MD5加密驗證與URL路徑攔截

Q1:MD5加密

MD5Util封裝工具類（加密，包括包括字符串、文件、字節數組、等）

package com.zhangyuwei.teacher.common;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
/**
 * MD5加密處理工具類
 * @author Administrator
 *
 */
public class MD5Utils {
    /**
     * 默認的密碼字符串組合，用來將字節轉換成 16 進製表示的字符,apache校驗下載的文件的正確性用的就是默認的這個組合
     */
    protected static char hexDigits[] = { '0', '1', '2', '3', '4', '5', '6',
            '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };

    protected static MessageDigest messagedigest = null;
    static {
        try {
            messagedigest = MessageDigest.getInstance("MD5");
        } catch (NoSuchAlgorithmException nsaex) {
            System.err.println(MD5Utils.class.getName()
                    + "初始化失敗，MessageDigest不支持MD5Util。");
            nsaex.printStackTrace();
        }
    }

    /**
     * 生成字符串的md5校驗值
     *
     * @param s
     * @return
     */
    public static String getMD5String(String s) {
        return getMD5String(s.getBytes());
    }

    /**
     * 判斷字符串的md5校驗碼是否與一個已知的md5碼相匹配
     *
     * @param password
     * 要校驗的字符串
     * @param md5PwdStr
     * 已知的md5校驗碼
     * @return
     */
    public static boolean isEqualsToMd5(String password, String md5PwdStr) {
        String s = getMD5String(password);
        return s.equals(md5PwdStr);
    }

    /**
     * 生成文件的md5校驗值
     *
     * @param file
     * @return
     * @throws IOException
     */
    public static String getFileMD5String(File file) throws IOException {
        InputStream fis;
        fis = new FileInputStream(file);
        byte[] buffer = new byte[1024];
        int numRead = 0;
        while ((numRead = fis.read(buffer)) > 0) {
            messagedigest.update(buffer, 0, numRead);
        }
        fis.close();
        return bufferToHex(messagedigest.digest());
    }

    /**
     * 生成字節數組的md5校驗值
     *
     * @param s
     * @return
     */
    public static String getMD5String(byte[] bytes) {
        messagedigest.update(bytes);
        return bufferToHex(messagedigest.digest());
    }

    private static String bufferToHex(byte bytes[]) {
        return bufferToHex(bytes, 0, bytes.length);
    }

    private static String bufferToHex(byte bytes[], int m, int n) {
        StringBuffer stringbuffer = new StringBuffer(2 * n);
        int k = m + n;
        for (int l = m; l < k; l++) {
            appendHexPair(bytes[l], stringbuffer);
        }
        return stringbuffer.toString();
    }

    private static void appendHexPair(byte bt, StringBuffer stringbuffer) {
        char c0 = hexDigits[(bt & 0xf0) >> 4];// 取字節中高 4 位的數字轉換, >>>
// 爲邏輯右移，將符號位一塊兒右移,此處未發現兩種符號有何不一樣
        char c1 = hexDigits[bt & 0xf];// 取字節中低 4 位的數字轉換
        stringbuffer.append(c0);
        stringbuffer.append(c1);
    }

    /**
     * 將源字符串使用MD5加密爲字節數組
     * @param source
     * @return
     */
    public static byte[] encode2bytes(String source) {
        byte[] result = null;
        try {
            MessageDigest md = MessageDigest.getInstance("MD5");
            md.reset();
            md.update(source.getBytes("UTF-8"));
            result = md.digest();
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }

        return result;
    }

    /**
     * 將源字符串使用MD5加密爲32位16進制數
     * @param source
     * @return
     */
    public static String encode2hex(String source) {
        byte[] data = encode2bytes(source);
        StringBuffer hexString = new StringBuffer();
        for (int i = 0; i < data.length; i++) {
            String hex = Integer.toHexString(0xff & data[i]);

            if (hex.length() == 1) {
                hexString.append('0');
            }

            hexString.append(hex);
        }

        return hexString.toString();
    }

    /**
     * 驗證字符串是否匹配
     * @param unknown 待驗證的字符串
     * @param okHex 使用MD5加密過的16進制字符串
     * @return 匹配返回true，不匹配返回false
     */
    public static boolean validate(String unknown , String okHex) {
        return okHex.equals(encode2hex(unknown));
    }
}

測試：

package com.zhangyuwei.teacher.common;

public class MD5UtilTest {
    /**
     * MD5加密
     * MD5驗證
     * */
    public static void main(String[] args) {
        String password=MD5Utils.getMD5String("736375819");
        System.out.println(password);
        if(MD5Utils.isEqualsToMd5("736375819",password)){
            System.out.println("匹配成功！");
        }else{
            System.out.println("匹配失敗!");
        }
    }
}

 Q2:URL路徑攔截

你們想要理解攔截器是指定所要攔截的，除了一些我不須要攔截的，一下/login,/regist是我須要排出攔截的

spring-mvc

<!--攔截器-->
    <!--配置攔截器 攔截除了exceptUrls內的全部請求-->
   <mvc:interceptors>
        <mvc:interceptor>
            <mvc:mapping path="/**"/>
            <bean class="com.zhangyuwei.teacher.controller.LoginInterceptor">
                <property name="exceptUrls">
                    <list>
                        <value>/login</value>
                        <value>/register</value>
                        <value>/TeacherServlet/login</value>
                    </list>
                </property>
            </bean>
        </mvc:interceptor>
    </mvc:interceptors>

LoginInterceptor

 

package com.zhangyuwei.teacher.controller;

import org.apache.commons.lang3.StringUtils;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;

public class LoginInterceptor extends HandlerInterceptorAdapter {
    private List<String> exceptUrls;

    public List<String> getExceptUrls() {
        return exceptUrls;
    }

    public void setExceptUrls(List<String> exceptUrls) {
        this.exceptUrls = exceptUrls;
    }
    //執行action以前來執行
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        String requestUri=request.getRequestURI();
        if(requestUri.startsWith(request.getContextPath())){
            requestUri = requestUri.substring(request.getContextPath().length(), requestUri.length());
        }
        //系統根目錄
        if (StringUtils.equals("/",requestUri)) {
            return true;
        }
        //放行exceptUrls中配置的url
        for (String url:exceptUrls
                ) {
            if(url.endsWith("/**")){
                if (requestUri.startsWith(url.substring(0, url.length() - 3))) {
                    return true;
                }
            } else if (requestUri.startsWith(url)) {
                return true;
            }
        }
        //其餘須要登陸後才能進行訪問的url
        //String sessionid = request.getSession().getId();
        //在這裏咱們能夠定義一個session來存儲登陸狀態
        String status=null;
        //若是沒有登陸
        if(status==null){
            //返回到登陸頁面
            response.sendRedirect("login.html");
            return false;
        }else{
            return true;
        }
    }
}

 

結果就是當你直接訪問login.html是能夠進去的，二當你訪問其它頁面是，它會直接跳到login.html界面。