struts都是通过action来请求页面的,所以可以通过全局的拦截器来拦截用户的非法登陆,如果用户知道jsp页面的地址,这种情况基本不会出现,那就需要用过滤器对页面进行过滤拦截了.
这里用拦截器进行拦截.
firtpart.xml:(设定默认的拦截器,每个Action都会默认调用)
1 <?xml version="1.0" encoding="UTF-8"?>
2 <!DOCTYPE struts PUBLIC
3 "-//Apache Software Foundation//DTD Struts Configuration 2.3//EN"
4 "http://struts.apache.org/dtds/struts-2.3.dtd">
5
6 <struts>
7 <package name="test" extends="struts-default" namespace="/test">
8
9 <interceptors>
10 <interceptor name="loginJudge"
11 class="com.sunflower.interceptor.UsrLoginInterceptor">
12 </interceptor>
13
14 <!-- 自定义拦截器栈 -->
15 <interceptor-stack name="myDefaultStack">
16 <interceptor-ref name="loginJudge"></interceptor-ref>
17 <interceptor-ref name="defaultStack"></interceptor-ref>
18 </interceptor-stack>
19 </interceptors>
20
21 <!-- 将自定义拦截器栈设置默认的拦截器 -->
22 <default-interceptor-ref name="myDefaultStack"></default-interceptor-ref>
23
24 <global-results>
25 <result name="login" type="redirect">/login.jsp</result>
26 </global-results>
27
28 <action name="logintest" class="com.sunflower.action.LoginAction">
29 <result name="success" type="redirectAction">
30 <param name="actionName">sayhello</param>
31 <param name="namespace">/test</param>
32 <param name="username">${username}</param>
33 </result>
34 </action>
35
36 <action name="sayhello" class="com.sunflower.action.SayHelloAction">
37 <result name="success">/welcome.jsp</result>
38 <result name="login">/login.jsp</result>
39 </action>
40 </package>
41 </struts>
sturts.xml:(引用firtpart.xml)
1 <?xml version="1.0" encoding="UTF-8"?>
2 <!DOCTYPE struts PUBLIC
3 "-//Apache Software Foundation//DTD Struts Configuration 2.3//EN"
4 "http://struts.apache.org/dtds/struts-2.3.dtd">
5
6
7 <struts>
8 <include file="firtpart.xml"></include>
9 </struts>
UsrLoginInterceptor.java:(拦截器,对所有Action拦截,除了登陆Action)
1 package com.sunflower.interceptor;
2
3 import java.util.Map;
4
5 import com.opensymphony.xwork2.Action;
6 import com.opensymphony.xwork2.ActionInvocation;
7 import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
8 import com.sunflower.action.LoginAction;
9
10 /**
11 * 用户拦截器,每个页面都会用到
12 *
13 * @author hanyuan
14 * @time 2012-6-6 下午12:38:05
15 */
16 public class UsrLoginInterceptor extends AbstractInterceptor {
17
18 /**
19 * 判断用户是否已经登录,如果没有登录,则为非法请求,进行拦截
20 */
21 public String intercept(ActionInvocation arg0) throws Exception {
22 // 判断是否请求为登录界面(login),如果是则不拦截
23 if (LoginAction.class == arg0.getAction().getClass())
24 return arg0.invoke();
25
26
27 // 如果是请求其他页面,进行拦截
28 Map map = arg0.getInvocationContext().getSession();
29 if (null == map.get("username"))
30 return Action.LOGIN;
31
32 return arg0.invoke();
33 }
34
35 }
LoginAction.java:(进行登陆校验)
1 package com.sunflower.action;
2
3 import java.util.Map;
4
5 import com.opensymphony.xwork2.ActionContext;
6 import com.opensymphony.xwork2.ActionSupport;
7 import com.sunflower.util.UserExist;
8
9 public class LoginAction extends ActionSupport {
10 private String username;
11 private String password;
12
13 public String getUsername() {
14 return username;
15 }
16
17 public void setUsername(String username) {
18 this.username = username;
19 }
20
21 public String getPassword() {
22 return password;
23 }
24
25 public void setPassword(String password) {
26 this.password = password;
27 }
28
29 public String execute() throws Exception {
30 // 设置session
31 Map map = ActionContext.getContext().getSession();
32 // 如果用户存在
33 if (UserExist.isExist(username, password)) {
34 if (null == map.get("username"))
35 map.put("username", username);
36 return SUCCESS;
37 }
38
39 return LOGIN;
40 }
41 }
SayHelloAction.java:(转向欢迎界面的action)
1 package com.sunflower.action;
2
3 import com.opensymphony.xwork2.ActionSupport;
4
5 public class SayHelloAction extends ActionSupport {
6 String username;
7
8 public String getUsername() {
9 return username;
10 }
11
12 public void setUsername(String username) {
13 this.username = username;
14 }
15
16 public String execute() throws Exception {
17 return SUCCESS;
18 }
19 }
UserExist.java:(模拟用户校验的类)
1 package com.sunflower.util;
2
3 public class UserExist {
4 //判断用户是否存在
5 public static boolean isExist(String username, String password)
6 {
7 String name = username.trim();
8 String word = password.trim();
9
10 if(name.equals("yuan") && word.equals("123"))
11 return true;
12 return false;
13 }
14 }
login.jsp:
1 <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
2 <%@ taglib prefix="s" uri="/struts-tags"%>
3 <%
4 String path = request.getContextPath();
5 String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
6 %>
7
8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
9 <html>
10 <head>
11 <base href="<%=basePath%>">
12
13 <title>登录界面</title>
14 <meta http-equiv="pragma" content="no-cache">
15 <meta http-equiv="cache-control" content="no-cache">
16 <meta http-equiv="expires" content="0">
17 <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
18 <meta http-equiv="description" content="This is my page">
19 <!--
20 <link rel="stylesheet" type="text/css" href="styles.css">
21 -->
22 </head>
23
24 <body>
25 <center>
26 <font color="bule" size="20">用户登录</font>
27 <br>
28 <s:form action="test/logintest">
29 <s:textfield name="username" label="用户名:" size="20"></s:textfield>
30 <s:textfield name="password" label="密码:" size="20"></s:textfield>
31 <s:submit value="提交"></s:submit>
32 </s:form>
33
34 </center>
35 </body>
36 </html>
welcome.jsp:
1 <%@ page language="java" contentType="text/html; charset=UTF-8"
2 pageEncoding="UTF-8"%>
3 <%@ taglib prefix="s" uri="/struts-tags"%>
4 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
5 <html>
6 <head>
7 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
8 <title>登陆成功</title>
9 </head>
10 <body>
11 <center>
12 <s:property value="username"/>,恭喜你登录成功!
13 </center>
14 </body>
15 </html>
这里用拦截器进行拦截.
firtpart.xml:(设定默认的拦截器,每个Action都会默认调用)
1 <?xml version="1.0" encoding="UTF-8"?>
2 <!DOCTYPE struts PUBLIC
3 "-//Apache Software Foundation//DTD Struts Configuration 2.3//EN"
4 "http://struts.apache.org/dtds/struts-2.3.dtd">
5
6 <struts>
7 <package name="test" extends="struts-default" namespace="/test">
8
9 <interceptors>
10 <interceptor name="loginJudge"
11 class="com.sunflower.interceptor.UsrLoginInterceptor">
12 </interceptor>
13
14 <!-- 自定义拦截器栈 -->
15 <interceptor-stack name="myDefaultStack">
16 <interceptor-ref name="loginJudge"></interceptor-ref>
17 <interceptor-ref name="defaultStack"></interceptor-ref>
18 </interceptor-stack>
19 </interceptors>
20
21 <!-- 将自定义拦截器栈设置默认的拦截器 -->
22 <default-interceptor-ref name="myDefaultStack"></default-interceptor-ref>
23
24 <global-results>
25 <result name="login" type="redirect">/login.jsp</result>
26 </global-results>
27
28 <action name="logintest" class="com.sunflower.action.LoginAction">
29 <result name="success" type="redirectAction">
30 <param name="actionName">sayhello</param>
31 <param name="namespace">/test</param>
32 <param name="username">${username}</param>
33 </result>
34 </action>
35
36 <action name="sayhello" class="com.sunflower.action.SayHelloAction">
37 <result name="success">/welcome.jsp</result>
38 <result name="login">/login.jsp</result>
39 </action>
40 </package>
41 </struts>
sturts.xml:(引用firtpart.xml)
1 <?xml version="1.0" encoding="UTF-8"?>
2 <!DOCTYPE struts PUBLIC
3 "-//Apache Software Foundation//DTD Struts Configuration 2.3//EN"
4 "http://struts.apache.org/dtds/struts-2.3.dtd">
5
6
7 <struts>
8 <include file="firtpart.xml"></include>
9 </struts>
UsrLoginInterceptor.java:(拦截器,对所有Action拦截,除了登陆Action)
1 package com.sunflower.interceptor;
2
3 import java.util.Map;
4
5 import com.opensymphony.xwork2.Action;
6 import com.opensymphony.xwork2.ActionInvocation;
7 import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
8 import com.sunflower.action.LoginAction;
9
10 /**
11 * 用户拦截器,每个页面都会用到
12 *
13 * @author hanyuan
14 * @time 2012-6-6 下午12:38:05
15 */
16 public class UsrLoginInterceptor extends AbstractInterceptor {
17
18 /**
19 * 判断用户是否已经登录,如果没有登录,则为非法请求,进行拦截
20 */
21 public String intercept(ActionInvocation arg0) throws Exception {
22 // 判断是否请求为登录界面(login),如果是则不拦截
23 if (LoginAction.class == arg0.getAction().getClass())
24 return arg0.invoke();
25
26
27 // 如果是请求其他页面,进行拦截
28 Map map = arg0.getInvocationContext().getSession();
29 if (null == map.get("username"))
30 return Action.LOGIN;
31
32 return arg0.invoke();
33 }
34
35 }
LoginAction.java:(进行登陆校验)
1 package com.sunflower.action;
2
3 import java.util.Map;
4
5 import com.opensymphony.xwork2.ActionContext;
6 import com.opensymphony.xwork2.ActionSupport;
7 import com.sunflower.util.UserExist;
8
9 public class LoginAction extends ActionSupport {
10 private String username;
11 private String password;
12
13 public String getUsername() {
14 return username;
15 }
16
17 public void setUsername(String username) {
18 this.username = username;
19 }
20
21 public String getPassword() {
22 return password;
23 }
24
25 public void setPassword(String password) {
26 this.password = password;
27 }
28
29 public String execute() throws Exception {
30 // 设置session
31 Map map = ActionContext.getContext().getSession();
32 // 如果用户存在
33 if (UserExist.isExist(username, password)) {
34 if (null == map.get("username"))
35 map.put("username", username);
36 return SUCCESS;
37 }
38
39 return LOGIN;
40 }
41 }
SayHelloAction.java:(转向欢迎界面的action)
1 package com.sunflower.action;
2
3 import com.opensymphony.xwork2.ActionSupport;
4
5 public class SayHelloAction extends ActionSupport {
6 String username;
7
8 public String getUsername() {
9 return username;
10 }
11
12 public void setUsername(String username) {
13 this.username = username;
14 }
15
16 public String execute() throws Exception {
17 return SUCCESS;
18 }
19 }
UserExist.java:(模拟用户校验的类)
1 package com.sunflower.util;
2
3 public class UserExist {
4 //判断用户是否存在
5 public static boolean isExist(String username, String password)
6 {
7 String name = username.trim();
8 String word = password.trim();
9
10 if(name.equals("yuan") && word.equals("123"))
11 return true;
12 return false;
13 }
14 }
login.jsp:
1 <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
2 <%@ taglib prefix="s" uri="/struts-tags"%>
3 <%
4 String path = request.getContextPath();
5 String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/";
6 %>
7
8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
9 <html>
10 <head>
11 <base href="<%=basePath%>">
12
13 <title>登录界面</title>
14 <meta http-equiv="pragma" content="no-cache">
15 <meta http-equiv="cache-control" content="no-cache">
16 <meta http-equiv="expires" content="0">
17 <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
18 <meta http-equiv="description" content="This is my page">
19 <!--
20 <link rel="stylesheet" type="text/css" href="styles.css">
21 -->
22 </head>
23
24 <body>
25 <center>
26 <font color="bule" size="20">用户登录</font>
27 <br>
28 <s:form action="test/logintest">
29 <s:textfield name="username" label="用户名:" size="20"></s:textfield>
30 <s:textfield name="password" label="密码:" size="20"></s:textfield>
31 <s:submit value="提交"></s:submit>
32 </s:form>
33
34 </center>
35 </body>
36 </html>
welcome.jsp:
1 <%@ page language="java" contentType="text/html; charset=UTF-8"
2 pageEncoding="UTF-8"%>
3 <%@ taglib prefix="s" uri="/struts-tags"%>
4 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
5 <html>
6 <head>
7 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
8 <title>登陆成功</title>
9 </head>
10 <body>
11 <center>
12 <s:property value="username"/>,恭喜你登录成功!
13 </center>
14 </body>
15 </html>
251
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
