咨询热线:4006-75-4006
售前:9:00-23:30 备案:9:00-18:00 技术:7*24h
讨论下基于java+jsp开发的网站同phpwind论坛的同步登陆问题,主要就是要做到cookie的一致。
phpwind的cookie的生成方式较为复杂,而且查阅了网上很多资料,参照了phpwind包login.php里的过程,只是php语言的,对我这样不熟悉php的人来说还是有点麻烦的。于是我用java代码实现生成了phpwind可以识别的cookie,做到了同步登陆。
具体步骤如下:
生成的cookie的name和value都要与phpwind的一致,首先看cookie的name生成规则,先查找phpwind数据库表pw_config的name为db_sitehash字段的值(这里用PwConfig.db_sitehash表示),经过MD5方式加密后,取前5位与字符串"_winduser"拼接而成。
java代码如下:
private String generateCookieName() {
StringBuilder cookieNameString = new StringBuilder(md5.hash(
PwConfig.db_sitehash).substring(0, 5)).append("_winduser");
return cookieNameString .toString();
}
再看cookie的value生成规则,有点复杂,需要细心和一点耐心,需要获取
private String generateCookieValue(User user, HttpServletRequest request,
HttpServletResponse response) {
//获取系统浏览器信息,后面用到
String user_Agent = request.getHeader("user-agent");
Integer pwMember_Uid = null;
//获取jsp网站登录用户在论坛用户表中的uid,当然要同步登录,jsp网站和论坛的数据库用户数据表?据肯定要一致啦
pwMember_Uid = pwMembersDao.getuIdByUsername(user.getName());
//为了效率,字符串拼接操作都采用StringBuilder类型
StringBuilder cookieBaseStringBuilder = new StringBuilder();
if (pwMember_Uid != null) {
//这里的md5.hash()函数作用是对字符串进行MD5方式加密,返回32位结果字符串;user是jsp网站登录的用户对象,里面的密码就是明文,PwConfig.db_hash是论坛pw_config表中db_hash的值
cookieBaseStringBuilder
.append(pwMember_Uid.toString())
.append(" ")
.append(md5.hash(new StringBuilder(user_Agent)
.append(md5.hash(user.getPassword()))
.append(PwConfig.db_hash).toString()))
.append(" ").append("");
} else {
return "";
}
String cookieBaseKey = md5.hash(
new StringBuilder(user_Agent).append(PwConfig.db_hash)
.toString()).substring(8, 26);
String cookieBaseString = cookieBaseStringBuilder.toString();
int keylen = cookieBaseKey.length();
int strlen = cookieBaseString.length();
StringBuilder cookieValueStringBuilder = new StringBuilder();
for (int i = 0; i < strlen; i++) {
int k = i % keylen;
//对前面生成的cookieBaseString和cookieBaseKey字符串中指定位字符进行按位异或
cookieValueStringBuilder
.append((char) (cookieBaseString
.toCharArray()[i] ^ cookieBaseKey.toCharArray()[k]));
}
String cookieValue = cookieValueStringBuilder.toString();
try {
//在进行一次Base64编码
cookieValue = new String(Base64.encodeToByte(cookieValue
.getBytes("UTF-8")));
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
//去掉base64编码后末尾可能出现的等号,好像不去也行,好像phpwind识别时也会自动去掉
cookieValue = cookieValue.replace("=", "");
return cookieValue;
}
至此,cookie的name和value都已经生成,只需要放到cookie中就行了.
public void addCookie(User user, HttpServletRequest request,
HttpServletResponse response) {
String name = generateCookieName();
String value = generateCookieValue(user, request, response);
Cookie cookie = new Cookie(name , value);
cookie.setMaxAge(60 * 30);
cookie.setPath("/");
response.addCookie(cookie);
}
同步登出也很容易,只要将指定name值的cookie的value设置为空就行了
public void clearCookie(HttpServletResponse response) {
Cookie cookie = new Cookie(getCookieName(), null);
cookie.setMaxAge(0);
cookie.setPath("/");
response.addCookie(cookie);
}