登录模块

登录模块

表单->后台

首先表单初始化一个用户类

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <base href="<%=basePath%>">
    
    <title>My JSP 'loginmanager.jsp' starting page</title>
    
	<meta http-equiv="pragma" content="no-cache">
	<meta http-equiv="cache-control" content="no-cache">
	<meta http-equiv="expires" content="0">    
	<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
	<meta http-equiv="description" content="This is my page">
	<!--
	<link rel="stylesheet" type="text/css" href="styles.css">
	-->
	<script type="text/javascript">
	<% 
	session.setAttribute("m_administrator", null);
	%>
	
	</script>
  </head>
  
  <body>
  	<s:form action="loginManager.action">
  		<s:textfield label="用户名" name="administrator.administratorname"></s:textfield>
  		<s:password label="密码" name="administrator.administratorpwd"></s:password>
  		<s:submit value="登录"></s:submit>
  	</s:form>
  </body>
</html>

用户类的模型:

package com.il360.infolife.model;

import java.io.Serializable;

/**
 * @author wangjie
 * @version 创建时间:2013-4-22 上午10:23:44
 */
public class Administrator implements Serializable {
	private int administratorid;
	private String administratorname;
	private String administratorpwd;
	
	public Administrator() {
	}
	
	public Administrator(int administratorid, String administratorname,
			String administratorpwd) {
		this.administratorid = administratorid;
		this.administratorname = administratorname;
		this.administratorpwd = administratorpwd;
	}

	public int getAdministratorid() {
		return administratorid;
	}

	public void setAdministratorid(int administratorid) {
		this.administratorid = administratorid;
	}
	
	public String getAdministratorname() {
		return administratorname;
	}

	public void setAdministratorname(String administratorname) {
		this.administratorname = administratorname;
	}

	public String getAdministratorpwd() {
		return administratorpwd;
	}

	public void setAdministratorpwd(String administratorpwd) {
		this.administratorpwd = administratorpwd;
	}
	
}

后台Action获取到表单传来的明文账号和密码创建一个Administrator对象,然后根据明文密码获取自定义算法的加密后得密码,将这个加密后得密码与数据库保存的值进行比较,相同则登录成功,设置session,不同则重新输入,跳转页面。

import java.util.Map;

import org.apache.struts2.ServletActionContext;
import com.opensymphony.xwork2.ActionSupport;
import com.upomp.pay.sign.Password;


public class LoginManagerAction extends ActionSupport {
	private Administrator administrator;
	private AdministratorService administratorService;
	
	public Administrator getAdministrator() {
		return administrator;
	}

	public void setAdministrator(Administrator administrator) {
		this.administrator = administrator;
	}

	public AdministratorService getAdministratorService() {
		return administratorService;
	}

	public void setAdministratorService(AdministratorService administratorService) {
		this.administratorService = administratorService;
	}

	@Override
	public String execute() throws Exception {
		administrator.setAdministratorpwd(Password.createPassword(administrator.getAdministratorpwd()));
		Administrator admin = administratorService.loginManager(administrator);
		if(null == admin){
			return ERROR;
		}
		Map<String, Object> sessionMap = ServletActionContext.getContext().getSession();
		sessionMap.put("m_administrator", admin);
		return SUCCESS;
	}
}

加密算法,可以是MD5:

MD5说明:任何字符串进行md5加密后将得到一个16字节的字节数组,因为一个字节可由两个16进制数表示(一个字节8位,前4位表示一个16进制数,后4位表示一个16进制数),所以可以将这个16进制字节表示位32个16进制数,即32个字符,而16进制的顺序可以由一个字符数据进行映射(即下面的hexDigits),那么就可以自定义16进制的表示。

import java.security.MessageDigest;
/**
 * 对密码进行加密和验证的程序
 */

public class Password{
    
    //十六进制下数字到字符的映射数组
    private final static String[] hexDigits = {"0", "1", "2", "3", "4",
        "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f"};
    
    /** *//** 把inputString加密     */
    public static String createPassword(String inputString) {
        return encodeByMD5(inputString);
    }
    
    /** *//**
     * 验证输入的密码是否正确
     * @param password    真正的密码(加密后的真密码)
     * @param inputString    输入的字符串
     * @return    验证结果,boolean类型
     */
    public static boolean authenticatePassword(String password, String inputString) {
        if(password.equals(encodeByMD5(inputString))) {
            return true;
        } else {
            return false;
        }
    }
    
    /** *//** 对字符串进行MD5加密     */
    private static String encodeByMD5(String originString) {
        if (originString != null) {
            try {
                //创建具有指定算法名称的信息摘要
                MessageDigest md = MessageDigest.getInstance("MD5");
                //使用指定的字节数组对摘要进行最后更新,然后完成摘要计算
                byte[] results = md.digest(originString.getBytes());
                //将得到的字节数组变成字符串返回
                String resultString = byteArrayToHexString(results);
                return resultString.toUpperCase();
            } catch(Exception ex) {
                ex.printStackTrace();
            }
        }
        return null;
    }
    
    /** *//**
     * 转换字节数组为十六进制字符串
     * @param b    字节数组
     * @return    十六进制字符串
     */
    private static String byteArrayToHexString(byte[] b) {
        StringBuffer resultSb = new StringBuffer();
        for (int i = 0; i < b.length; i++) {
            resultSb.append(byteToHexString(b[i]));
        }
        return resultSb.toString();
    }
    
    /** *//** 将一个字节转化成十六进制形式的字符串     */
    private static String byteToHexString(byte b) {
        int n = b;
        if (n < 0)
            n = 256 + n;
        int d1 = n / 16;
        int d2 = n % 16;
        return hexDigits[d1] + hexDigits[d2];
    }
    /*
    public static void main(String[] args) {
        String password = Password.createPassword("infolife!@#$%^&*");
        System.out.println("对infolife!@#$%^&*用MD5摘要后的字符串:" + password);
        String inputString = "infolife!@#$%^&*";
        System.out.println("infolife!@#$%^&*与密码匹配?" + 
                Password.authenticatePassword(password, inputString));
        inputString = "888888";
        System.out.println("888888与密码匹配?" + 
                Password.authenticatePassword(password, inputString));
    }
    */
}


对应成功和失败后的跳转:

		<action name="loginManager" class="loginManagerAction">
			<result name="success" type="redirect">/index.jsp</result>
			<result name="error">/error.jsp</result>
		</action>

后台管理还需要对每个action进行判断(查看session是否有用户信息):

	if(null == session.getAttribute("m_administrator")){
		response.sendRedirect("loginmanager.jsp");
	}


可以将从session中获取user信息的代码写到拦截器或者过滤器里面:



你可能感兴趣的:(登录)