如何在网上说出加载Cookie的次数? 例如,我使用我的凭据登录,我的jsp运行并显示结果...当我得到结果时,我想说这样的用户名凭证:
<%
String Usuario = null;
Cookie[] cookies =request.getCookies();
if (cookies != null){
for(Cookie cookie : cookies){
if(cookie.getName().equals("usuario"))
Usuario = cookie.getValue();
}
}
if (Usuario == null)
response.sendRedirect("Index.html");
%>
<h3>
Hi <%=Usuario %>, Login Complete.
</h3>
<form action="Logout" method="post">
<input type="submit" value="Logout">
</form>
但如果我重新加载页面,我想计算重新加载cookie的次数,所以在我的回复中我得到:
<h3>
Hi <%=Usuario %>, Login Complete. + cookiecount
</h3>
我该怎么做?
JSP:
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Login con Cookies</title>
</head>
<body>
<%
String Usuario = null;
Cookie[] cookies =request.getCookies();
if (cookies != null){
for(Cookie cookie : cookies){
if(cookie.getName().equals("usuario"))
Usuario = cookie.getValue();
}
}
if (Usuario == null)
response.sendRedirect("Index.html");
%>
<h3>
Hi <%=Usuario %>, Login Complete.
</h3>
<form action="Logout" method="post">
<input type="submit" value="Logout">
</form>
</body>
LoginServlet:
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String user = request.getParameter("usuario");
String contra = request.getParameter("contrasena");
if (userID.equals(user) && password.equals(contra)){
Cookie Gerardocookie = new Cookie("usuario",user);
Gerardocookie.setMaxAge(60 * 60);
response.addCookie(Gerardocookie);
response.sendRedirect("Procesardatos.jsp");
} else{
RequestDispatcher rd = getServletContext().getRequestDispatcher("/index.html");
PrintWriter out = response.getWriter();
out.println("<font color=red>Usuario y/o contrasena invalidas");
rd.include(request, response);
}
}
-------------------------------- UPDATE -------------- -------------------------
JSP:
<body>
<%
String usuario = (String)session.getAttribute("usuario");
if (usuario == null) {
response.sendRedirect("Index.html");
return;
}
AtomicInteger sessionCount = (AtomicInteger)session.getAttribute("count");
int count = sessionCount.incrementAndGet(); // count = ++sessionCount
%>
SERVLET:
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String user = request.getParameter("usuario");
String contra = request.getParameter("contrasena");
HttpSession session = request.getSession();
session.setAttribute("usuario", user);
session.setAttribute("count", new AtomicInteger());
if (userID.equals(user) && password.equals(contra)){
Cookie Gerardocookie = new Cookie("usuario",user);
Gerardocookie.setMaxAge(60 * 60);
response.addCookie(Gerardocookie);
response.sendRedirect("Procesardatos.jsp");
} else{
RequestDispatcher rd = getServletContext().getRequestDispatcher("/index.html");
PrintWriter out = response.getWriter();
out.println("<font color=red>Usuario y/o contrasena invalidas");
rd.include(request, response);
}
}
答案 0 :(得分:0)
Cookie很容易破解,因此只需在Cookie中设置用户名对于确保安全性几乎没用。任何会话cookie都可以作为永不过期的cookie复制到另一台计算机。
建议您将用户名存储在会话中。即使cookie被盗,一旦服务器到期,它就变得无用了。 (您还可以采取其他措施来进一步提高安全性。)
然后,您可以使用计数器存储第二个会话属性:
<div id="googlemap">
<iframe src="https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3648.6714814904954!2d90.40069809681577!3d23.865796688563787!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x3755c425897f1f09%3A0x2bdfa71343f07395!2sArcadia+Green+Point%2C+Rd+No.+16%2C+Dhaka+1230%2C+Bangladesh!5e0!3m2!1sen!2sin!4v1442184916780" width="400" height="300" frameborder="0" style="border:0" allowfullscreen></iframe>
</div>
在后续请求中,您查询会话:
HttpSession session = request.getSession();
session.setAttribute("usuario", user);
session.setAttribute("count", new AtomicInteger());
这与您的要求一致,但它会增加对执行此操作的服务器的每个请求的计数器。如果除了登录页面之外的所有请求都是安全的,那么它们都是这样做的,所以你基本上都在计算请求。