这几天研究了下基于java+jsp开发的网站同phpwind论坛的同步登陆问题,主要就是要做到cookie的一致。
phpwind的cookie的生成方式较为复杂,而且查阅了网上很多资料,参照了phpwind包login.php里的过程,只是php语言的,对我这样不熟悉php的人来说还是有点麻烦的。于是我用java代码实现生成了phpwind可以识别的cookie,做到了同步登陆。
具体步骤如下:
生成的cookie的name和value都要与phpwind的一致,首先看cookie的name生成规则,先查找phpwind数据库表pw_config的name为db_sitehash字段的值(这里用PwConfig.db_sitehash表示),经过MD5方式加密后,取前5位与字符串"_winduser"拼接而成。
java代码如下:
- private String generateCookieName() {
- StringBuilder cookieNameString = new StringBuilder(md5.hash(
- PwConfig.db_sitehash).substring(0, 5)).append("_winduser");
- return cookieNameString .toString();
- }
再看cookie的value生成规则,有点复杂,需要细心和一点耐心,需要获取
- private String generateCookieValue(User user, HttpServletRequest request,
- HttpServletResponse response) {
- //获取系统浏览器信息,后面用到
- String user_Agent = request.getHeader("user-agent");
- Integer pwMember_Uid = null;
- //获取jsp网站登录用户在论坛用户表中的uid,当然要同步登录,jsp网站和论坛的数据库用户数据表数据肯定要一致啦
- pwMember_Uid = pwMembersDao.getuIdByUsername(user.getName());
- //为了效率,字符串拼接操作都采用StringBuilder类型
- StringBuilder cookieBaseStringBuilder = new StringBuilder();
- if (pwMember_Uid != null) {
- //这里的md5.hash()函数作用是对字符串进行MD5方式加密,返回32位结果字符串;user是jsp网站登录的用户对象,里面的密码就是明文,PwConfig.db_hash是论坛pw_config表中db_hash的值
- cookieBaseStringBuilder
- .append(pwMember_Uid.toString())
- .append("/t")
- .append(md5.hash(new StringBuilder(user_Agent)
- .append(md5.hash(user.getPassword()))
- .append(PwConfig.db_hash).toString()))
- .append("/t").append("");
- } else {
- return "";
- }
- String cookieBaseKey = md5.hash(
- new StringBuilder(user_Agent).append(PwConfig.db_hash)
- .toString()).substring(8, 26);
- String cookieBaseString = cookieBaseStringBuilder.toString();
- int keylen = cookieBaseKey.length();
- int strlen = cookieBaseString.length();
- StringBuilder cookieValueStringBuilder = new StringBuilder();
- for (int i = 0; i < strlen; i++) {
- int k = i % keylen;
- //对前面生成的cookieBaseString和cookieBaseKey字符串中指定位字符进行按位异或
- cookieValueStringBuilder
- .append((char) (cookieBaseString
- .toCharArray()[i] ^ cookieBaseKey.toCharArray()[k]));
- }
- String cookieValue = cookieValueStringBuilder.toString();
- try {
- //在进行一次Base64编码
- cookieValue = new String(Base64.encodeToByte(cookieValue
- .getBytes("UTF-8")));
- } catch (UnsupportedEncodingException e) {
- e.printStackTrace();
- }
- //去掉base64编码后末尾可能出现的等号,好像不去也行,好像phpwind识别时也会自动去掉
- cookieValue = cookieValue.replace("=", "");
- return cookieValue;
- }
至此,cookie的name和value都已经生成,只需要放到cookie中就行了.
- public void addCookie(User user, HttpServletRequest request,
- HttpServletResponse response) {
- String name = generateCookieName();
- String value = generateCookieValue(user, request, response);
- Cookie cookie = new Cookie(name , value);
- cookie.setMaxAge(60 * 30);
- cookie.setPath("/");
- response.addCookie(cookie);
- }
同步登出也很容易,只要将指定name值的cookie的value设置为空就行了
- public void clearCookie(HttpServletResponse response) {
- Cookie cookie = new Cookie(getCookieName(), null);
- cookie.setMaxAge(0);
- cookie.setPath("/");
- response.addCookie(cookie);
- }
新闻热点
疑难解答
图片精选