struts2自定义拦截器一——模拟登陆权限验证
1、http://localhost:8083/struts2/user.jsp 表示用户已登陆,存放session对象
2、http://localhost:8083/struts2/quit.jsp 表示用户已退出,移除session对象
3、http://localhost:8083/struts2/login/addUIHelloWorld.do 如果session存在则往下执行,否则提示“你没有权限执行该操作”
4、http://localhost:8083/struts2/login/executeHelloWorld.do 如果session存在则往下执行,否则提示“你没有权限执行该操作”
代码
user.jsp页面
<%
@ page language
=
"
java
"
import
=
"
java.util.*
"
pageEncoding
=
"
UTF-8
"
%>
<%
request.getSession().setAttribute(
"
user
"
,
"
ljq
"
);
%>
用户已经登录
quit.jsp页面
<%
@ page language
=
"
java
"
import
=
"
java.util.*
"
pageEncoding
=
"
UTF-8
"
%>
<%
request.getSession().removeAttribute(
"
user
"
);
%>
用户已经退出登录
Action类
package
com.ljq.action;
public
class
HelloWorldAction {
private
String message;
public
String addUI() {
this
.message
=
"
addUI
"
;
return
"
success
"
; }
public
String execute()
throws
Exception {
this
.message
=
"
execute
"
;
return
"
success
"
; }
public
String getMessage() {
return
message; }
public
void
setMessage(String message) {
this
.message
=
message; } }
权限类
package
com.ljq.interceptor;
import
com.opensymphony.xwork2.ActionContext;
import
com.opensymphony.xwork2.ActionInvocation;
import
com.opensymphony.xwork2.interceptor.Interceptor;
/**
* 限制没有登录的用户进入访问页面 * *
@author
jiqinlin *
*/
@SuppressWarnings(
"
serial
"
)
public
class
PermissionInterceptor
implements
Interceptor {
public
void
destroy() { }
public
void
init() { }
public
String intercept(ActionInvocation invocation)
throws
Exception { Object user
=
ActionContext.getContext().getSession().get(
"
user
"
);
//
如果user不为null,代表用户已经登录,允许执行action中的方法
if
(user
!=
null
){
return
invocation.invoke(); } ActionContext.getContext().put(
"
message
"
,
"
你没有权限执行该操作
"
);
return
"
success
"
; } }
struts.xml配置文件
<?
xml version
=
"
1.0
"
encoding
=
"
UTF-8
"
?>
<!
DOCTYPE struts PUBLIC
"
-//Apache Software Foundation//DTD Struts Configuration 2.0//EN
"
"
http://struts.apache.org/dtds/struts-2.0.dtd
"
>
<
struts
>
<
constant name
=
"
struts.i18n.encoding
"
value
=
"
UTF-8
"
/>
<
constant name
=
"
struts.enable.DynamicMethodInvocation
"
value
=
"
false
"
/>
<
constant name
=
"
struts.action.extension
"
value
=
"
do
"
/>
<
package
name
=
"
login
"
namespace
=
"
/login
"
extends
=
"
struts-default
"
>
<
interceptors
>
<!--
自定义拦截器
-->
<
interceptor name
=
"
permission
"
class
=
"
com.ljq.interceptor.PermissionInterceptor
"
/>
<!--
配制默许的拦截器到拦截器栈
-->
<
interceptor
-
stack name
=
"
permissionStack
"
>
<!--
此处先后顺序好像没影响哦,我尝试过是没影响的
-->
<
interceptor
-
ref name
=
"
permission
"
/>
<
interceptor
-
ref name
=
"
defaultStack
"
/>
</
interceptor
-
stack
>
</
interceptors
>
<!--
配置默认的拦截器
-->
<
default
-
interceptor
-
ref name
=
"
permissionStack
"
/>
<!--
全局变量
-->
<
global
-
results
>
<
result name
=
"
success
"
>/
WEB
-
INF
/
page
/
message.jsp
</
result
>
</
global
-
results
>
<
action name
=
"
*HelloWorld
"
class
=
"
com.ljq.action.HelloWorldAction
"
method
=
"
{1}
"
>
<!--
<
interceptor
-
ref name
=
"
permissionStack
"
/>
-->
</
action
>
</
package
>
</
struts
>
