自定义拦截器
package com.fsti.ssh.interceptor;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
/**
* 权限控制
*
* @author deniro
*/
public class AuthorityInterceptor extends AbstractInterceptor{
/**
*
*/
private static final long serialVersionUID = 1L;
@SuppressWarnings("rawtypes")
@Override
public String intercept(ActionInvocation invocation) throws Exception {
ActionContext ctx=invocation.getInvocationContext();
Map session=ctx.getSession();
//判断是否登录,若未登录,则返回登录页面
String user=(String)session.get("user");
if(StringUtils.equals("manager", user)){
return invocation.invoke();
}
return Action.LOGIN;
}
}
struts2配置文件
配置不同的包,基本配置为base;需要权限控制的包配置为authority
<!-- 基本配置 -->
<package name="base" extends="struts-default">
<!-- 配置默认Action【当用户请求找不到处理类时,使用该Action】 -->
<default-action-ref name="defaultAction"></default-action-ref>
<!-- 定义全局结果 -->
<global-results>
<result name="login">login.jsp</result>
<result name="error">/WEB-INF/content/error.jsp</result>
</global-results>
<!-- 默认处理的Action -->
<action name="defaultAction" class="com.fsti.ssh.action.BaseAction">
</action>
</package>
<!-- 包含权限配置 -->
<package name="authority" extends="base">
<interceptors>
<!-- 权限检查拦截器 -->
<interceptor name="authority" class="com.fsti.ssh.interceptor.AuthorityInterceptor"></interceptor>
<interceptor-stack name="authorityStack">
<interceptor-ref name="defaultStack"/>
<interceptor-ref name="authority"/>
</interceptor-stack>
</interceptors>
<!-- 默认拦截器栈 -->
<default-interceptor-ref name="authorityStack"/>
</package>
基本action
不需要权限控制的action,都继承该类
/**
*
* Copyright (C) 2009-2011 Fsti Inc.
*
*/
package com.fsti.ssh.action;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts2.convention.annotation.ParentPackage;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
import org.apache.struts2.interceptor.SessionAware;
import com.fsti.ssh.utils.JsonBinder;
import com.opensymphony.xwork2.ActionSupport;
/**
* 基础 Action
*
* @author Song Qing
*
*/
@ParentPackage("base") //继承基本配置
public class BaseAction extends ActionSupport implements ServletRequestAware,
ServletResponseAware, SessionAware {
private static final long serialVersionUID = 1L;
HttpServletRequest request;
HttpServletResponse response;
protected Map<String, Object> session;
protected static JsonBinder binder = JsonBinder.buildNormalBinder();
protected static JsonBinder notNullBinder = JsonBinder.buildNotNullBinder();
@Override
public void setServletResponse(HttpServletResponse response) {
this.response = response;
}
@Override
public void setServletRequest(HttpServletRequest request) {
this.request = request;
}
@Override
public void setSession(Map<String, Object> session) {
this.session = session;
}
/**
* 获取绝对路径
* @return
*/
public String getRealPath() {
//return request.getServletContext().getRealPath("");
return request.getSession().getServletContext().getRealPath("");
}
/**
* 获取相对路径
* @return
*/
public String getRelativePath() {
return request.getServletContext().getContextPath();
}
}
权限action
需要权限控制的action,都继承该类package com.fsti.ssh.action;
import org.apache.struts2.convention.annotation.ParentPackage;
/**
* 包含权限判断
*
* @author deniro
*/
@ParentPackage("authority")
public class AuthorityAction extends BaseAction{
/**
*
*/
private static final long serialVersionUID = 1L;
}
登陆Action
package com.fsti.ssh.action;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import com.fsti.ssh.utils.JsonUtils;
import com.opensymphony.xwork2.Action;
/**
* 登录
*
* @author deniro
*/
public class LoginAction extends BaseAction {
/**
*
*/
private static final long serialVersionUID = 1L;
static Logger log = Logger.getLogger(LoginAction.class);
/**
* 用户Session名称
*/
public static final String USER_SESSION_NAME = "user";
/**
* 登出
*
* @return
*/
public String logOut() {
session.clear();
return Action.LOGIN;
}
/**
* 登录
*
* @return
*/
public String login() {
String account = request.getParameter("account");
String password = request.getParameter("password");
log.info("password:"+password);
if(StringUtils.equals("manager", account)){
JsonUtils.write(response, binder.toJson("result", Action.SUCCESS));
session.put(USER_SESSION_NAME, account);
return null;
}
JsonUtils.write(response, binder.toJson("result", Action.LOGIN));
return null;
}
}
登陆页面:
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>SSH演示平台</title>
<link href="lib/dwz/themes/css/login.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="lib/dwz/js/jquery-1.7.2.min.js"></script>
<script type="text/javascript">
$(document).ready(function(){
//回车后登录
document.onkeydown = function(e){
var ev = document.all ? window.event : e;
if(ev.keyCode==13) {
login();
}
}
//获取Cookies
if( $.cookies.test() ){
$("#userName").val($.cookies.get( 'account'));
}
// $("#userName").val('18900000001');
// $("#password").val('1');
});
//重置
function reset(){
$("#userName").val('');
$("#password").val('');
}
//登录
function login() {
var account=$("#account").val();
if (account == "") {
$("#msg").html("账号不能为空!");
$('#account').focus();
return;
}
var password=$("#password").val();
if ($("#password").val() == "") {
$("#msg").html("密码不能为空!");
$('#password').focus();
return;
}
$.ajax({
type: "POST",
url: "login!login.action",
data: "account="+account+"&password="+password,
dataType: "json",
success: function(data, textStatus){
var tip="登录不成功!";
switch(data.result){
case "login":
tip="账号不存在!";
break;
case "success":
tip="登录成功!";
var indexUrl="forward!dwz.action";
var appPath ="/"+location.pathname.split("/")[1] +"/";
window.location.href =appPath+ indexUrl;
break;
}
$("#msg").html(tip);
},
beforeSend: function(formData, jqForm, options) {
$("#msg").html("正在登录,请稍候...");
},
async: true
});
}
</script>
</head>
<body>
<div id="login">
<div id="login_header">
<h1 class="login_logo">
<a href="#"><img src="lib/dwz/themes/default/images/login_logo.gif" /></a>
</h1>
<div class="login_headerContent">
<div class="navList">
<ul>
<li><a href="#">设为首页</a></li>
<li><a href="#">反馈</a></li>
<li><a href="#" target="_blank">帮助</a></li>
</ul>
</div>
<h2 class="login_title"><img src="lib/dwz/themes/default/images/login_title.png" /></h2>
</div>
</div>
<div id="login_content">
<div class="loginForm">
<form action="index.html">
<p>
<label>账号:</label>
<input type="text" name="account" id="account" size="20" class="login_input" />
</p>
<p>
<label>密码:</label>
<input type="password" name="password" id="password" size="20" class="login_input" />
</p>
<p>
<label>验证码:</label>
<input class="code" type="text" size="5" />
<span><img src="lib/dwz/themes/default/images/header_bg.png" alt="" width="75" height="24" /></span>
</p>
<div class="login_bar">
<input class="sub" type="button" value="" οnclick="login();"/>
</div>
<span id="msg"></span>
</form>
</div>
<div class="login_banner"><img src="lib/dwz/themes/default/images/login_banner.jpg" /></div>
<div class="login_main">
<div class="login_inner">
<p>您可以使用 网易网盘 ,随时存,随地取</p>
<p>您还可以使用 闪电邮 在桌面随时提醒邮件到达,快速收发邮件。</p>
<p>在 百宝箱 里您可以查星座,订机票,看小说,学做菜…</p>
</div>
</div>
</div>
<div id="login_footer">
Copyright © 2009-2013 www.fsti.com Inc. All Rights Reserved.
</div>
</div>
</body>
</html>