在服务器启动的时候,会根据struts.xml中的配置加载 这里是Interceptor 它还有个AbstractInterceptor实现类,这里面init()和destroy()都是空实现,不许要打开资源的话可以直接继承这个类
其中init和destroy方法只在拦截器加载和释放(都由Struts2自身处理)时执行一次。而intercept方法在每次访问动作时都会被调用。Struts2在调用拦截器时,每个拦截器类只有一个对象实例,而所有引用这个拦截器的动作都共享这一个拦截器类的对象实例,因此,在实现Interceptor接口的类中如果使用类变量,要注意同步问题。类变量公用的。
说到这里了,直接谈谈拦截器。
拦截器完成struts70%的工作。从网上摘了一个权限控制的。过滤没有权限的用户不能直接输入地址查看网页
struts.xml
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
<include file="struts-default.xml" />
<!-- 定义含“权限检查拦截器”的包,供其他模块引用 -->
<package name="struts-default-with-auth-check" extends="struts-default">
<interceptors>
<!-- 定义“权限检查拦截器” -->
<interceptor name="authCheck"
class="interceptor.AuthCheckInterceptor">
</interceptor>
<!-- 定义含“权限检查拦截器”的拦截器栈,注意缺省的拦截器栈“defaultStack”要放在前面 -->
<interceptor-stack name="myStack">
<interceptor-ref name="defaultStack" />
<interceptor-ref name="authCheck"></interceptor-ref>
</interceptor-stack>
</interceptors>
<!-- 正式应用可能含很多package,为了能从其他package中跳转到登录页面,把登录页面定义成全局result -->
<default-interceptor-ref name="myStack"></default-interceptor-ref>
<global-results>
<result name="globalLogin">login.jsp</result>
</global-results>
</package>
<!-- 注意package的extends属性,系统中只有“登录/注销”操作不需要检查权限 -->
<package name="p1" extends="struts-default">
<!-- 登录 -->
<action name="login" class="action.LoginAction">
<result>welcome.jsp</result>
<result name="input">login.jsp</result>
</action>
<!-- 注销 -->
<action name="logout" class="action.LogoutAction">
<result>login.jsp</result>
</action>
</package>
<package name="p2" extends="struts-default-with-auth-check">
<!-- 试图未经过登录,直接访问welcome页面,测试用 -->
<action name="welcome" class="action.WelcomeAction">
<result>welcome.jsp</result>
</action>
</package>
LoginAction.java package action;
import java.util.Date;
import java.util.Map;
import bean.LoginedUser;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionSupport;
@ SuppressWarnings ( "unchecked" )
public class LoginAction extends ActionSupport ...{
private String name;
private static final long serialVersionUID = -2907891170345505600L;
@ Override
public String execute() throws Exception ...{
Map session = ActionContext.getContext().getSession();
LoginedUser user = new LoginedUser();
user.setName(name);
user.setLoginTime(new Date());
if (name.startsWith("U_")) ...{//假设用户名以"U_"开头才是合法的
session.put("USER_INFO", user);//只有此处会向session里面加入key=“USER_INFO”的对象
return SUCCESS;
} else ...{
addFieldError("name", "name is invalid.");
return INPUT;
}
}
public void validate() ...{
if (null == name || name.trim().length() < 1) ...{
addFieldError("name", "name is required.");
}
}
public String getName() ...{
return name;
}
public void setName(String name) ...{
this.name = name;
}
}
LogoutAction.java package action;
import java.util.Map;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionSupport;
@ SuppressWarnings ( "unchecked" )
public class LogoutAction extends ActionSupport ...{
private static final long serialVersionUID = -2907891170345505600L;
@ Override
public String execute() throws Exception ...{
Map session = ActionContext.getContext().getSession();
if (null != session.get("USER_INFO")) ...{// 刪除session中key="USER_INFO"的對象
session.remove("USER_INFO");
}
return SUCCESS;//注销完毕,回到登录页面
}
}
WelcomeAction.java package action;
import com.opensymphony.xwork2.ActionSupport;
@ SuppressWarnings ( "unchecked" )
public class WelcomeAction extends ActionSupport ...{
private static final long serialVersionUID = -2907891170345505600L;
@ Override
public String execute() throws Exception ...{
return SUCCESS;
}
}
AuthCheckInterceptor.java package interceptor;
import java.util.Map;
import bean.LoginedUser;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
@ SuppressWarnings ( "unchecked" )
public class AuthCheckInterceptor extends AbstractInterceptor ...{
private static final long serialVersionUID = -4535462154177128320L;
@ Override
public String intercept(ActionInvocation ai) throws Exception ...{
Map session = ActionContext.getContext().getSession();
LoginedUser user = (LoginedUser)session.get("USER_INFO");
if(null==user)...{// 判断session里是否有key="USER_INFO"的对象
return "globalLogin";// 转发到登录页面
}
return ai.invoke();
}
}