用情形:在web项目中,经常会遇到用户未登录或SESSION失效时用户发出非法的权限操作,如新闻的评论、文件的下载等等,在此我们可以使用struts拦截器对该用户发出的请求进行拦截,拦截后判断用户是否登录或SESSION是否有效,然后进行其正常操作。具体实例如下:
新建一个拦截器类UserInterceptor ,UserInterceptor.java代码如下
- package com.hsinghsu.test.interceptor;
- import com.opensymphony.xwork2.*;
- import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
- import java.util.*;
- import javax.servlet.http.HttpServletRequest;
- import org.apache.struts2.ServletActionContext;
- public class UserInterceptor extends AbstractInterceptor {
- private static final long serialVersionUID = 4956767125951165062L;
- // 拦截Action处理的拦截方法
- public String intercept(ActionInvocation invocation) throws Exception {
- // 取得请求相关的ActionContext实例
- ActionContext ctx = invocation.getInvocationContext();
- Map<String, Object> session = ctx.getSession();
- // 取出名为user的Session属性
- String user = (String) session.get("user");
- // 如果已经登录,放行
- if (user != null && user.equals("hsing")) {
- return invocation.invoke();
- }
- // 获取HttpServletRequest对象
- HttpServletRequest req = ServletActionContext.getRequest();
- // 获取此请求的地址
- String path = req.getRequestURI();
- System.out.println("path:" + path);
- // 存入session,方便调用
- session.put("prePage", path);
- // 没有登录,将服务器提示设置成一个HttpServletRequest属性
- ctx.put("tip", "您还没有登录,请输入hsing,hsu登录系统");
- // 直接返回login的逻辑视图
- return "login";
- }
- }
- package com.hsinghsu.test.action;
- import com.opensymphony.xwork2.ActionSupport;
- import com.opensymphony.xwork2.ActionContext;
- import java.util.*;
- public class LoginAction extends ActionSupport {
- private static final long serialVersionUID = 8013816027944871760L;
- private String username;// 登录用户名
- private String password;// 登录密码
- private String prePage;// 登录前页面
- public String execute() throws Exception {
- if (null != username && null != password && username.equals("hsing") && password.equals("hsu")) {
- ActionContext ctx = ActionContext.getContext();
- Map<String, Object> session = ctx.getSession();
- //保存用户信息session
- session.put("user", getUsername());
- // 获取跳转到登陆界面之前的页面地址,由拦截器提供
- prePage = (String) session.get("prePage");
- // 清除session中的数据
- session.remove("prePage");
- if (null == prePage) {
- return "usercenter";// 不是拦截器跳转到登陆页面的,直接访问的登陆页面
- } else {
- return SUCCESS;// 是拦截器跳转到登陆登录前页面
- }
- } else {
- return INPUT;
- }
- }
- public void setUsername(String username) {
- this.username = username;
- }
- public String getUsername() {
- return this.username;
- }
- public void setPassword(String password) {
- this.password = password;
- }
- public String getPassword() {
- return this.password;
- }
- public String getPrePage() {
- return prePage;
- }
- public void setPrePage(String prePage) {
- this.prePage = prePage;
- }
- }
- <?xml version="1.0" encoding="UTF-8"?>
- <!DOCTYPE struts PUBLIC
- "-//Apache Software Foundation//DTD Struts Configuration 2.1.7//EN"
- "http://struts.apache.org/dtds/struts-2.1.7.dtd">
- <struts>
- <constant name="struts.custom.i18n.resources" value="globalMessages" />
- <constant name="struts.i18n.encoding" value="UTF-8" />
- <package name="hsinghsu" extends="struts-default">
- <!-- 用户拦截器定义 -->
- <interceptors>
- <interceptor name="userInterceptor" class="com.hsinghsu.test.interceptor.UserInterceptor" />
- </interceptors>
- <!-- 定义全局result -->
- <global-results>
- <result name="login">/jsp/login.jsp</result>
- </global-results>
- <action name="loginPro" class="com.hsinghsu.test.action.LoginAction">
- <result name="success" type="redirectAction">${prePage}</result>
- <result name="input">/jsp/login.jsp</result>
- <result name="usercenter">/jsp/userCenter.jsp</result>
- </action>
- <action name="productList">
- <result name="success">/jsp/productList.jsp</result>
- <interceptor-ref name="defaultStack" /> <!-- 默认拦截器 -->
- <interceptor-ref name="userInterceptor" /> <!-- 应用自定义拦截器 -->
- </action>
- </package>
- </struts>
- <%@ page contentType="text/html; charset=utf-8" language="java"
- errorPage=""%>
- <%@ taglib prefix="s" uri="/struts-tags"%>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>登录页面</title>
- </head>
- <body>
- <h3>用户登录</h3>
- ${tip}
- <s:form action="loginPro">
- <s:textfield name="username" label="用户名" />
- <s:password name="password" label="密码" />
- <s:submit value="登录" />
- </s:form>
- </body>
- </html>
- <%@ page contentType="text/html; charset=utf-8" language="java"
- errorPage=""%>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>产品列表</title>
- </head>
- <body>
- <h2>水果:</h2>
- 苹果<br/> 橘子<br/> 香蕉<br/>
- </body>
- </html>
- <%@ page contentType="text/html; charset=utf-8" language="java"
- errorPage=""%>
- <%@ taglib prefix="s" uri="/struts-tags"%>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>成功页面</title>
- </head>
- <body>个人用户中心,您已经登录!
- </body>
- </html>
情形一:若用户未登录,输入http://localhost:8686/testInterceptor/productList.action
则系统会自动跳转到login.jsp页面,进行用户登录,登录后系统会自动跳到productList.jsp前台展现页面。
情形二:若用户已登录,输入http://localhost:8686/testInterceptor/productList.action
则系统直接跳转到productList.jsp前台展现页面。
情形三:若用户未登录,输入http://localhost:8686/testInterceptor/testInterceptor/loginPro.action
则系统会自动跳转到login.jsp页面,进行用户登录,登录后系统会自动跳到userCenter.jsp前台展现页面。
4503
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
