologin不为null，则记住了登录状态  if (autologin!=null) {   cookie.setMaxAge(1*60*60*24);//一天的有效时间  }  else {   cookie.setMaxAge(0);  }  response.addCookie(cookie);  request.getSession().setAttribute("user", user);  request.getRequestDispatcher("/home.jsp").forward(request, response);  }else {  response.sendRedirect(request.getContextPath()+"/homeLogin.jsp");  }   } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); }}

package com.learning.web.filter;import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.annotation.WebFilter;import javax.servlet.annotation.WebInitParam;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;import javax.servlet.jsp.jstl.core.Config;import com.learning.domain.User;import com.learning.service.UserService;@WebFilter(urlPatterns="/*",initParams={@WebInitParam(name="autologin",value="login"),@WebInitParam(name="",value="")})public class AutoFilter implements Filter{ private FilterConfig filterConfig; @Override public void destroy() { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)  throws IOException, ServletException { // 转换对象 HttpServletRequest httpServletRequest = (HttpServletRequest) request; HttpServletResponse httpServletResponse = (HttpServletResponse) response; // 获得访问的路径 String uri = httpServletRequest.getRequestURI(); String contextPath = httpServletRequest.getContextPath(); uri = uri.substring(contextPath.length() + 1); // 获得初始化参数 String login = filterConfig.getInitParameter("autologin"); System.out.println("直接通行的路径："+login); // 不包含"login"的路径就要进行过滤 （xxxlogin.jsp 不需要自动登录） if (!uri.contains(login)) {  HttpSession session = httpServletRequest.getSession();  User u = (User) session.getAttribute("user");  if (u != null) {  System.out.println("session不为null");  chain.doFilter(request, response);  } else {  // 处理业务逻辑  // 1.获得cookie 得到User的信息  String username = "";  String password = "";  UserService userService = new UserService();  Cookie[] cookies = httpServletRequest.getCookies();  for (int i = 0;cookies!=null&& i < cookies.length; i++) {    if ("user".equals(cookies[i].getName())) {   String string = cookies[i].getValue();   String[] values = string.split("&");   username = values[0];   password = values[1];   User user = userService.findUser(username, password);      // 不为空则放入session   if (user != null) {    System.out.println("自动登录了");    httpServletRequest.getSession().setAttribute("user", user);   }   }  }  } } // 2.放行 chain.doFilter(request, response); } @Override public void init(FilterConfig filterConfig) throws ServletException {  this.filterConfig=filterConfig;  }}