拦截器:
- 访问Action的时候才能启动拦截器,访问其他资源不行
- 在Action访问过程中,必须使用拦截器
- 拦截器分为系统拦截器和用户自定义拦截器
访问ServletAPI:
- 解耦合的方式访问ServletAP(2种)
- 耦合的方式访问ServletAP(2种)
示例解耦合:
- 解耦合一,Action继承ActionSupport
public class FirstAction extends ActionSupport {
private Map<String,Object> request;
private Map<String,Object> session;
private Map<String,Object> application;
public String execute() throws Exception{
System.out.println("in FirstAction method execute()");
ActionContext ac = ActionContext.getContext();
request = (Map<String,Object>)ac.get("request");
request.put("one","11");
session = ac.getSession();
session.put("two", "小青");
application = ac.getApplication();
application.put("three", "老大");
return "success";
}
}
2. 解耦合二,Action继承ActionSupport并实现RequestAware,SessionAware,ApplicationAware
public class SecondAction extends ActionSupport implements RequestAware,SessionAware,ApplicationAware{
private Map<String,Object> request;
private Map<String,Object> session;
private Map<String,Object> application;
@Override
public void setApplication(Map<String, Object> application) {
// TODO Auto-generated method stub
this.application=application;
}
@Override
public void setSession(Map<String, Object> session) {
// TODO Auto-generated method stub
this.session=session;
}
@Override
public void setRequest(Map<String, Object> request) {
// TODO Auto-generated method stub
this.request=request;
}
//解耦合的方式
public String execute() throws Exception{
System.out.println("in SecondAction method execute()");
request.put("one", "苹果");
session.put("two", "橘子");
application.put("three", "西瓜");
return "success";
}
}
示例耦合:
- 耦合一,Action继承ActionSupport
public class ThreeAction extends ActionSupport {
private HttpServletRequest request;
private HttpSession session;
private ServletContext application;
public String execute() throws Exception{
System.out.println("in ThreeAction method: execute()");
request = ServletActionContext.getRequest();
String userName = request.getParameter("userName");
System.out.println(userName);
request.setAttribute("one", userName);
session = request.getSession();
session.setAttribute("two", "雪碧");
application = ServletActionContext.getServletContext();
application.setAttribute("three", "可乐");
return "success";
}
}
2. 耦合二,Action继承ActionSupport,并实现ServletRequestAware,ServletContextAware
public class FourAction extends ActionSupport implements ServletRequestAware,ServletContextAware {
private HttpServletRequest request;
private HttpSession session;
private ServletContext application;
@Override
public void setServletContext(ServletContext application) {
// TODO Auto-generated method stub
this.application=application;
}
@Override
public void setServletRequest(HttpServletRequest request) {
// TODO Auto-generated method stub
this.request=request;
}
public String execute() throws Exception{
System.out.println("in ThreeAction method: execute()");
request.setAttribute("one", "红酒");
session = request.getSession();
session.setAttribute("two", "白酒");
application.setAttribute("three", "黄酒");
return "success";
}
}
学习拦截器和访问ServletAPI后,做了一个demo
描述:
1. 管理员登录系统可以查看机密信息
2. 查看机密信息必须先登录
3. 普通用户不能进入系统
4. 黑名单中的人不能进入系统
管理员:susu
黑名单:Tom
普通用户:初susu之外的用户
示例代码:
- UserLoginAction用来检测是否为管理员
**UserLoginAction.java**
public class UserLoginAction extends ActionSupport {
private String userName;
private String userPwd;
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
this.userName = userName;
}
public String getUserPwd() {
return userPwd;
}
public void setUserPwd(String userPwd) {
this.userPwd = userPwd;
}
public String execute() throws Exception{
System.out.println("in execute()!!!");
String flag = "input";
if(userName.equals("susu")&&userPwd.equals("1111")){
ActionContext.getContext().getSession().put("userName", userName);
flag = "success";
}else{
ActionContext.getContext().getSession().put("message", "用户名或密码错误!");
}
return flag;
}
public String checkInter() throws Exception{
System.out.println("in checkInter()");
return "success";
}
}
2. BlackListInterceptor黑名单拦截器,拦截黑名单中的人进入系统
**BlackListInterceptor.java**
public class BlackListInterceptor extends AbstractInterceptor {
private HttpServletRequest request;
@Override
public String intercept(ActionInvocation invo) throws Exception {
// TODO Auto-generated method stub
System.out.println("in BlackListInterceptor");
request = ServletActionContext.getRequest();
String strName = request.getParameter("userName");
if(strName.equals("Tom")){
return "error";
}else{
return invo.invoke();
}
}
}
3. CheckSecretInterceptor机密信息拦截器,判断登录用户是否为管理员
**CheckSecretInterceptor.java**
public class CheckSecretInterceptor extends AbstractInterceptor {
@Override
public String intercept(ActionInvocation acvo) throws Exception {
// TODO Auto-generated method stub
System.out.println("拦截器开始执行");
Object obj = ActionContext.getContext().getSession().get("userName");
String strName = obj != null ?obj.toString():"";
if(strName.equals("susu")){
String result = acvo.invoke();
System.out.println("拦截器结束执行");
return result;
}else{
System.out.println("拦截器结束执行");
ActionContext.getContext().getSession().put("message", "还未登录,不能访问机密信息");
return "input";
}
}
}
4. struts.xml中的配置
<interceptors>
<interceptor name="checklogin" class="com.su.web.interceptor.CheckSecretInterceptor"></interceptor>
<interceptor name="errorInter" class="com.su.web.interceptor.BlackListInterceptor"></interceptor>
</interceptors>
<!-- *************黑名单拒绝进入,只有特定用户才能查看机密信息************** -->
<action name="login" class="com.su.web.action.UserLoginAction">
<interceptor-ref name="defaultStack"></interceptor-ref>
<interceptor-ref name="errorInter"></interceptor-ref>
<result type="dispatcher" name="input">/login.jsp</result>
<result type="dispatcher" name="success">/success.jsp</result>
<result type="redirect" name="error">/errorname.jsp</result>
</action>
<action name="secret" class="com.su.web.action.UserLoginAction" method="checkInter">
<interceptor-ref name="checklogin"></interceptor-ref>
<!-- defaultStack把表单元素提交到get,set,方法 -->
<interceptor-ref name="defaultStack"></interceptor-ref>
<result type="dispatcher" name="success">/secret.jsp</result>
<result type="dispatcher" name="input">/login.jsp</result>
</action>
<!-- **************************************************************-->
<!-- 先执行拦截器,在拦截器中再判断是否需要执行action中的方法,最后根据返回结果,跳转指定页面 -->
5. 登录界面,填写登录信息,用户名和密码login.jsp
<body>
<form action="login" method="post">
用户名:<input type="text" name="userName"><br>
密码:<input type="password" name="userPwd"><br>
<span style="color: red">${message }</span>
<input type="submit" value="提交">
</form>
</body>
6. 登陆成功页面显示管理员姓名和机密信息超链接success.jsp
<body>
User:${userName}<br>
You are successful! <br>
So,you can look <a href="secret.action">The Sercet Message</a>
</body>
7. 机密信息页面secret.jsp
<body>
This is a secret Page! <br>
But,you must keep secret!!!
</body>
8. `黑名单中的人登陆,显示的页面errorname.jsp
<body>
Sorry!you are in the BlackList!
</body>
运行结果:
- 管理员登录:
- 管理员登录成功:
- 管理员查看机密信息
- 非管理员登陆,提示错误信息
- 黑名单中的人登录,显示errorname.jsp页面
到此完结!O(∩_∩)O谢谢
Author:su1573