首先说明一下,该例子只是说明拦截器如何实现登陆校验,并不符合正常的一些逻辑,2个操作页面,登陆和注册,
要实现的功能,只有登陆的用户才能够在注册页面操作,如果直接访问注册页面点击提交按钮,页面返回到登陆页面。
直接上代码,登陆和注册的Action:
package cn.com.baiwen.action;
import java.util.Map;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionSupport;
public class LoginAction extends ActionSupport{
private static final long serialVersionUID = 1L;
private String username;
private String password;
@Override
public String execute() throws Exception {
if("hello".equals(username) & "world".equals(password)){
//将用户放入到session当中(模拟)
Map<String, Object> session = ActionContext.getContext().getSession();
session.put("user", "valid");
return SUCCESS;
}
return ERROR;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
package cn.com.baiwen.action;
import java.util.Date;
import com.opensymphony.xwork2.ActionSupport;
public class RegisterAction extends ActionSupport {
private static final long serialVersionUID = 1L;
private String username;
private String password;
private String repassword;
private int age;
private Date birthday;
private Date graduation;
@Override
public String execute() throws Exception {
return SUCCESS;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getRepassword() {
return repassword;
}
public void setRepassword(String repassword) {
this.repassword = repassword;
}
public int getAge() {
return age;
}
public void setAge(int age) {
this.age = age;
}
public Date getBirthday() {
return birthday;
}
public void setBirthday(Date birthday) {
this.birthday = birthday;
}
public Date getGraduation() {
return graduation;
}
public void setGraduation(Date graduation) {
this.graduation = graduation;
}
}
JSP页面代码就不展示了,不重要,主要还是介绍一下拦截器,上面loginAction中已经写明,登陆时验证通过只够会存放到session当中信息,那么拦截器就要验证session当中user是否为空,还有我们正常开发,肯定是所有的页面都要做这个验证的,那么拦截器肯定要拦截所有的方法访问,那么怎么判断我是在登陆操作呢,
// 获得访问名称
String actionName = invocation.getInvocationContext().getName();
拦截器代码:
package cn.com.baiwen.interceptor;
import java.util.Map;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
public class AuthInterceptor extends AbstractInterceptor {
private static final long serialVersionUID = 1L;
@Override
public String intercept(ActionInvocation invocation) throws Exception {
// 获得访问名称
String actionName = invocation.getInvocationContext().getName();
Map<String, Object> session = invocation.getInvocationContext()
.getSession();
// 如果session中user为空,则跳转到login
if (!"login".equals(actionName) && session.get("user") == null) {
return Action.LOGIN;
}
return invocation.invoke();
}
}
接下来是配置文件:
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.3//EN"
"http://struts.apache.org/dtds/struts-2.3.dtd">
<struts>
<package name="struts" extends="struts-default">
<!-- 拦截器配置 -->
<interceptors>
<interceptor name="authInterceptor" class="cn.com.baiwen.interceptor.AuthInterceptor"></interceptor>
<interceptor-stack name="myStack">
<interceptor-ref name="authInterceptor"></interceptor-ref>
<interceptor-ref name="defaultStack"></interceptor-ref>
</interceptor-stack>
</interceptors>
<default-interceptor-ref name="myStack"></default-interceptor-ref>
<!-- 全局的结果跳转配置 -->
<global-results>
<result name="login" type="redirect">/login.jsp</result>
</global-results>
<action name="login" class="cn.com.baiwen.action.LoginAction">
<result name="success">/register.jsp</result>
<result name="error">/error.jsp</result>
</action>
<action name="register" class="cn.com.baiwen.action.RegisterAction">
<result name="success">/result.jsp</result>
<result name="input">/register.jsp</result>
</action>
</package>
</struts>