一、创建Maven项目
1.Eclipse新建maven项目,File——new——Maven Project
2.勾选simple project(也可以不勾选,后续会麻烦一些)
3.填写项目信息——点击finish
4.修改jdk依赖为本地安装jdk版本,我本地安装的是1.8,所以都修改为1.8
(1)右键项目——properties—java Build Path——JRE System Library(需要先remove掉原来的,再新引入)
(2)右键项目——properties——JavaCompiler——JDK Compliance
(3)maven项目添加web属性(配置动态web模型dynamic web module)右键项目–>Properties–>Project Facets–>空白页面点击Convert–>默认只勾选着java–>勾选Dynamic Web Module显示动态web模型3.0需要1.6及以上的jdk–>将java那项的版本改为1.8–>Apply–>Apply and Close(配置后项目目录如图所示)
5.在porm.xml文件中project标签下添加SSH依赖包和Tomcat编译依赖包,下载需要一段时间
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>zcn</groupId>
<artifactId>TestMaven</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>war</packaging>
<!-- 属性 -->
<properties>
<spring.version>4.2.4.RELEASE</spring.version>
<hibernate.version>5.0.7.Final</hibernate.version>
<struts.version>2.3.24</struts.version>
</properties>
<!-- 锁定版本,struts2-2.3.24、spring4.2.4、hibernate5.0.7 -->
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aspects</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-orm</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-core</artifactId>
<version>${hibernate.version}</version>
</dependency>
<dependency>
<groupId>org.apache.struts</groupId>
<artifactId>struts2-core</artifactId>
<version>${struts.version}</version>
</dependency>
<dependency>
<groupId>org.apache.struts</groupId>
<artifactId>struts2-json-plugin</artifactId>
<version>${struts.version}</version>
</dependency>
<dependency>
<groupId>org.apache.struts</groupId>
<artifactId>struts2-spring-plugin</artifactId>
<version>${struts.version}</version>
</dependency>
</dependencies>
</dependencyManagement>
<!-- 依赖管理 -->
<dependencies>
<!-- spring -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aspects</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-orm</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
</dependency>
<!-- hibernate -->
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-core</artifactId>
</dependency>
<!-- 数据库驱动 -->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.6</version>
<scope>runtime</scope>
</dependency>
<!-- c3p0 -->
<dependency>
<groupId>c3p0</groupId>
<artifactId>c3p0</artifactId>
<version>0.9.1.2</version>
</dependency>
<!-- 导入 struts2 -->
<dependency>
<groupId>org.apache.struts</groupId>
<artifactId>struts2-core</artifactId>
</dependency>
<dependency>
<groupId>org.apache.struts</groupId>
<artifactId>struts2-json-plugin</artifactId>
</dependency>
<dependency>
<groupId>org.apache.struts</groupId>
<artifactId>struts2-spring-plugin</artifactId>
</dependency>
<!-- servlet jsp -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.5</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jsp-api</artifactId>
<version>2.0</version>
<scope>provided</scope>
</dependency>
<!-- 日志 -->
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>1.7.2</version>
</dependency>
<!-- junit -->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.9</version>
<scope>test</scope>
</dependency>
<!-- jstl -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.1.15</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.apache.commons/commons-lang3 -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.4</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.1</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>3.3.1</version>
</plugin>
</plugins>
</build>
</project>
6.在src/main/webapp新建WEB-INF,创建web.xml
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" version="3.1">
<!-- 配置Spring框架核心的监听器 -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<!-- 该路径以webRoot作为根路径 -->
<param-value>/WEB-INF/daoContext.xml,
/WEB-INF/applicationContext.xml</param-value>
</context-param>
<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<welcome-file-list>
<!-- <welcome-file>login.html</welcome-file> -->
<welcome-file>login.html</welcome-file>
</welcome-file-list>
</web-app>
二、SSH鉴权接口搭建
1.创建Service层
package com.zcn.testmaven.service;
import com.zcn.testmaven.vo.User;
public interface UserManager {
/**
* 插入新用户
* @param user
* @return 用户ID
*/
int insertUser(User user);
/**
* 按照姓名来查询用户
* @param principal 用户名
* @return 用户
*/
User findUserByName(String principal);
}
仅为了演示鉴权,所以直接返回,不访问dao层
package com.zcn.testmaven.service.impl;
import com.zcn.testmaven.service.UserManager;
import com.zcn.testmaven.util.Md5;
import com.zcn.testmaven.vo.User;
public class UserManagerImpl implements UserManager{
@Override
public int insertUser(User user) {
// TODO Auto-generated method stub
return 1;
}
@Override
public User findUserByName(String principal) {
// TODO Auto-generated method stub
User user = new User();
user.setName("admin");
user.setPass(Md5.crypt("admin"));
return user;
}
}
2.创建实体类
package com.zcn.testmaven.vo;
public class User {
String name;
String pass;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getPass() {
return pass;
}
public void setPass(String pass) {
this.pass = pass;
}
}
创建action接口返回数据模板类
package com.zcn.testmaven.vo;
public class ResponseTemplate {
private int errorcode;
private String msg;
private Object data;
public int getErrorcode() {
return errorcode;
}
public void setErrorcode(int errorcode) {
this.errorcode = errorcode;
}
public String getMsg() {
return msg;
}
public void setMsg(String msg) {
this.msg = msg;
}
public Object getData() {
return data;
}
public void setData(Object data) {
this.data = data;
}
@Override
public String toString() {
return "ResponseTemplate [errorcode=" + errorcode + ", msg=" + msg + ", data=" + data + "]";
}
}
3.创建Action
创建BaseAction,用于注入service层
package com.zcn.testmaven.action.base;
import com.opensymphony.xwork2.ActionSupport;
import com.zcn.testmaven.service.UserManager;
public class TestMavenBaseAction extends ActionSupport{
protected UserManager manager;
public void setManager(UserManager manager) {
this.manager = manager;
}
}
创建注册Action,用于演示用户注册。
package com.zcn.testmaven.action;
import org.apache.struts2.ServletActionContext;
import com.alibaba.fastjson.JSONObject;
import com.zcn.testmaven.action.base.TestMavenBaseAction;
import com.zcn.testmaven.util.JsonUtil;
import com.zcn.testmaven.util.Md5;
import com.zcn.testmaven.vo.ResponseTemplate;
import com.zcn.testmaven.vo.User;
import com.zcn.testmaven.vo.UserToken;
public class RegisterAction extends TestMavenBaseAction {
private JSONObject result;
private String principal;
private String pass;
public JSONObject getResult() {
return result;
}
public void setResult(JSONObject result) {
this.result = result;
}
public String getPrincipal() {
return principal;
}
public void setPrincipal(String principal) {
this.principal = principal;
}
public String getPass() {
return pass;
}
public void setPass(String pass) {
this.pass = pass;
}
public String register() {
System.out.println("==============login================");
ResponseTemplate rt = new ResponseTemplate();
UserToken userToken;
try {
String mpsStr = JsonUtil.getRequestPostData(ServletActionContext.getRequest());
// 转化为json对象
JSONObject mpsObject = JSONObject.parseObject(mpsStr);
System.out.println("mpsStr=" + mpsStr);
System.out.println("mpsObject=" + mpsObject);
// 通过key获取value
principal = mpsObject.getString("name");
pass = mpsObject.getString("pass");
System.out.println("------------参数解析完毕--------------");
if (pass != null && principal != null) {
userToken = new UserToken( principal, pass);
// 插入数据
// 对密码进行加密然后存储用户信息
User user = new User();
user.setName(principal);
user.setPass(Md5.crypt(pass));
// 如果用户记录插入成功
if (manager.insertUser(user) == 1) {
String token = Md5.crypt(userToken.getPrincipal() + userToken.getInstant());
// 返回凭证
rt.setErrorcode(0);
rt.setMsg("注册成功!");
rt.setData(token);
}
} else {
rt.setErrorcode(2);
rt.setMsg("参数不足");
}
} catch (Exception e) {
rt.setErrorcode(2);
rt.setMsg("参数不足");
e.printStackTrace();
} finally {
result = (JSONObject) JSONObject.toJSON(rt);
System.out.println("action result=" + result);
}
return SUCCESS;
}
}
创建操作json参数的工具类
package com.zcn.testmaven.util;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
public class JsonUtil {
//解析请求的Json数据
public static String getRequestPostData(HttpServletRequest request){
int contentLength = request.getContentLength();
String strResult = "";
if(contentLength<0){
return null;
}
try {
byte buffer[] = new byte[contentLength];
for (int i = 0; i < contentLength;) {
int len;
len = request.getInputStream().read(buffer, i, contentLength - i);
if (len == -1) {
break;
}
i += len;
}
strResult = new String(buffer, "utf-8");
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return strResult;
}
}
创建MD5加密类
package com.zcn.testmaven.util;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
/**
* MD5加密
*/
public class Md5 {
/**
* Encodes a string
* @param str String to encode
* @return Encoded String
*/
public static String crypt(String str) {
if (str == null || str.length() == 0) {
throw new IllegalArgumentException("String to encript cannot be null or zero length");
}
StringBuilder hexString = new StringBuilder();
try {
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(str.getBytes());
byte[] hash = md.digest();
for (byte b : hash) {
if ((0xff & b) < 0x10) {
hexString.append("0").append(Integer.toHexString((0xFF & b)));
} else {
hexString.append(Integer.toHexString(0xFF & b));
}
}
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return hexString.toString();
}
}
创建用户鉴权令牌类
package com.zcn.testmaven.vo;
import java.time.Instant;
/**
* 登录令牌,默认有效期为7天
*/
public class UserToken {
final long DEFAULT_TERM=60*60*24*7;
/**
* 用户名
*/
private String principal;
/**
* 相当于密码(一般是加密过的)
*/
private String credentials;
/**
* 放入的时间
*/
private Instant instant;
/**
* 有效期(单位:秒)
*/
private long term;
/**
* 可以放一些不敏感的信息,以便下次访问时可以直接取出,如果user属性太多可以另外写个类,比如SimpleUser,
* 存放一些经常需要用到的信息。
*/
private User User;
public String getPrincipal() {
return principal;
}
public void setPrincipal(String principal) {
this.principal = principal;
}
public String getCredentials() {
return credentials;
}
public void setCredentials(String credentials) {
this.credentials = credentials;
}
public Instant getInstant() {
return instant;
}
public void setInstant(Instant instant) {
this.instant = instant;
}
public long getTerm() {
return term;
}
public void setTerm(long term) {
this.term = term;
}
public User getUser() {
return User;
}
public void setUser(User user) {
User = user;
}
/**
* 根据时间判断是否有效
* @return 有效则返回true,否则返回false
*/
public boolean isValid(){
return Instant.now().getEpochSecond()-instant.getEpochSecond()<=term;
}
public UserToken(String principal, String credentials, Instant instant, long term, User user) {
this.principal = principal;
this.credentials = credentials;
this.instant = instant;
this.term = term;
this.User = user;
}
public UserToken(String principal, String credentials, Instant instant, long term) {
this.principal = principal;
this.credentials = credentials;
this.instant = instant;
this.term = term;
}
public UserToken(String principal, String credentials) {
this.principal = principal;
this.credentials = credentials;
this.instant = Instant.now();
this.term=DEFAULT_TERM;
}
public UserToken(String principal) {
this.principal = principal;
this.instant=Instant.now();
this.term=DEFAULT_TERM;
}
}
创建令牌池
package com.zcn.testmaven.vo;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
/**
* 认证后的令牌连接池(由于获取全局的session比较麻烦,所以自己维护一个类似session的令牌池)
* 这个令牌池,应该要定期清除过期验证码
*/
public class AuthenticationTokenPool {
/**
* 认证后的令牌连接池
*/
private static Map<String, UserToken> pool=new ConcurrentHashMap<>(10);
public static void addToken(String token,UserToken userToken){
pool.put(token, userToken);
}
/**
* 根据token凭证获取未过期的令牌,如果没有未过期的令牌则返回null
* @param token 凭证
* @return userToken 未过期的令牌
*/
public static UserToken getToken(String token){
UserToken userToken=pool.get(token);
//如果没有相应令牌则直接返回null
if (userToken==null){
return null;
}
//判断令牌是否过期
if (userToken.isValid()){
return userToken;
}else{
//清除过期令牌
pool.remove(token);
return null;
}
}
/**
* 根据凭证删除对应的令牌
* @param token 凭证
*/
public static void removeToken(String token){
pool.remove(token);
}
}
创建登录Action
package com.zcn.testmaven.action;
import org.apache.struts2.ServletActionContext;
import com.alibaba.fastjson.JSONObject;
import com.zcn.testmaven.action.base.TestMavenBaseAction;
import com.zcn.testmaven.util.JsonUtil;
import com.zcn.testmaven.util.Md5;
import com.zcn.testmaven.vo.AuthenticationTokenPool;
import com.zcn.testmaven.vo.ResponseTemplate;
import com.zcn.testmaven.vo.User;
import com.zcn.testmaven.vo.UserToken;
public class LoginAction extends TestMavenBaseAction{
private JSONObject result;
private String principal;
private String credentials;
public String getPrincipal() {
return principal;
}
public void setPrincipal(String principal) {
this.principal = principal;
}
public String getCredentials() {
return credentials;
}
public void setCredentials(String credentials) {
this.credentials = credentials;
}
public JSONObject getResult() {
return result;
}
public void setResult(JSONObject result) {
this.result = result;
}
public String login() {
System.out.println("==============login================");
ResponseTemplate rt = new ResponseTemplate();
try {
String mpsStr = JsonUtil.getRequestPostData(ServletActionContext.getRequest());
// 转化为json对象
JSONObject mpsObject = JSONObject.parseObject(mpsStr);
System.out.println("mpsStr=" + mpsStr);
System.out.println("mpsObject=" + mpsObject);
// 通过key获取value
principal = mpsObject.getString("name");
credentials = mpsObject.getString("pass");
UserToken userToken=new UserToken(principal,credentials);
String token=authenticate(userToken);
if (token!=null){
rt.setErrorcode(0);
rt.setMsg("登录成功!");
rt.setData(token);
}else {
rt.setErrorcode(1);
rt.setMsg("验证失败!");
}
}catch (Exception e) {
rt.setErrorcode(2);
rt.setMsg("参数不足");
e.printStackTrace();
} finally {
result = (JSONObject) JSONObject.toJSON(rt);
System.out.println("action result=" + result);
}
return SUCCESS;
}
/**
* 认证,如果认证成功则返回凭证,否则返回null
*
* @param userToken 未认证的令牌
* @return 如果认证成功则返回凭证,否则返回null
*/
private String authenticate(UserToken userToken) {
if (userToken.getCredentials() != null) {
// 对密码加密
userToken.setCredentials(Md5.crypt(userToken.getCredentials()));
}
try {
return handle(userToken, getUserByName(userToken));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
/**
* 获取用户信息
*
* @param userToken 令牌
* @return 认证成功返回SimpleUser
*/
private User getUserByName(UserToken userToken) {
return manager.findUserByName(userToken.getPrincipal());
}
/**
* 根据传入的user是否为null(是否认证通过)来对令牌做剩下的操作(将user刻入令牌,并将该令牌放入令牌池中)
*
* @param userToken 经过验证后的令牌
* @return token 根据令牌生成的凭证 ,如果认证未成功则返回null
* @throws Exception
*/
private String handle(UserToken userToken, User user) throws Exception {
if (user == null) {
// 说明账户不存在
throw new Exception("该用户不存在,请注册后再登录!");
}
// 判断密码是否正确
if (user.getPass().equals(userToken.getCredentials())) {
// 将User信息刻入令牌
userToken.setUser(user);
// 获取token凭证
String token = Md5.crypt(userToken.getPrincipal() + userToken.getInstant());
// 将令牌放入认证令牌池
AuthenticationTokenPool.addToken(token, userToken);
return token;
}
return null;
}
}
创建测试Action
package com.zcn.testmaven.action;
import com.zcn.testmaven.action.base.TestMavenBaseAction;
public class TestAction extends TestMavenBaseAction{
public String test() {
System.out.println("===========进入到test方法=============");
return SUCCESS;
}
}
4.创建拦截器
创建简单拦截器,如果用户请求参数中没有token则拦截,如果有放行
package com.zcn.testmaven.intercepter;
import javax.servlet.http.HttpServletRequest;
import org.apache.struts2.ServletActionContext;
import com.alibaba.fastjson.JSONObject;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import com.zcn.testmaven.util.JsonUtil;
import com.zcn.testmaven.vo.AuthenticationTokenPool;
import com.zcn.testmaven.vo.ResponseTemplate;
public class UserInterceptor extends AbstractInterceptor {
private JSONObject result;
public JSONObject getResult() {
return result;
}
public void setResult(JSONObject result) {
this.result = result;
}
@Override
public String intercept(ActionInvocation invocation) throws Exception {
System.out.println("=============进入拦截器=============");
System.out.println("action:"+invocation.getAction());
System.out.println("InvocationContext:"+invocation.getInvocationContext());
ResponseTemplate rt = new ResponseTemplate();
try {
HttpServletRequest request = ServletActionContext.getRequest();
String mpsStr = JsonUtil.getRequestPostData(ServletActionContext.getRequest());
// 转化为json对象
JSONObject mpsObject = JSONObject.parseObject(mpsStr);
System.out.println("mpsStr=" + mpsStr);
System.out.println("mpsObject=" + mpsObject);
// 通过key获取value
String token = mpsObject.getString("token");
System.out.println(request.getRequestURI());
System.out.println(request.getServletPath());
if (token==null){
throw new Exception("未授权,请重新登录!");
}
//如果是访问logout则删除对应的令牌
if ("/logout".equals(request.getServletPath())){
AuthenticationTokenPool.removeToken(token);
return invocation.invoke();//放行
}
if (AuthenticationTokenPool.getToken(token)!=null){
return invocation.invoke();//放行,这里为什么返回string?因为最终的结果返回的Action的Result,而action的结果是string类型
}else {
throw new Exception("认证失效,请重新登录!");
}
}catch(Exception e) {
System.out.println("------异常了------");
e.printStackTrace();
}
rt.setErrorcode(1);
rt.setMsg("验证失败!");
//没有登录
return Action.SUCCESS;//返回错误结果
}
}
创建方法拦截器,如果用户请求参数中没有token则拦截,如果有放行。方法拦截器中可以配置忽略的方法,简单的类拦截器则没有这个功能。
package com.zcn.testmaven.intercepter;
import javax.servlet.http.HttpServletRequest;
import org.apache.struts2.ServletActionContext;
import com.alibaba.fastjson.JSONObject;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.MethodFilterInterceptor;
import com.zcn.testmaven.util.JsonUtil;
import com.zcn.testmaven.vo.AuthenticationTokenPool;
import com.zcn.testmaven.vo.ResponseTemplate;
public class MyFilterIntercepter extends MethodFilterInterceptor{
private String name;
private JSONObject result;
public JSONObject getResult() {
return result;
}
public void setResult(JSONObject result) {
this.result = result;
}
public void setName(String name) {
this.name = name;
}
@Override
protected String doIntercept(ActionInvocation invocation) throws Exception {
// TODO Auto-generated method stub
System.out.println("==============拦截方法的拦截器==============");
System.out.println("拦截器:"+name);
ResponseTemplate rt = new ResponseTemplate();
try {
HttpServletRequest request = ServletActionContext.getRequest();
String mpsStr = JsonUtil.getRequestPostData(ServletActionContext.getRequest());
// 转化为json对象
JSONObject mpsObject = JSONObject.parseObject(mpsStr);
System.out.println("mpsStr=" + mpsStr);
System.out.println("mpsObject=" + mpsObject);
// 通过key获取value
String token = mpsObject.getString("token");
System.out.println(request.getRequestURI());
System.out.println(request.getServletPath());
if (token==null){
throw new Exception("未授权,请重新登录!");
}
//如果是访问logout则删除对应的令牌
if ("/logout".equals(request.getServletPath())){
AuthenticationTokenPool.removeToken(token);
return invocation.invoke();//放行
}
if (AuthenticationTokenPool.getToken(token)!=null){
return invocation.invoke();//放行,这里为什么返回string?因为最终的结果返回的Action的Result,而action的结果是string类型
}else {
throw new Exception("认证失效,请重新登录!");
}
}catch(Exception e) {
System.out.println("------异常了------");
e.printStackTrace();
}
rt.setErrorcode(1);
rt.setMsg("验证失败!");
//没有登录
return Action.SUCCESS;//返回错误结果
}
}
5.项目名/Java Resources/src/main/java下添加struts.xml文件
<?xml version="1.0" encoding="GBK"?>
<!-- 指定Struts 2配置文件的DTD信息 -->
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.3//EN"
"http://struts.apache.org/dtds/struts-2.3.dtd">
<!-- Struts 2配置文件的根元素 -->
<struts>
<!-- 配置了系列常量 -->
<constant name="struts.custom.i18n.resources" value="resource"/>
<constant name="struts.i18n.encoding" value="utf-8"/>
<constant name="struts.devMode" value="false"/>
<package name="json" extends="json-default">
<!-- 注册拦截器 -->
<interceptors>
<!-- name:拦截器名称;class:拦截器完整类名 -->
<!-- <interceptor
name="authority"
class="com.zcn.testmaven.intercepter.UserInterceptor"/> -->
<interceptor
name="myFilter"
class="com.zcn.testmaven.intercepter.MyFilterIntercepter">
<!-- 为拦截器指定参数值 -->
<param name="name">拦截方法的拦截器</param>
</interceptor>
<!-- 拦截器栈 -->
<interceptor-stack name="myDefaultStack">
<!-- 拦截器拦截 ,自定义拦截器一般放在最前面 -->
<interceptor-ref name="myFilter">
<!-- 重新指定name属性的属性值 -->
<param name="name">改名后的拦截方法过滤拦截器</param>
<!-- 指定login方法,register方法不需要被拦截 -->
<param name="excludeMethods">login,register</param>
<!-- 指定test()方法需要被拦截 -->
<!-- <param name="includeMethods">test</param> -->
</interceptor-ref>
<!-- 如果自己配置了拦截器,不配置下面的拦截器,则struts默认的18个拦截器不在执行 -->
<interceptor-ref name="defaultStack"></interceptor-ref>
</interceptor-stack>
</interceptors>
<!-- 将自己的拦截器栈myDefaultStack设为该包下默认拦截器栈,如此,该包下的action都会执行默认拦截器栈中的拦截器 -->
<default-interceptor-ref name="myDefaultStack"></default-interceptor-ref>
<!-- 定义处理登录系统的的Action -->
<action name="processLogin"
class="com.zcn.testmaven.action.LoginAction" method="login">
<result type="json">
<param name="root">result</param>
<param name="callbackParameter">callback</param>
</result>
</action>
<action name="register"
class="com.zcn.testmaven.action.RegisterAction" method="register">
<result type="json">
<param name="root">result</param>
<param name="callbackParameter">callback</param>
</result>
</action>
<action name="processTest"
class="com.zcn.testmaven.action.TestAction" method="test">
<result type="json">
<param name="root">result</param>
<param name="callbackParameter">callback</param>
</result>
</action>
</package>
</struts>
6.在src/main/webapp/WEB-INF,创建applicationContext.xml、daoContext.xml,先将dao层相关数据去掉,为了演示鉴权在service层只接返回,不访问数据库。
daoContext.xml添加代码
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://www.springframework.org/schema/beans"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.2.xsd">
</beans>
applicationContext.xml添加代码
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.2.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-4.2.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-4.2.xsd">
<bean id="managerTemplate" abstract="true" lazy-init="true"
/>
<!-- 定义两个业务逻辑组件,继承业务逻辑组件的模板 -->
<bean id="manager"
class="com.zcn.testmaven.service.impl.UserManagerImpl"
parent="managerTemplate"/>
</beans>
三、测试程序
1.使用postman测试登录接口,
2.不带token参数测试test接口,发现拦截掉了
3.携带token参数测试test接口,通过验证后可以进入到test方法。
写的不是很好,大家相互借鉴叭~~
写这篇文章也参考了很多网上优秀的文章
https://blog.csdn.net/qq_46101869/article/details/116424137
https://blog.csdn.net/bbsyi/article/details/125361868
https://www.cnblogs.com/Joke-Jay/p/8109912.html
https://www.cnblogs.com/luna-hehe/p/14856550.html