前言:大家都知道Struts2的拦截器和Servlet的过滤器类似.但是个人觉得Struts2的拦截器功能上不如Servlet过滤器的强大.
原因有两点: 1、拦截器只能对action进行拦截,而不能拦截JSP页面
2、拦截器只能在表单提交以后发挥作用,而对直接在地址栏上输入的url无法进行拦截.从而导致不能进行完整的身份认证.
在Struts2中我还没有发现能够解决以上两个问题的办法,姑且暂时先用Struts2的拦截器做了一个登陆校验,也不知道怎么样.
我首先创建了一个LoginInterceptor类(Struts2的拦截器类继承于package com.opensymphony.xwork2.interceptor)
===========================================================================
@SuppressWarnings("serial")
public class LoginInterceptor extends AbstractInterceptor {
public static final String USER_SESSION_KEY = "ok";
private UserService userService;
public void setUserService(UserService userService) {
this.userService = userService;
}
@Override
public String intercept(ActionInvocation invocation) throws Exception {
System.out.println("Interceptor成功执行了...");
Object action = invocation.getAction();
if(action instanceof UserLoginAction){
System.out.println("Except UserLoginAction");
return invocation.invoke();
}
ActionContext actionContext = invocation.getInvocationContext();
@SuppressWarnings("unchecked")
Map session = actionContext.getSession();
Users users = (Users) session.get("users");
if(users!=null){
System.out.println("用户"+users.getUname()+"已经登录!");
return invocation.invoke();//合法用户登录 程序正常执行下去...
}else{
System.out.println("没有通过Interceptor..");
return "noCheck";//非法用户登录 强制跳转至登录界面
}
}
}
===========================================================================
初学者可能对AbstractInterceptor并不了解,看看下面的源码吧
===========================================================================
public abstract class AbstractInterceptor implements Interceptor {
/**
* Does nothing
*/
public void init() {
}
/**
* Does nothing
*/
public void destroy() {
}
/**
* Override to handle interception
*/
public abstract String intercept(ActionInvocation invocation) throws Exception;
}
===========================================================================
我们可以清楚看到AbstractInterceptor 实现了Interceptor接口 即我们的自定义拦截器类也继承了Interceptor接口
在Interceptor接口中有如下三个方法需要实现:
void destory();
void init();
String intercept(ActionInvocation invocation) throws Exception; //拦截器的核心方法
在定义好我们的拦截器以后就该考虑如何使用它了 我们可以创建一个UserLoginCheckAction校验用户是否已经登录,如果已登录程序正常执行,否则转入登录界面.
===========================================================================
public class UserLoginCheckAction {
private Users users = new Users();
private UserService userService;
public String UserLoginCheck() {
@SuppressWarnings("unchecked")
Map session = ActionContext.getContext().getSession();
boolean flag = userService.validateLogin(users);//调用后台类,查询数据库
if (flag) {
System.out.println("数据库验证完毕,将合法用户存入session");
session.put("users", users);
return "ok";
} else {
return "error";
}
}
public Users getUsers() {
return users;
}
public void setUsers(Users users) {
this.users = users;
}
public void setUserService(UserService userService) {
this.userService = userService;
}
}
===========================================================================
最后 写好相应的struts.xml配置文件
===========================================================================
<interceptors>
<interceptor name="loginInterceptor" class="com.hcit.interceptor.LoginInterceptor"/>
<interceptor-stack name="loginDefaultStack">
<interceptor-ref name="loginInterceptor"></interceptor-ref>
<interceptor-ref name="defaultStack"></interceptor-ref>
</interceptor-stack>
</interceptors>
<!-- 将拦截器应用于相应的action-->
<action name="userLoginCheckAction" class="com.hcit.interceptor.UserLoginCheckAction" method="UserLogin">
<result name="ok">/interceptor/loginOk.jsp</result>
<result name="error">/interceptor/login.jsp</result>
<interceptor-ref name="loginDefaultStack"></interceptor-ref>
</action>
至此,一个简单的Struts2拦截器的应用就完成啦!~~