一、用户登录
思路:jsp实现表单提交,action用模型驱动的方式接收数据,在数据库查找有没有与之匹配的记录,若没有,回到登录界面(并将用户填的数据回显,并给出错误提示),若有,进入首页,显示用户名
1、jsp页面
<form action="${pageContext.request.contextPath }/loginAction_login.action" method="post">
账号:<input type="text" name="account" value="${user.user_name }" /><br>
密码:<input type="password" name="password" /><br>
<input type="submit" value="登录">
</form>
2、action
public class LoginAction extends ActionSupport implements ModelDriven<User> {
private User user = new User();
UserService service = new UserService();
public String login() {
List<User> list = service.login(user);
if (list.size()==0) {
this.addActionError("您输入的信息有误!");
ServletActionContext.getRequest().getSession().setAttribute("user", user);
return LOGIN;
}else {
ServletActionContext.getRequest().getSession().setAttribute("user", list.get(0));
return SUCCESS;
}
}
@Override
public User getModel() {
return user;
}
}
3、配置struts2.xml
<package name="package1" extends="struts-default" namespace="/">
<action name="loginAction_*" class="com.wasion.web.action.LoginAction" method="{1}">
<result name="success" type="redirect">/index.jsp</result>
<result name="login">/login.jsp</result>
</action>
</package>
4、service及dao层实现
public class UserService {
UserDao dao = new UserDao();
public List<User> login(User user) {
return dao.login(user);
}
}
public List<User> login(User user) {
Session session = HibernateUtils.openSession();
Transaction ts = session.beginTransaction();
Query query = session.createQuery("from User where user_name=? and user_password=? and user_code=?");
query.setParameter(0, user.getUser_name());
query.setParameter(1, user.getUser_password());
query.setParameter(2, user.getUser_code());
List<User> list = query.list();
ts.commit();
session.close();
return list;
}
效果:
失败>>
成功>>
二、登录拦截
1、编写拦截器(继承MethodFilterInterceptor类)
public class LoginInterceptor extends MethodFilterInterceptor {
@Override
protected String doIntercept(ActionInvocation invocation) throws Exception {
User user = (User) ServletActionContext.getRequest().getSession().getAttribute("user");
if (user == null) {
// 未登录
ActionSupport actionSupport = (ActionSupport) invocation.getAction();
actionSupport.addActionError("您没有权限,请先登录!");
return actionSupport.LOGIN;
}else {
// 已经登录
return invocation.invoke();
}
}
}
2、添加配置文件
<package name="package1" extends="struts-default" namespace="/">
<!-- 拦截器声明 -->
<interceptors>
<interceptor name="LoginInterceptor" class="com.wasion.web.interceptor.LoginInterceptor"></interceptor>
</interceptors>
<global-results>
<result name="login">/login.jsp</result>
</global-results>
<action name="customerAction_*" class="com.wasion.web.action.CustomerAction" method="{1}">
<result name="success">/success.jsp</result>
<result name="find_success">/jsp/customer/list.jsp</result>
<result name="findIdSuccess">/jsp/customer/edit.jsp</result>
<!-- 配置拦截器 -->
<interceptor-ref name="defaultStack"></interceptor-ref>
<interceptor-ref name="LoginInterceptor"></interceptor-ref>
</action>
<action name="loginAction_*" class="com.wasion.web.action.LoginAction" method="{1}">
<result name="success" type="redirect">/index.jsp</result>
<!-- 配置拦截器 -->
<interceptor-ref name="defaultStack"></interceptor-ref>
<interceptor-ref name="LoginInterceptor">
<param name="excludeMethods">login</param>
</interceptor-ref>
</action>
</package>
有一个问题,当我们在这个页面点击登录后,会产生页面嵌套的效果,只要在login.jsp表单提交的form中修改一个属性即可
<form action="${pageContext.request.contextPath }/loginAction_login.action" method="post" target="_parent">