1、 http://localhost:8083/struts2/user.jsp  表示用户已登陆,存放session对象
2、 http://localhost:8083/struts2/quit.jsp  表示用户已退出,移除session对象
3、 http://localhost:8083/struts2/login/addUIHelloWorld.do   如果session存在则往下执行,否则提示“你没有权限执行该操作”
4、 http://localhost:8083/struts2/login/executeHelloWorld.do   如果session存在则往下执行,否则提示“你没有权限执行该操作”
   
代码
user.jsp页面 
 
    
 
     <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> 
     
 
     <% 
     
 request.getSession().setAttribute( 
     "user", "ljq" 
     );
%> 
     

 用户已经登录 
    
 
   
 
   
 
                  
   
 
   
 
    quit.jsp页面 
   
 
   
 
    
 
    
 
     <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> 
     
 
     <% 
     
 request.getSession().removeAttribute( 
     "user" 
     );
%> 
     

 用户已经退出登录 
    
 
   
 
   
 
                    
   
 
   
 
    Action类 
   
 
   
 
    
 
    
 
     package 
      com.ljq.action;

public class 
      HelloWorldAction {
private 
      String message;

public 
      String addUI() {
this.message = "addUI" 
     ;
return "success" 
     ;
 }

public String execute() throws 
      Exception {
this.message = "execute" 
     ;
return "success" 
     ;
 }

public 
      String getMessage() {
return 
      message;
 }

public void 
      setMessage(String message) {
this.message = 
      message;
 }
} 
    
 
   
 
   
 
                       
   
 
   
 
    权限类 
   
 
   
 
    
 
    
 
     package 
      com.ljq.interceptor;

import 
      com.opensymphony.xwork2.ActionContext;
import 
      com.opensymphony.xwork2.ActionInvocation;
import 
      com.opensymphony.xwork2.interceptor.Interceptor;

/** 
     
 * 限制没有登录的用户进入访问页面
 * 
 *  
     @author 
      jiqinlin
 *
*/ 
     
@SuppressWarnings( 
     "serial" 
     )
public class PermissionInterceptor implements 
      Interceptor {

public void 
      destroy() {
 }

public void 
      init() {
 }

public String intercept(ActionInvocation invocation) throws 
      Exception {
 Object user = ActionContext.getContext().getSession().get("user" 
     );
// 如果user不为null,代表用户已经登录,允许执行action中的方法 
     
 
      if (user != null 
     ){
return 
      invocation.invoke(); 
 }
 ActionContext.getContext().put("message", "你没有权限执行该操作" 
     );
return "success" 
     ;
 }

} 
    
 
   
 
   
 
            
   
 
   
 
    struts.xml配置文件 
   
 
   
 
    
 
    
 
     <?xml version="1.0" encoding="UTF-8" ?> 
     
 
     <! 
     DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN" 
     
  
     "http://struts.apache.org/dtds/struts-2.0.dtd"> 
     

 
     <struts> 
     
  
     <constant name="struts.i18n.encoding" value="UTF-8" /> 
     
  
     <constant name="struts.enable.DynamicMethodInvocation" value="false" /> 
     
  
     <constant name="struts.action.extension" value="do" /> 
     

  
     <package name="login" namespace="/login" extends="struts-default"> 
     
  
     <interceptors> 
     
  
     <!-- 自定义拦截器 --> 
     
  
     <interceptor name="permission" class="com.ljq.interceptor.PermissionInterceptor" /> 
     
  
     <!-- 配制默许的拦截器到拦截器栈 --> 
     
  
     <interceptor-stack name="permissionStack"> 
     
  
     <!-- 此处先后顺序好像没影响哦,我尝试过是没影响的 --> 
     
  
     <interceptor-ref name="permission" /> 
     
  
     <interceptor-ref name="defaultStack" /> 
     
  
     </interceptor-stack> 
     
  
     </interceptors> 
     
  
     <!-- 配置默认的拦截器 --> 
     
  
     <default-interceptor-ref name="permissionStack" /> 
     
  
     <!-- 全局变量 --> 
     
  
     <global-results> 
     
  
     <result name="success">/WEB-INF/page/message.jsp</result> 
     
  
     </global-results> 
     
  
     <action name="*HelloWorld" class="com.ljq.action.HelloWorldAction" 
     
 method 
     ="{1}"> 
     
  
     <!-- <interceptor-ref name="permissionStack" /> --> 
     
  
     </action> 
     
  
     </package> 
     

 
     </struts>