1.Struts配置文件
<?xml version="1.0" encoding="GBK"?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
<!-- 国际化信息配置文件,resource.properties包下的message_info.properties和message_error.properties文件 -->
<constant name="struts.custom.i18n.resources" value="resource.properties.message_error,resource.properties.message_info"></constant>
<constant name="struts.i18n.encoding" value="UTF-8"></constant>
<constant name="struts.objectFactory" value="spring"></constant>
<!-- Configuration for the default package. -->
<package name="TJStruts-default" extends="struts-default">
<interceptors>
<!-- session超时拦截 -->
<interceptor name="sessionInterceptor"
class="**.interceptor.SessionInterceptor">
</interceptor>
<!-- 异常日志拦截 -->
<interceptor name="exceptionLogIntercepter"
class="**.interceptor.ExceptionLogIntercepter">
</interceptor>
<!-- url权限拦截 -->
<interceptor name="urlAccessInterceptor"
class="**.interceptor.UrlAccessInterceptor">
</interceptor>
<interceptor-stack name="defaultInteceptorStack">
<interceptor-ref name="exceptionLogIntercepter" />
<interceptor-ref name="sessionInterceptor"/>
<!-- 配置需要进行权限控制的action或模块菜单 -->
<interceptor-ref name="urlAccessInterceptor">
<param name="action">/*/*.action,/*/*.action</param>
</interceptor-ref>
<interceptor-ref name="defaultStack" />
</interceptor-stack>
</interceptors>
<default-interceptor-ref name="defaultInteceptorStack" />
<global-results>
<!-- 出错页面跳转 -->
<result name="error">/error.jsp</result>
<!-- 成功页面跳转 -->
<result name="success">/success.jsp</result>
<!-- session超时页面跳转 -->
<result name="sessionTimeout">/sessionTimeout.jsp</result>
<!-- action返回json格式数据的配置 -->
<result name="response-json" type="stream">
<param name="contentType">text/html</param>
<param name="bufferSize">1024</param>
<param name="allowCaching">false</param>
</result>
</global-results>
</package>
<!-- 首页 -->
<!-- 引入其他action配置文件 -->
<include file="**action.xml"></include>
<include file="**action.xml"></include>
</struts>
2.SessionInterceptor超时拦截类
/**
* <p>Description:session超时拦截</p>
*/
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.struts2.StrutsStatics;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
public class SessionInterceptor extends AbstractInterceptor {
private static final long serialVersionUID = 1L;
@Override
public String intercept(ActionInvocation ai) throws Exception {
ActionContext actionContext = ai.getInvocationContext();
//HttpServletResponse response = (HttpServletResponse) actionContext.get(StrutsStatics.HTTP_RESPONSE);
HttpServletRequest request = (HttpServletRequest) actionContext.get(StrutsStatics.HTTP_REQUEST);
HttpSession session = request.getSession();
String path = request.getContextPath();
String uri = request.getRequestURI();
//如果是登录或注销,则不进行判断
String loginAction = path+"/login_action";
String loginoutAction = path+"/loginout.action";
if(uri.startsWith(loginAction) || uri.startsWith(loginoutAction)){
ai.invoke();
}
//session为空 或 登陆用户信息为空
boolean empty = (session==null || session.getAttribute("LOGIN_USER_INFO")==null);
if(empty){
return "sessionTimeout";
}
return ai.invoke();
}
}
注: 权限拦截类和session超时拦截类类似。