struts2拦截器
定义登录拦截器
1. struts.xml配置拦截器,在package包中
<!-- 拦截器 -->
<interceptors>
<!-- 定义拦截器 -->
<interceptor name="myInterceptor" class="com.newbeedaly.interceptor.MyInterceptor"></interceptor>
<interceptor name="loginInterceptor" class="com.newbeedaly.interceptor.LoginInterceptor"></interceptor>
<!-- 拦截器栈 -->
<interceptor-stack name="myStack">
<interceptor-ref name="loginInterceptor"></interceptor-ref>
<interceptor-ref name="defaultStack"></interceptor-ref>
</interceptor-stack>
</interceptors>
<!-- 引用拦截器 -->
<default-interceptor-ref name="myStack"></default-interceptor-ref>
2.编写拦截器LoginInterceptor.java
package com.newbeedaly.interceptor;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.struts2.ServletActionContext;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.Interceptor;
public class LoginInterceptor implements Interceptor{
@Override
public void destroy() {
// TODO Auto-generated method stub
System.out.println("LoginInterceptor销毁");
}
@Override
public void init() {
// TODO Auto-generated method stub
System.out.println("LoginInterceptor初始化");
}
@Override
public String intercept(ActionInvocation invocation) throws Exception {
System.out.println("在Action执行之前");
ActionContext actionContext=invocation.getInvocationContext();
Map<String, Object> session=actionContext.getSession();
Object currentUser=session.get("currentUser");
String result=null;
if(currentUser!=null){
result=invocation.invoke();
}else{
HttpServletRequest request=(HttpServletRequest)invocation.getInvocationContext().get(ServletActionContext.HTTP_REQUEST);
request.setAttribute("error", "请先登录!");
result="error";// 返回错误页面,也可以返回登录页面
}
System.out.println("result:"+result);
System.out.println("在Action执行之后");
return result;
}
}
3.编写非法字符拦截器IllegalCharacterInterceptor类,struts目前未引用。
package com.newbeedaly.interceptor;
import java.util.Iterator;
import java.util.Map;
import java.util.Map.Entry;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import com.opensymphony.xwork2.util.ValueStack;
public class IllegalCharacterInterceptor extends AbstractInterceptor {
private static final long serialVersionUID = 1L;
@Override
public String intercept(ActionInvocation invocation) throws Exception {
// 通过核心调度器invocation来获得调度的Action上下文
ActionContext actionContext = invocation.getInvocationContext();
// 获取Action上下文的值栈
ValueStack stack = actionContext.getValueStack();
// 获取上下文的请求参数
Map valueTreeMap = actionContext.getParameters();
// 获得请求参数集合的迭代器
Iterator iterator = valueTreeMap.entrySet().iterator();
// 遍历组装请求参数
while (iterator.hasNext()) {
// 获得迭代的键值对
Entry entry = (Entry) iterator.next();
// 获得键值对中的键值
String key = (String) entry.getKey();
// 原请求参数,因为有可能一键对多值所以这里用的String[]
String[] oldValues = null;
// 对参数值转换成String类型的
if (entry.getValue() instanceof String) {
oldValues = new String[] { entry.getValue().toString() };
} else {
oldValues = (String[]) entry.getValue();
}
// 处理后的请求参数
String[] newValueStr = new String[oldValues.length];
// 对请求参数过滤处理
if (oldValues.length >= 1) {
for (int i = 0; i < oldValues.length; i++) {
// 替换掉非法参数,这里只替换掉了',如有其他需求,可以专门写一个处理字符的类
newValueStr[i] = oldValues[i].toString().replace("'", "‘").replace("\"", "“").replace("<", "<").replace(">", ">").replace("script", "");
}
} else {
newValueStr = null;
}
// 处理后的请求参数加入值栈中
stack.setValue(key, newValueStr);
}
String result = null;
try {
// 调用下一个拦截器,如果拦截器不存在,则执行Action
result = invocation.invoke();
} catch (Exception e) {
e.printStackTrace();
}
return result;
}
}