sso1

虚拟主机搭建
1.在C:\WINDOWS\system32\drivers\etc\hosts中配置以下信息：
127.0.0.1 bbs.qingmu.cn
127.0.0.1 email.qingmu.cn
127.0.0.1 blog.qingmu.cn

 

2.在tomcat下创建目录
bbsapp
blogapp
emailapp

3.在workspace（D:\MyCode\333）中创建web工程
bbs
blog
email

4.在tomcat/conf/server.xml中配置

<Host name="bbs.qingmu.cn" appBase="bbsapp" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
    <Context docBase="D:\MyCode\333\bbs\WebRoot" path="/" reloadble="true" />
</Host>
<Host name="email.qingmu.cn" appBase="emailapp" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
    <Context docBase="D:\MyCode\333\email\WebRoot" path="/" reloadble="true" />
</Host>
<Host name="blog.qingmu.cn" appBase="blogapp" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
    <Context docBase="D:\MyCode\333\blog\WebRoot" path="/" reloadble="true" />
</Host>

 

5.login.jsp

<h3>
    论坛
</h3>
<c:choose>
    <c:when test="${not empty sessionScope.user}">
     您好，${sessionScope.user.uname } <a href="logout">退出</a>
    </c:when>
    <c:otherwise>
        <div>
            ${loginError }
        </div>
        <form name="loginForm" action="login" method="post">
            用户名：
            <input type="text" name="uname" />
            <br />
            密码：
            <input type="password" name="pwd" />
            <br />
            <input type="checkbox" value="true" name="saveCookies" />
            2周内自动登录
            <input type="submit" value="登录" />
        </form>
    </c:otherwise>
</c:choose>

 

index.jsp

<h3>
    论坛
</h3>
<c:choose>
    <c:when test="${not empty sessionScope.user}">
     您好，${sessionScope.user.uname } <a href="logout">退出</a>
    </c:when>
    <c:otherwise>
        您没有权限访问此页面，请<a href="login.jsp">登录</a>
    </c:otherwise>
</c:choose>

 

LoginServlet

public class LoginServlet extends HttpServlet {

    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String uname = request.getParameter("uname");
        String pwd = request.getParameter("pwd");
        String saveCookies = request.getParameter("saveCookies");
        
        if ("admin".equals(uname) && "123".equals(pwd)) {
            HttpSession session = request.getSession();
            session.setAttribute("user", new User(uname, pwd));
            
            Cookie cookieUname = new Cookie("uname", uname);
            cookieUname.setPath("/");
            cookieUname.setDomain("qingmu.cn");

            Cookie cookiePwd = new Cookie("pwd", pwd);
            cookiePwd.setPath("/");
            cookiePwd.setDomain("qingmu.cn");
            
            
            if ("true".equals(saveCookies)) {
                int expiry = 2 * 7 * 24 * 60 * 60;
                cookieUname.setMaxAge(expiry);
                cookiePwd.setMaxAge(expiry);
            }
            
            response.addCookie(cookiePwd);
            response.addCookie(cookieUname);
            response.sendRedirect("/index.jsp");

        } else {
            request.setAttribute("loginError", "用户名或密码不正确，请重新登录");
            request.getRequestDispatcher("/login.jsp").forward(request,
                    response);

        }
    }
}

 

LogoutServlet

public class LogoutServlet extends HttpServlet {

    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        //销毁session
        HttpSession session = request.getSession(false);
        if (session != null) {
            session.invalidate();
        }
        //删除cookie
        int expiry=0;
        
        Cookie cookieUname=new Cookie("uname","");
        cookieUname.setMaxAge(expiry);            
        cookieUname.setPath("/");    
        cookieUname.setDomain("qingmu.cn");
        response.addCookie(cookieUname);
        
        Cookie  cookiePwd=new Cookie("pwd","");
        cookiePwd.setMaxAge(expiry);
        cookiePwd.setPath("/");
        cookiePwd.setDomain("qingmu.cn");
        response.addCookie(cookiePwd);    
        response.sendRedirect("/login.jsp");
    }

}

 

 VlidateLoginFilter

public class VlidateLoginFilter implements Filter {

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest,
            ServletResponse servletResponse, FilterChain chain)
            throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        // 1.正在请求登录/login
        String servletPath = request.getServletPath();
        if ("/login".equals(servletPath)) {
            chain.doFilter(request, response);
            return;
        }

        // 2.已经登录过，session中有用户信息
        HttpSession session = request.getSession();
        User user = (User) session.getAttribute("user");
        if (user != null) {
            chain.doFilter(request, response);
            return;
        }

        // 3.查找cookie，
        String uname = null;
        String pwd = null;
        Cookie[] cookies = request.getCookies();
        for (int i = 0; cookies != null && i < cookies.length; i++) {
            Cookie cookie = cookies[i];
            String cookieName = cookie.getName();
            String cookieValue = cookie.getValue();
            if ("uname".equals(cookieName)) {
                uname = cookieValue;
            }
            if ("pwd".equals(cookieName)) {
                pwd = cookieValue;
            }
        }
        // 有cookie转成session属性
        if ("admin".equals(uname) && "123".equals(pwd)) {
            User user2 = new User(uname, pwd);
            session.setAttribute("user", user2);
        }
        chain.doFilter(request, response);
        return;
    }

    public void init(FilterConfig config) throws ServletException {
    }

}